6. Create /etc/puppet/puppetdb.conf with the following content[root@puppetmaster ]# cat /etc/puppet/puppetdb.conf[main]server = puppetmasterport = 8081soft_write_failure = false
There are a variety of ways to install open source Puppet. We will use the debian package called puppetmaster-passenger, which is provided by Puppet Labs. The puppetmaster-passenger package includes the Puppet master plus production-ready web server (Passenger with Apache), which eliminates a few configuration steps compared to using the basic puppetmaster package.
Puppet first steps: How to install a puppetmaster with a puppetclient
First of all - this is a great tutorial. I was able to get puppet masterless to run in a couple hours (2 to read and digest and about an hour to take my time and do the work. Since we already had some RHEL 7 VMs and Bitbucket, I used those as my machine and git repo respectively. I downloaded and installed RHEL puppet using Step 4 on the Puppet Installation website ( _puppet/install_el.html) - Step 4: Install Puppet on Agent Nodes. I ensured I had an ssh key from my machine to Bitbucket. I then followed the configuration steps in this tutorial for all the puppet config and module creation steps. The cron entry worked on the first puppet apply. Thanks for this!
I use the shell provisioner to install puppet on the puppet master and the puppet client and this is run during the first vargrant up, I then allow each machine to see the others using /etc/hosts via the vagrant hostsupdater plugin.
In short, you don't even need 8139 open.In long:The puppetmaster does not under any circumstances install modules onthe client, regardless of what ports are open where. Instead, theclient initiates one or more connections to the server, pulls downinstructions and data, and performs whatever system modifications arerequired. The client does all that either on demand at regularintervals, depending on how it is set up. No ports need to be open inthe client's firewall for this to work, but that firewall must notinterfere with traffic on connections that the client initiates.The puppet agent also has a feature, disabled by default, where itlistens on port 8139 for "kick" messages. Such messages trigger theagent to perform the same operations already described above (i.e.this is a special case of on-demand runs). Only for that feature towork does the client need port 8139 to be open.On the other side, the puppetmaster's firewall must leave thepuppmaster port open for clients to be able to connect. That port is8140 by default.John
It is just that one of my puppet client is a cloud server on Rackspaceand while it can connect to the puppetmaster and apply basicconfigurations(like write a file) from puppetmaster manifest butunable configure things (such as install apache/tomcat etc.)
> > On 30/11/2011, at 5:29, Namrata wrote:>> >> Thanks Nan.>> >> So, my puppetmaster should be able to install modules on puppet client> >> if the port 8139 is open?>> >> On Nov 29, 10:24 am, Nan Liu wrote:> >>> On Tue, Nov 29, 2011 at 6:19 PM, Namrata wrote:> >>>> Just a quick question. In order for puppet run to execute successfully> >>>> on puppet client (ubuntu 10.04), the port 8139 on puppet client should> >>>> be open and listening correct? Do we also require that port 8140 be> >>>> open and running on puppet client?>> >>> You don't need that port unless you plan to enable listen and use> >>> puppet kick. 8140 is the default puppet master port and not for the> >>> agent.>> >>> Nan>> >> --> >> You received this message because you are subscribed to the Google Groups "Puppet Users" group.> >> To post to this group, send email to puppet...@googlegroups.com.> >> To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
On Nov 29, 4:00 pm, Namrata wrote:> Thanks everyone for the clarifications to a puppet newbie aka me :)> It is much clear now.>> It is just that one of my puppet client is a cloud server on Rackspace> and while it can connect to the puppetmaster and apply basic> configurations(like write a file) from puppetmaster manifest but> unable configure things (such as install apache/tomcat etc.)
Once the first virtual machine is completely installed, boot into it. Then, set up the second virtual machine, the one that will act as our puppet client. Proceed just as you did with the first machine, with one exception: In VirtualBox and within the Ubuntu installation process, name the second machine puppetclient instead of puppetserver.
Upon finishing the installation, boot into the second VM just as you did with the first one. This should result in two VirtualBox windows, both running Ubuntu 12.04, both offering you a login prompt. Next, we need to configure some VirtualBox settings, so please log into both machines (user: ubuntu, password ubuntu), and shut them down with sudo poweroff.
You can verify that a node can "see" your hiera settings with the command sudo puppet lookup --node --compile --explain on the standalone puppetmaster. The compile is needed to set all the right facts for hiera in Cloud VPS, and there will be a lot of warnings you can ignore. The answer will be at the end of the command's output.
Puppetdb can be enabled on standalone puppetmasters on Cloud VPS by designating a puppetdb server with the role::puppetmaster::puppetdb role and a lot of hiera values on both the DB server and the puppetmaster. This requires significant effort and is not a recommended configuration unless you have significant experience with puppet, need it and are able to maintain the setup, including your own postgresql database. It is not likely to succeed unless puppetmaster runs on Debian Stretch/Buster (you may have problems if your puppetmaster OS and puppetdb OS do not match due to PuppetDB termini packaging), and it is guaranteed to break your puppet setup if you just enable it without following a particular order. Notes on that can be found on the standalone puppetdb notes page.
There are a variety of ways to install open source Puppet. We will use the debian package called puppetmaster-passenger, which is provided by Puppet Labs. The puppetmaster-passenger package includes the Puppet master plus production-ready web server (Passenger with Apache), which eliminates a few configuration steps compared to using the basic puppetmaster package.
The puppetlabs recommend this one, as it will save us a step in the post-install tasks. It will install Puppet and its prerequisites, and automatically configure a production-capacity web server. In other words, this puppetmaster-passenger package includes the Puppet master plus production-ready web server (Passenger with Apache), which eliminates a few configuration steps compared to using the basic puppetmaster package.
Note that this module no longer explicitly requires the puppetlabs apache module. If you want to use the apache functionality of this module you will have to specify that the apache module is installed with:
Puppet Configuration is a Ruby based Configuration Management System with client/server model, licensed under GPLv2 .It has one Master server puppetmasterd and all other machines are configured as puppet clients . We set configurations at the puppet server and then push them to all clients which are connected to the master. The client puppet correctly applies the corresponding configurations on the client machine regardless of their platform difference.
Before installing Puppet, we need to setup some dependencies. First we need ruby with common library files(xml,ssl,etc.) installed, and facter, which is another ruby project that gathers all system information. Facter will be installed in all puppet clients. The puppet server retrieves the client configuration settings and other system-specific details from facter.
Last and very powerful feature of the puppet is the way Puppet server define the Client configurations. For that Puppet use one declarative language which support most of the high level language constructs like OOPs. So lets try one simple configuration which change the permission of /etc/passwd file at all the clients connected with server to 640 and check Apache webserver installed or not , if not, puppet client will install it automatically.
In the provisioners section, we have our two provisioners: first Packer will run the shell script to install Puppet, and then it will use the puppet-masterless provisioner to apply the Puppet manifests.
Now, when I run vagrant up puppetagent-1, my box will first run my shell script to install the Puppet agent software, but then use the Puppet provisioner to install Apache while connecting to my Puppet master. Here is some of the output related to the Puppet agent provisioning process:
The first step was to rip out the puppet foss packages. rpm -qa grep puppet gives me the list of what to uninstall on the nodes I want to preserve. It may vary based on the role assigned to a node. For instance, on my build node: 2ff7e9595c
Comments