====== Presentation ======
{{wiki/qclug_presentations/puppet-overview-131204211724-phpapp02.pdf}}
====== Puppet Demonstration Steps ======
Step 1: Add the Puppet Repository\\
Step 2: Install Puppet\\
Step 3: Configure the Puppet Master\\
Step 4: Configure a Puppet agent\\
Step 5: Apply Puppet Code
===== Prerequisites =====
- Master/Agent requires at least two servers, masterless requires only one
- Master/Agent require DNS to be configured for SSL certificate signing purposes
===== Installing Open Source Puppet =====
Documentation Link: https://docs.puppetlabs.com/guides/install_puppet/install_debian_ubuntu.html
==== Add the Puppet Repository ====
wget http://apt.puppetlabs.com/puppetlabs-release-wheezy.deb
dpkg -i puppetlabs-release-wheezy.deb
apt-get update
==== Install Puppet on the Puppet Master Server ====
apt-get install puppetmaster-passenger
==== Install the Puppet Agent ====
apt-get install puppet
===== Configuring the Puppet Master =====
Add the following to /etc/puppet/puppet.conf under [main] on the Puppet Master:
[main]
dns_alt_names = pupmaster.pcdomain.pvt,pupmaster
Since this will be the only Master in the deployment, it will become the CA.
First stop Apache:
service apache2 stop
Next, run the following command to kick off the SSL cert generation:
puppet master --verbose --no-daemonize
Type ctrl-C to kill the process once it says:
Notice: Starting Puppet master version
Add some Puppet Master specific settings under [master]:
[master]
always_cache_features = true
environment_timeout = unlimited
environmentpath = $confdir/environments
basemodulepath = /etc/puppet/modules
ca = true
Comment the following setting as it is now deprecated:
[main]
#templatedir = $confdir/templates
Start the Apache service
service apache2 start
===== Set up your production environment =====
To see the location where your modules will be stored run the following command:
puppet config print manifest --section master --environment production
This should output the following directory:
/etc/puppet/environments/production/manifests
This directory does not currently exist so you must create it:
mkdir -p /etc/puppet/environments/production/manifests
==== Classify a node ====
Create the main manifest located in /etc/puppet/environments/production/manifests/site.pp for simple node classification:
node 'pupagent.pcdomain.pvt' {
include roles::home::server
}
==== Create a module ====
=== Roles ===
A role is simply a module that includes other modules. More specifically, a role includes profile modules.
To create the roles::home::server module you must create a file called server.pp located in /etc/puppet/environments/production/modules/roles/manifests/server.pp:
To simplify things, let's symlink /etc/puppet/modules inside of our production environment:
ln -s /etc/puppet/modules /etc/puppet/environments/production/modules
Next, create the roles module directory structure:
mkdir -p /etc/puppet/environments/production/modules/roles/manifests/home
Edit the server.pp file and have it include the profiles::home::mysql module which will be created later and will use the Puppetlabs mysql module to install and configure mysql:
vi /etc/puppet/environments/production/modules/roles/manifests/home/server.pp
class roles::home::server {
include profiles::home::mysql
}
//Note: A bug you might encounter will cause the following error message during a puppet run://
Could not evaluate: Could not retrieve information from environment production source(s) puppet://pupmaster.pcdomain.pvt/pluginfacts
To work around the bug simply create a folder named "facts.d" in the roles module directory:
mkdir /etc/puppet/environments/production/modules/roles/facts.d
=== Profiles ===
Roles include profiles so we need to create the profiles module directory structure:
mkdir -p /etc/puppet/environments/production/modules/profiles/manifests/home
Edit the mysql.pp file and have it call the mysql::server class:
vi /etc/puppet/environments/production/modules/profiles/manifests/home/mysql.pp
class profiles::home::mysql {
class { '::mysql::server':
root_password => 'strongpassword',
remove_default_accounts => true,
}
}
//Note: Ensure the class is prefixed with the double colons or else the profile will try to load itself instead of the actual mysql module!//
==== Install the puppetlabs-mysql module ====
This command will install the puppetlabs-mysql module into /etc/puppet/modules, which is symlinked inside our production environment:
puppet module install puppetlabs-mysql
===== Configuring a Puppet Agent =====
Edit /etc/puppet/puppet.conf and configure the agent:
[main]
server = pupmaster.pcdomain.pvt
archive_files = true
archive_file_server = pupmaster.pcdomain.pvt
[agent]
report = true
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
graph = true
pluginsync = true
environment = production
Also remove the [master] section from all agents.
Run the agent to generate an SSL key and CSR request for the Master:
puppet agent -t
Login to the Master and sign the certificate:
puppet cert sign pupagent.pcdomain.pvt
Which should give you the following output:
Notice: Signed certificate request for pupagent.pcdomain.pvt
Notice: Removing file Puppet::SSL::CertificateRequest pupagent.pcdomain.pvt at '/var/lib/puppet/ssl/ca/requests/pupagent.pcdomain.pvt.pem'
Login to the agent and run Puppet again which should kickoff the initial Puppet run:
puppet agent -t
Enable the agent service to have Puppet run automatically every 30 minutes by default:
update-rc.d puppet enable
===== Additional Resources =====
Puppet Learning VM:
https://puppetlabs.com/download-learning-vm
Presentation Downloaded from the following location:
http://www.slideshare.net/joshbeard/puppet-overview-28908346