puppet-overview-131204211724-phpapp02.pdf

Step 1: Add the Puppet Repository
Step 2: Install Puppet
Step 3: Configure the Puppet Master
Step 4: Configure a Puppet agent
Step 5: Apply Puppet Code

1. Master/Agent requires at least two servers, masterless requires only one
2. Master/Agent require DNS to be configured for SSL certificate signing purposes

Documentation Link: https://docs.puppetlabs.com/guides/install_puppet/install_debian_ubuntu.html

wget http://apt.puppetlabs.com/puppetlabs-release-wheezy.deb
dpkg -i puppetlabs-release-wheezy.deb
apt-get update

apt-get install puppetmaster-passenger

apt-get install puppet

Add the following to /etc/puppet/puppet.conf under [main] on the Puppet Master:

[main]
dns_alt_names = pupmaster.pcdomain.pvt,pupmaster

Since this will be the only Master in the deployment, it will become the CA. First stop Apache:

service apache2 stop

Next, run the following command to kick off the SSL cert generation:

puppet master --verbose --no-daemonize

Type ctrl-C to kill the process once it says:

Notice: Starting Puppet master version <VERSION>

Add some Puppet Master specific settings under [master]:

[master]
always_cache_features = true
environment_timeout = unlimited
environmentpath = $confdir/environments
basemodulepath = /etc/puppet/modules
ca = true

Comment the following setting as it is now deprecated:

[main]
#templatedir = $confdir/templates

Start the Apache service

service apache2 start

To see the location where your modules will be stored run the following command:

puppet config print manifest --section master --environment production

This should output the following directory:

/etc/puppet/environments/production/manifests

This directory does not currently exist so you must create it:

mkdir -p /etc/puppet/environments/production/manifests

Create the main manifest located in /etc/puppet/environments/production/manifests/site.pp for simple node classification:

node 'pupagent.pcdomain.pvt' {
  include roles::home::server
}

A role is simply a module that includes other modules. More specifically, a role includes profile modules.

To create the roles::home::server module you must create a file called server.pp located in /etc/puppet/environments/production/modules/roles/manifests/server.pp:

To simplify things, let's symlink /etc/puppet/modules inside of our production environment:

ln -s /etc/puppet/modules /etc/puppet/environments/production/modules

Next, create the roles module directory structure:

mkdir -p /etc/puppet/environments/production/modules/roles/manifests/home

Edit the server.pp file and have it include the profiles::home::mysql module which will be created later and will use the Puppetlabs mysql module to install and configure mysql:

vi /etc/puppet/environments/production/modules/roles/manifests/home/server.pp

class roles::home::server {
  include profiles::home::mysql
}

Note: A bug you might encounter will cause the following error message during a puppet run:

Could not evaluate: Could not retrieve information from environment production source(s) puppet://pupmaster.pcdomain.pvt/pluginfacts

To work around the bug simply create a folder named “facts.d” in the roles module directory:

mkdir /etc/puppet/environments/production/modules/roles/facts.d

Roles include profiles so we need to create the profiles module directory structure:

mkdir -p /etc/puppet/environments/production/modules/profiles/manifests/home

Edit the mysql.pp file and have it call the mysql::server class:

vi /etc/puppet/environments/production/modules/profiles/manifests/home/mysql.pp

class profiles::home::mysql {
  class { '::mysql::server':
    root_password           => 'strongpassword',
    remove_default_accounts => true,
  }
}

Note: Ensure the class is prefixed with the double colons or else the profile will try to load itself instead of the actual mysql module!

This command will install the puppetlabs-mysql module into /etc/puppet/modules, which is symlinked inside our production environment:

puppet module install puppetlabs-mysql

Edit /etc/puppet/puppet.conf and configure the agent:

[main]
server = pupmaster.pcdomain.pvt
archive_files = true
archive_file_server = pupmaster.pcdomain.pvt
    
[agent]
report = true
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
graph = true
pluginsync = true
environment = production

Also remove the [master] section from all agents.

Run the agent to generate an SSL key and CSR request for the Master:

puppet agent -t

Login to the Master and sign the certificate:

puppet cert sign pupagent.pcdomain.pvt

Which should give you the following output:

Notice: Signed certificate request for pupagent.pcdomain.pvt
Notice: Removing file Puppet::SSL::CertificateRequest pupagent.pcdomain.pvt at '/var/lib/puppet/ssl/ca/requests/pupagent.pcdomain.pvt.pem'

Login to the agent and run Puppet again which should kickoff the initial Puppet run:

puppet agent -t

Enable the agent service to have Puppet run automatically every 30 minutes by default:

update-rc.d puppet enable

Puppet Learning VM: https://puppetlabs.com/download-learning-vm

Presentation Downloaded from the following location: http://www.slideshare.net/joshbeard/puppet-overview-28908346