CloudExpert: February 2015

PupperMaster

--------------

OS: Ubuntu 14.04

wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb

dpkg -i puppetlabs-release-trusty.deb

apt-get update

apt-get install puppetmaster-passenger

service apache2 stop

Lock the Version

--------------------

puppet help | tail -n 1

vi /etc/apt/preferences.d/00-puppet.pref

/etc/apt/preferences.d/00-puppet.pref

Package: puppet puppet-common puppetmaster-passenger

Pin: version 3.6*

Pin-Priority: 501

Setup Names and certificates

-----------------------------------

rm -rf /var/lib/puppet/ssl

Configure Certificate

---------------------------

vi /etc/puppet/puppet.conf

[main]

logdir=/var/log/puppet

vardir=/var/lib/puppet

ssldir=/var/lib/puppet/ssl

rundir=/var/run/puppet

factpath=$vardir/lib/facter

templatedir=$confdir/templates

certname = puppet

dns_alt_names = puppet,puppet.nyc2.example.com

[master]

# These are needed when the puppetmaster is run by passenger

# and can safely be removed if webrick is used.

ssl_client_header = SSL_CLIENT_S_DN

ssl_client_verify_header = SSL_CLIENT_VERIFY

Generate New Certificate

--------------------------------

puppet master --verbose --no-daemonize

Notice: Starting Puppet master version 3.6.2,

press CTRL C

puppet cert list -all

Configure puppet master

-------------------------------

vi /etc/puppet/puppet.conf

Main Manifest file

------------------------

touch /etc/puppet/manifests/site.pp

Start Puppet master

--------------------------

service apache2 service

Ubuntu

----------

Install Puppet Agent

--------------------------

wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb

dpkg -i puppetlabs-release-trusty.deb

apt-get update

apt-get install puppet

vi /etc/default/puppet

START=yes

Lock the Version

-------------------

vi /etc/apt/preferences.d/00-puppet.pref

# /etc/apt/preferences.d/00-puppet.pref

Package: puppet puppet-common

Pin: version 3.6*

Pin-Priority: 501

Configure Agent

---------------------

vi /etc/puppet/puppet.conf

[agent]

server = puppet.nyc2.example.com

service puppet start

Sign Request On Master

------------------------

puppet cert list

Here you will see the appropriate client certificate without + sign

Sign a Request

puppet cert sign host1.nyc2.example.com

puppet cert sign –all

after this step you will see the + sign on the certificate finger print

REVOKE Certificates

---------------------

puppet cert clean hostname

puppet cert list --all

Puppet Client Centos

----------------------------

wget http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm

rpm -Uvh puppetlabs-release-el-6.noarch.rpm

yum install puppet

vim /et c/puppet/puppet.conf

[agent]

server = bingo

# puppet agent –test

This will generate certificate

Go to puppermaster and then do the following steps

#puppet cert list -a

Here you can see the clinet request

# puppet cert sign “hostname”

Test the result in client

CloudExpert

Tuesday, 3 February 2015

Puppet Server and Client Setup