reg88.com

fine...I'll blog too

Installing and Configuring Puppetmaster and Puppet Clients (on Ubuntu)

Puppet is a great Client/Server automation tool for your *NIX environment. The tool can be used to automate:

Installations
Updates
Deployment
Service manipulation
etc…

NOTE: Typically, the client(puppet/node) retrieves updates from the server (Puppetmaster). However you can enable push from the server to client as well. See “Client Configuration”.

Follow the below steps to get a basic configuration going.

Installation: Server

1
apt-get install puppetmaster

Installation: Client

1
apt-get install puppet

Note: Although not required, you may want to make sure you have the same version of Puppet and Puppetmaster. I have Puppet 2.6.3 and Puppetmaster 2.7.1 running sucessfully, but have had issues with previous versions and installations.

If you like to install the same exact version of client/server you have some options:
1. Install via Ruby

1
2
3
4
5
6
7
8
9
10
11
12
13
apt-get install build-essential zlib1g zlib1g-dev libxml2 libxml2-dev curl wget openssl libssl-dev libopenssl-ruby
mkdir /root/installs
cd /root/installs
wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.2-p180.tar.gz  
tar zxvf ruby-1.9.2-p180.tar.gz
cd ruby-1.9.2-p180
./configure
make
make install
gem update –system

gem install facter
gem install puppet
  1. Install from source (Assuming you have ruby installed)
1
2
3
4
5
6
7
8
wget http://puppetlabs.com/downloads/facter/facter-latest.tgz  
gzip -d -c facter-latest.tgz | tar xf -
cd facter-*
ruby install.rb

wget http://puppetlabs.com/downloads/puppet/puppet-latest.tgz  
gzip -d -c puppet-latest.tgz | tar xf -
ruby install.rb
  1. Another way to install
1
2
3
apt-get install ruby rubygems libopenssl-ruby
export RUBYOPT=rubygems
gem install facter puppet
  1. Install form 3rd Party repository
1
2
3
4
5
6
apt-get install python-software-properties
add-apt-repository ppa:mathiaz/puppet-backports
apt-get update
apt-get install puppetmaster
-OR-
apt-get install puppet

Configuration: Server
Edit the puppet.conf file and add the following lines

1
2
3
4
5
6
7
8
vi /etc/puppet/puppet.conf
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
report = true

[master]
autosign = true

Edit the fileserver.conf file and add the following lines

1
2
3
4
5
6
7
8
9
10
11
vi /etc/puppet/fileserver.conf

[files]
path /etc/puppet/files
allow 10.176.0.0/16

[plugins]
allow 10.176.0.0/16

[modules]
allow 10.176.0.0/16

Create the files directory specified above (required to start the puppetmaster service)

1
mkdir /etc/puppet/files

Configure your nodes (client) below. The templates will apply to these nodes only.

1
2
3
4
5
6
7
8
9
10
11
vi /etc/puppet/manifests/nodes.pp

node ‘basenode’ {
include baseclass
}

node ‘mobile101.example.com’ inherits basenode {
}

node ‘mobile102.example.com’ inherits basenode {
}

Configure your templates. Here you’re listing the modules will effect your clients.

1
2
3
4
5
6
7
8
9
10
11
12
vi /etc/puppet/manifests/templates.pp

node default {
include baseclass
}

class baseclass {
include mobile::mobile_content
include mobile::mobile_settings
include mobile::mobile\_wsgi\_app
include mobile::mobile_django
}

Edit the site.pp and import your nodes and templates

1
2
3
4
5
6
vi /etc/puppet/manifests/site.pp

import “nodes”
import “templates”

filebucket { main: server => puppet }

Restart puppetmaster to enable the above changes

1
/etc/init.d/puppetmaster restart

Configuration: Client
There are only a few steps to get the client up and running. First up is the puppet main configuration file. Edit the file below and make changes.

1
2
3
4
5
6
7
8
9
10
11
12
13
vi /etc/puppet/puppet.conf
\# VERY IMPORTANT… THE “SERVER” VARIABLE MUST BE USING THE HOSTNAME OF THE PUPPETMASTER..NOT AN ALIAS!!

[main]
server = puppetmaster.example.com

#[puppetmasterd]  
#templatedir=/var/lib/puppet/templates

[agent]
report = true
listen = true
runinterval = 3600 #1 hour

Configure puppet to automatically at boot

1
2
vi /etc/default/puppet
START=yes

Create the following required file

1
touch /etc/puppet/namespaceauth.conf

Created the following file if you like to push content manually from the server.

1
2
3
vi /etc/puppet/auth.conf
path /run
allow puppetmaster.example.com

In this example, I’m using upstart to recycle a service. You’ll to copy “upstart.rb” from the server to client.

1
2
cd /usr/lib/ruby/1.8/puppet/provider/service/
scp username@puppetmaster.example.com:/usr/lib/ruby/1.8/puppet/provider/service/upstart.rb .

Configuration: Certificate
STEP1: On the Client:

1
puppetd –server puppetmaster.example.com –waitforcert 60

STEP2: On the Server:

1
2
3
puppetca -la
puppetca –sign mobile101.example.com
puppetca –sign mobile102.example.com

STEP3: On the Client:

1
2
pkill puppet
/etc/init.d/puppet restart

STEP4: Only if necessary: Troubleshooting Certificate Issues:

1
2
3
4
5
6
7
8
#On the server  
puppetca -r mobile101.example.com
puppetca -c mobile101.example.com
/etc/init.d/puppetmaster restart

#On the client  
pkill puppetd
rm /var/lib/puppet/ssl/ -rf

Repeat the certificate creation process

Configuration: Modules
At this point there are no configuration left on the client. As long as the certificate was configured properly all changes make beyond this point are all on the server. Lets configure a mobile module we included in the configuration above. Lets start off with the required directory structure.

1
2
3
4
5
mkdir /etc/puppet/files
mkdir /etc/puppet/modules
mkdir /etc/puppet/modules/mobile/
mkdir /etc/puppet/modules/mobile/files
mkdir /etc/puppet/modules/mobile/manifests

The files directory structure is listed below. In this case we’re assuming you’re going to be deploying a website named “mobile” with it’s root/content of “var/www/mobile”. You can touch these files for this example.

1
2
3
4
5
6
ls -m /etc/puppet/modules/mobile/*
/etc/puppet/modules/mobile/files:
mobile

/etc/puppet/modules/mobile/manifests:
config.pp, init.pp, service.pp

Modify the init.pp file

1
2
3
class mobile {
include mobile::config, mobile::service
}

Modify the config.pp file

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
class mobile::config {
file { “/var/www/mobile”:
ensure => present,
source => “puppet:///modules/mobile/mobile”,  
recurse => true,
group => “www-data”,
owner => “www-data”,
mode => “0644″
}

file { “/var/www/mobile/MobileTicketSales/settings.py”:
ensure => present,
source => “puppet:///modules/mobile/settings.py”,  
recurse => true,
group => “www-data”,
owner => “www-data”,
mode => “0644″
}

file { “/var/www/mobile/MobileTicketSales/wsgi_app.py”:
ensure => present,
source => “puppet:///modules/mobile/wsgi_app.py”,  
recurse => true,
group => “www-data”,
owner => “www-data”,
mode => “0644″
}

file { “/var/www/mobile/MobileTicketSales/django.wsgi”:
ensure => present,
source => “puppet:///modules/mobile/django.wsgi”,  
recurse => true,
group => “www-data”,
owner => “www-data”,
mode => “0644″
}

}

Modify the service.pp file

1
2
3
4
5
6
7
8
9
10
11
class mobile::service {
service { “mobile”:
provider => “upstart”,
ensure => running,
hasstatus => true,
hasrestart => true,
enable => true,
subscribe => File["/var/www/mobile/MobileTicketSales/settings.py"],
#require => Class["mobile::config"],  
}
}

That’s all she wrote. Your clients should retrive any changes hourly (based on configuration above). If you like to push content manually from the server:

1
puppetrun –host mobile101.example.com