Installing and configuring Puppetmaster and Puppet Clients (On Ubuntu)
Puppet is a great Client/Server automation tool for your *NIX environment. The tool can be used to automate:
Installations
Updates
Deployment
Service manipulation
etc…
NOTE: Typically, the client(puppet/node) retrieves updates from the server (Puppetmaster). However you can enable push from the server to client as well. See “Client Configuration”.
Follow the below steps to get a basic configuration going.
Installation: Server
|
1 |
apt-get install puppetmaster |
Installation: Client
|
1 |
apt-get install puppet |
Note: Although not required, you may want to make sure you have the same version of Puppet and Puppetmaster. I have Puppet 2.6.3 and Puppetmaster 2.7.1 running sucessfully, but have had issues with previous versions and installations.
If you like to install the same exact version of client/server you have some options:
1. Install via Ruby
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
apt-get install build-essential zlib1g zlib1g-dev libxml2 libxml2-dev curl wget openssl libssl-dev libopenssl-ruby mkdir /root/installs cd /root/installs wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.2-p180.tar.gz tar zxvf ruby-1.9.2-p180.tar.gz cd ruby-1.9.2-p180 ./configure make make install gem update --system gem install facter gem install puppet |
2. Install from source (Assuming you have ruby installed)
|
1 2 3 4 5 6 7 8 |
wget http://puppetlabs.com/downloads/facter/facter-latest.tgz gzip -d -c facter-latest.tgz | tar xf - cd facter-* ruby install.rb wget http://puppetlabs.com/downloads/puppet/puppet-latest.tgz gzip -d -c puppet-latest.tgz | tar xf - ruby install.rb |
3. Another way to install
|
1 2 3 |
apt-get install ruby rubygems libopenssl-ruby export RUBYOPT=rubygems gem install facter puppet |
4. Install form 3rd Party repository
|
1 2 3 4 5 6 |
apt-get install python-software-properties add-apt-repository ppa:mathiaz/puppet-backports apt-get update apt-get install puppetmaster -OR- apt-get install puppet |
Configuration: Server
Edit the puppet.conf file and add the following lines
|
1 2 3 4 5 6 7 8 |
vi /etc/puppet/puppet.conf [agent] classfile = $vardir/classes.txt localconfig = $vardir/localconfig report = true [master] autosign = true |
Edit the fileserver.conf file and add the following lines
|
1 2 3 4 5 6 7 8 9 10 11 |
vi /etc/puppet/fileserver.conf [files] path /etc/puppet/files allow 10.176.0.0/16 [plugins] allow 10.176.0.0/16 [modules] allow 10.176.0.0/16 |
Create the files directory specified above (required to start the puppetmaster service)
|
1 |
mkdir /etc/puppet/files |
Configure your nodes (client) below. The templates will apply to these nodes only.
|
1 2 3 4 5 6 7 8 9 10 11 |
vi /etc/puppet/manifests/nodes.pp node 'basenode' { include baseclass } node 'mobile101.example.com' inherits basenode { } node 'mobile102.example.com' inherits basenode { } |
Configure your templates. Here you’re listing the modules will effect your clients.
|
1 2 3 4 5 6 7 8 9 10 11 12 |
vi /etc/puppet/manifests/templates.pp node default { include baseclass } class baseclass { include mobile::mobile_content include mobile::mobile_settings include mobile::mobile_wsgi_app include mobile::mobile_django } |
Edit the site.pp and import your nodes and templates
|
1 2 3 4 5 6 |
vi /etc/puppet/manifests/site.pp import "nodes" import "templates" filebucket { main: server => puppet } |
Restart puppetmaster to enable the above changes
|
1 |
/etc/init.d/puppetmaster restart |
Configuration: Client
There are only a few steps to get the client up and running. First up is the puppet main configuration file. Edit the file below and make changes.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
vi /etc/puppet/puppet.conf # VERY IMPORTANT... THE "SERVER" VARIABLE MUST BE USING THE HOSTNAME OF THE PUPPETMASTER..NOT AN ALIAS!! [main] server = puppetmaster.example.com #[puppetmasterd] #templatedir=/var/lib/puppet/templates [agent] report = true listen = true runinterval = 3600 #1 hour |
Configure puppet to automatically at boot
|
1 2 |
vi /etc/default/puppet START=yes |
Create the following required file
|
1 |
touch /etc/puppet/namespaceauth.conf |
Created the following file if you like to push content manually from the server.
|
1 2 3 |
vi /etc/puppet/auth.conf path /run allow puppetmaster.example.com |
In this example, I’m using upstart to recycle a service. You’ll to copy “upstart.rb” from the server to client.
|
1 2 |
cd /usr/lib/ruby/1.8/puppet/provider/service/ scp username@puppetmaster.example.com:/usr/lib/ruby/1.8/puppet/provider/service/upstart.rb . |
Configuration: Certificate
STEP1: On the Client:
|
1 |
puppetd --server puppetmaster.example.com --waitforcert 60 |
STEP2: On the Server:
|
1 2 3 |
puppetca -la puppetca --sign mobile101.example.com puppetca --sign mobile102.example.com |
STEP3: On the Client:
|
1 2 |
pkill puppet /etc/init.d/puppet restart |
STEP4: Only if necessary: Troubleshooting Certificate Issues:
|
1 2 3 4 5 6 7 8 |
#On the server puppetca -r mobile101.example.com puppetca -c mobile101.example.com /etc/init.d/puppetmaster restart #On the client pkill puppetd rm /var/lib/puppet/ssl/ -rf |
Repeat the certificate creation process
Configuration: Modules
At this point there are no configuration left on the client. As long as the certificate was configured properly all changes make beyond this point are all on the server. Lets configure a mobile module we included in the configuration above. Lets start off with the required directory structure.
|
1 2 3 4 5 |
mkdir /etc/puppet/files mkdir /etc/puppet/modules mkdir /etc/puppet/modules/mobile/ mkdir /etc/puppet/modules/mobile/files mkdir /etc/puppet/modules/mobile/manifests |
The files directory structure is listed below. In this case we’re assuming you’re going to be deploying a website named “mobile” with it’s root/content of “var/www/mobile”. You can touch these files for this example.
|
1 2 3 4 5 6 |
ls -m /etc/puppet/modules/mobile/* /etc/puppet/modules/mobile/files: mobile /etc/puppet/modules/mobile/manifests: config.pp, init.pp, service.pp |
Modify the init.pp file
|
1 2 3 |
class mobile { include mobile::config, mobile::service } |
Modify the config.pp file
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 |
class mobile::config { file { "/var/www/mobile": ensure => present, source => "puppet:///modules/mobile/mobile", recurse => true, group => "www-data", owner => "www-data", mode => "0644" } file { "/var/www/mobile/MobileTicketSales/settings.py": ensure => present, source => "puppet:///modules/mobile/settings.py", recurse => true, group => "www-data", owner => "www-data", mode => "0644" } file { "/var/www/mobile/MobileTicketSales/wsgi_app.py": ensure => present, source => "puppet:///modules/mobile/wsgi_app.py", recurse => true, group => "www-data", owner => "www-data", mode => "0644" } file { "/var/www/mobile/MobileTicketSales/django.wsgi": ensure => present, source => "puppet:///modules/mobile/django.wsgi", recurse => true, group => "www-data", owner => "www-data", mode => "0644" } } |
Modify the service.pp file
|
1 2 3 4 5 6 7 8 9 10 11 |
class mobile::service { service { "mobile": provider => "upstart", ensure => running, hasstatus => true, hasrestart => true, enable => true, subscribe => File["/var/www/mobile/MobileTicketSales/settings.py"], #require => Class["mobile::config"], } } |
That’s all she wrote. Your clients should retrive any changes hourly (based on configuration above). If you like to push content manually from the server:
|
1 |
puppetrun --host mobile101.example.com |