Differences

This shows you the differences between two versions of the page.

--- wiki:qclug_presentations:puppet [2015/11/11 21:05]
Root [Setup R10K]
+++ wiki:qclug_presentations:puppet [2015/11/11 22:07] (current)
Root [Setup R10K]
@@ Line 7: / Line 7: @@
 Step 1: Add the Puppet Repository\\
 Step 2: Install Puppet\\
-Step 3: Install R10K\\
+Step 3: Configure the Puppet Master\\
-Step 4: Install Hiera\\
+Step 4: Configure a Puppet agent\\
-Step 5: Install and Configure a Puppet agent\\
+Step 5: Apply Puppet Code
-Step 6: Apply Puppet Code
 ===== Prerequisites =====
-  - Master/Agent requires at least 2 servers, masterless requires only 1.
+  - Master/Agent requires at least two servers, masterless requires only one
-  - Master/Agent should have DNS configured, but IP addresses could work as well.
+  - Master/Agent require DNS to be configured for SSL certificate signing purposes
 ===== Installing Open Source Puppet =====
@@ Line 65: / Line 64: @@
 [master]
 always_cache_features = true
-environment_timeout=unlimited
+environment_timeout = unlimited
-environmentpath=$confdir/environments
+environmentpath = $confdir/environments
 basemodulepath = /etc/puppet/modules
 ca = true
@@ Line 74: / Line 73: @@
 <code>
 [main]
-#templatedir=$confdir/templates
+#templatedir = $confdir/templates
 </code>
+Start the Apache service
+<code>
+service apache2 start
+</code>
 ===== Set up your production environment =====
@@ Line 100: / Line 103: @@
 node 'pupagent.pcdomain.pvt' {
   include roles::home::server
-}
-node 'laptop.pcdomain.pvt' {
-  include roles::home::laptop
 }
 </code>
@@ Line 120: / Line 120: @@
 Next, create the roles module directory structure:
 <code>
-mkdir -p /etc/puppet/environments/production/modules/roles/manifests
+mkdir -p /etc/puppet/environments/production/modules/roles/manifests/home
 </code>
-Edit the server.pp file and have it include the profiles::home::apache module which will be created later and will use the Puppetlabs apache module to install and configure apache:
+Edit the server.pp file and have it include the profiles::home::mysql module which will be created later and will use the Puppetlabs mysql module to install and configure mysql:
 <code>
-vi /etc/puppet/environments/production/modules/roles/manifests/server.pp
+vi /etc/puppet/environments/production/modules/roles/manifests/home/server.pp
 </code>
 <code>
 class roles::home::server {
-  include profiles::home::apache
+  include profiles::home::mysql
 }
+</code>
+//Note: A bug you might encounter will cause the following error message during a puppet run://
+<code>
+Could not evaluate: Could not retrieve information from environment production source(s) puppet://pupmaster.pcdomain.pvt/pluginfacts
+</code>
+To work around the bug simply create a folder named "facts.d" in the roles module directory:
+<code>
+mkdir /etc/puppet/environments/production/modules/roles/facts.d
 </code>
@@ Line 142: / Line 152: @@
 </code>
-Edit the apache.pp file and have it call the apache class:
+Edit the mysql.pp file and have it call the mysql::server class:
 <code>
-vi /etc/puppet/environments/production/modules/profiles/manifests/home/apache.pp
+vi /etc/puppet/environments/production/modules/profiles/manifests/home/mysql.pp
 </code>
 <code>
-class profiles::home::apache {
+class profiles::home::mysql {
-  class { '::apache':  }
+  class { '::mysql::server':
+    root_password           => 'strongpassword',
+    remove_default_accounts => true,
+  }
 }
 </code>
-//Note: Ensure the class is prefixed with the double colons or else the profile will try to load itself instead of the actual apache module!//
+//Note: Ensure the class is prefixed with the double colons or else the profile will try to load itself instead of the actual mysql module!//
-==== Install the puppetlabs-apache module ====
+==== Install the puppetlabs-mysql module ====
-This command will install the puppetlabs-apache module into /etc/puppet/modules, which is symlinked inside our production environment:
+This command will install the puppetlabs-mysql module into /etc/puppet/modules, which is symlinked inside our production environment:
 <code>
-puppet module install puppetlabs-apache
+puppet module install puppetlabs-mysql
 </code>
@@ Line 167: / Line 180: @@
 <code>
 [main]
-    server = pupmaster.pcdomain.pvt
+server = pupmaster.pcdomain.pvt
+archive_files = true
+archive_file_server = pupmaster.pcdomain.pvt
 [agent]
-    report = true
+report = true
-    classfile = $vardir/classes.txt
+classfile = $vardir/classes.txt
-    localconfig = $vardir/localconfig
+localconfig = $vardir/localconfig
-    graph = true
+graph = true
-    pluginsync = true
+pluginsync = true
-    environment = production
+environment = production
+</code>
+Also remove the [master] section from all agents.
+Run the agent to generate an SSL key and CSR request for the Master:
+<code>
+puppet agent -t
+</code>
+Login to the Master and sign the certificate:
+<code>
+puppet cert sign pupagent.pcdomain.pvt
+</code>
+Which should give you the following output:
+<code>
+Notice: Signed certificate request for pupagent.pcdomain.pvt
+Notice: Removing file Puppet::SSL::CertificateRequest pupagent.pcdomain.pvt at '/var/lib/puppet/ssl/ca/requests/pupagent.pcdomain.pvt.pem'
+</code>
+Login to the agent and run Puppet again which should kickoff the initial Puppet run:
+<code>
+puppet agent -t
+</code>
+Enable the agent service to have Puppet run automatically every 30 minutes by default:
+<code>
+update-rc.d puppet enable
 </code>
-===== Setup R10K =====
 ===== Additional Resources =====

QCLUG Wiki

User Tools

Site Tools

Differences

Page Tools