Puppet Master and agent Deployment on Centos/Redhat 6 / 7

Puppet  is one of the most popular Devops tool we are sharing only implementation part here :

For  puppet  3.8  or Later

Puppet  master Requirement  :   
Puppet master Installation and mangement

Requirement

  • 2 GB RAM
  • 1 core CPU
  • 20 GB HDD
  • Redhat 6.4 or later

Important : we are using Redhat 6.4 for Puppet master


Step 1 : Setup Hostname and NTP client for both the machine

A) For puppet Master IP Address : 192.168.0.100


[root@localhost ~]# hostname puppetmaster.example.com # Setting hostname

[root@localhost ~]# cat /etc/sysconfig/network # setting hostname permanently
NETWORKING=yes
HOSTNAME=puppetmaster.example.com


B) For puppet Agent IP Address : 192.168.0.102

[root@localhost ~]# hostname puppetnode1.example.com # Setting hostname Temporary

[root@localhost ~]# cat /etc/sysconfig/network # setting hostname permanently
NETWORKING=yes
HOSTNAME=puppetnode1.example.com


Important : Make sure both the system can ping eachother by name if they are not then manage entry in given file

Note: Steps need to do in both the system

[root@server ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6


192.168.0.100 server.example.com
192.168.0.102 node1.example.com




Configuring Puppet Master :


1. Installing and start the service of ntp also make service persistant

[root@server ~]# yum install ntp

[root@server ~]# service ntpd restart
Shutting down ntpd: [ OK ]
Starting ntpd: [ OK ]

[root@server ~]# chkconfig ntpd on


2. Installing yum path for puppet master

[root@server ~]# rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm


[root@server ~]# yum install puppet-server 

3. Configure the Puppet master and start the service

[root@server ~]# cat /etc/puppet/puppet.conf

[main]

# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet

# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet

# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
dns_alt_names = server.example.com



Note: Here you only need to add dns_alt_name (Hostname of puppet master) part under main section



Important and Warning : In case you don’t have RAM size of 2GB then you can change in given configuration file .
If you are not doing this in case of less amount to RAM then it will be throghing the error.



[root@server ~]# cat /etc/sysconfig/puppetserver
###########################################
# Init settings for puppetserver
###########################################

# Location of your Java binary (version 7 or higher)
JAVA_BIN="/usr/bin/java"

# Modify this if you'd like to change the memory allocation, enable JMX, etc
#JAVA_ARGS="-Xms2g -Xmx2g -XX:MaxPermSize=256m"
JAVA_ARGS="-Xms1g -Xmx1g"



Now start the service of Puppet master also make this persistant


[root@server ~]# service puppetserver restart

[root@server ~]# chkconfig puppetserver on


Make sure you have firewall rules enable .

[root@server ~]# iptables -I INPUT -p tcp --dport 8140 -j ACCEPT

[root@server ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]


Important : Puppet master port number is 8140




4 . Now Installing and Managing Puppet node


i) Ntp client configuration and Yum repo installation for puppet agent / puppet node


[root@server ~]# yum install ntp

[root@node1 ~]# service ntpd restart
Shutting down ntpd: [ OK ]
Starting ntpd: [ OK ]

[root@node1 ~]# chkconfig ntpd on


ii) Installing yum path for puppet agent



III) Configuring the puppet agent






[root@node1 tmp]# cat /etc/puppet/puppet.conf

[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet

# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet

# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl

[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt
server = server.example.com

# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig


Note : Here you need to make changes only in agent section part only for puppet master hostname



IV) Now start the service of puppet agent

[root@node1 tmp]# puppet resource service puppet ensure=running enable=true


Note : 
For making puppet production ready we need to configure puppet master and agent in SSL/TLS mode
V) Generating and Sending Certificate Request to Puppet Master

[root@node1 tmp]# puppet agent --test --ca_server=server.example.com



Note : Its done from agent Node now you can need to check from Puppet master Side sign this CSR (certificate signing Request )



5. Puppet Master Signing the CSR from Node


I) Checking Request

[root@server ]# puppet cert list

Note : It will show the list of Request

II) Sign the CSR

[root@server ]# puppet cert sign node1.example.com



Note : Its Done from Puppet Master and Node






GETTING STARTED WITH MANIFEST :


Puppet master Store its Program in file name site.pp called manifest for any kind of configuration management


[root@server ~]# cd /etc/puppet

[root@server puppet]# ls

auth.conf manifests modules puppet.conf

[root@server puppet]# cd manifests/

[root@server manifests]# ls
site.pp

Writing Programes :

i) A simple programe for creating a directory to all the nodes

[root@server manifests]# cat /etc/puppet/manifests/site.pp

node 'node1.example.com' { # Applies only to mentioned node; if nothing mentioned, applies to all.
file { '/ashutoshh': # Resource type file
ensure => 'directory', # Create as a diectory
owner => 'root', # Ownership
group => 'root', # Group Name
mode => '0755', # Directory permissions
}



Note : Go to Puppet Agent side and Pull these changes

[root@node1 /]# puppet agent –test

Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for node1.example.com
Info: Applying configuration version '1479789168'
Notice: /Stage[main]/Main/Node[node1.example.com]/File[/ashutoshh]/ensure: created
Notice: Finished catalog run in 0.04 seconds


[root@node1 /]# ls
ashutoshh boot etc lib lost+found misc net proc sbin srv tmp var
bin dev home lib64 media mnt opt root selinux sys usr
[root@node1 /]#





... wait for more  updates 

Comments

Post a Comment