Puppet Install & use case

Puppet Installation

Prerequisites

First things to do Before Install

For ease of use, set the Puppet master server’s hostname to puppet, and have a valid fully-qualified domain name (FQDN).

To check your hostname, run hostname and to check your FQDN, run hostname -f.

 

Since Puppet is not in basic CentOS or RHEL distribution repositories, we have to add a custom repository provided by Puppet Labs. On all servers in which you want to use Puppet, install the repository (RPM file name can change with new release):

On CentOS/RHEL 6.5:

#wget https://yum.puppetlabs.com/el/6.5/products/x86_64/puppetlabs-release-6-10.noarch.rpm

# rpm -ivh puppetlabs-release-6-10.noarch.rpm

On CentOS/RHEL 7:

# rpm -ivh https://yum.puppetlabs.com/el/7/products/x86_64/puppetlabs-release-7-10.noarch.rpm

Puppet Server Installation

Install the package “puppet-server” on the server you want to use as a master.

# yum install puppet-server

 Next, run the following command to upgrade Puppet to most newest version.

# puppet resource package puppet-server ensure=latest

By default Puppet looks for a server called “puppet”, but this setting is usually inappropriate for your network configuration, therefore we will exchange it for the proper FQDN of the Puppet master server. Open the file /etc/sysconfig/puppet and change the “PUPPET_SERVER” value to your Puppet master server domain name.

PUPPET_SERVER=pmaster.sysadminslab.com (server.your.domain)

 

When the installation is done, set the Puppet server to automatically start on boot and turn it on.

# chkconfig puppetmaster on
# service puppetmaster start

 

Puppet Client Installation

Install the Puppet client package on your client nodes by executing the following:

# yum install puppet

Now upgrade the installed puppet agent to the most recent versions, with the help of following command.

# puppet resource package puppet ensure=latest

 

When the installation finishes, make sure that Puppet will start after boot.

# chkconfig puppet on

If puppet master server hostname name is different from “puppet” then add the original hostname in the “[agent]” section of “/etc/puppet/puppet.conf”.

server= pmaster.sysadminslab.com (server.your.domain)

Now you can start your Puppet client:

# service puppet start

Puppet uses SSL certificates to authenticate communication between master and agent nodes.

The Puppet master acts as a certificate authority (CA), and must generate its own certificate which is used to sign agent certificate requests.

Go back to your puppet master server and check certificate verification requests:

# puppet cert list

You should see a list of all the servers that requested a certificate signing from your puppet master. Find the hostname of your client server and sign it using the following command (client-node is the domain name of your client node):

# puppet cert sign client-node

At this point you have a working Puppet client and server.

 

After Installation

We need manifests to maintain our puppet environment. We can use everything in a single manifest or we can split them.

My idea is to put your client nodes definitions in the “/etc/puppet/manifests/site.pp”   manifest file and other stuff in different manifests.

We will define all our manifests in a folder called “classes” under “/etc/puppet/manifests”

#mkdir  -p /etc/puppet/manifests/classes

Go to  classes folder and create first manifest. We will start with apache example.

#vi apache_install_start.pp
class apache_install_start {
package { “httpd”:
           ensure => present
     }
     service { “ service_httpd:
           name => httpd,
           ensure => running,   # this will start httpd service
           enable => true       # this makes chkconfig on
     }
}

Save and close the vi editor. You can go through sample resources we can use in creating your own manifests.

Here manifest name and class name should match.

Now its our turn to include this class in site.pp under clinet node definition.

#vi site.pp
import "classes/*.pp"           #This will import all manifests under classes folder
node server1 {
     include apache_install_start
}

Save and close the vi editor and restart the puppetmaster service.

# service puppetmaster restart

The default refresh interval of the client configuration is 30 minutes, if you want to force the application of your changes manually, execute the following command on your client node:

# puppet agent -t

If you would like to change the default client refresh interval, add:

runinterval = <yourtime>

to the “[agent]” section of /etc/puppet/puppet.conf on your client node. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y). Note that a runinterval of 0 means “run continuously” rather than “never run”.

File-Sharing in Puppet:

Puppet can serve the files with its built-in file server.

The file server works by defining “modules” which abstract the underlying file system structure similar manner to the way Samba shares do, configuring the file server is a simple manner of defining the proper modules in the file/etc/puppet/fileserver.conf and restarting the puppetmaster service.

p1

How to use this file sharing in puppet manifests is defined below

If puppet master server hostname is different from puppet then

source  => "puppet://pmaster/files2/mysql_backup.sh"

 

It refers to the file “/lvm/mysql_backup.sh

If hostname is puppet then it becomes like below

source  => "puppet:///files2/mysql_backup.sh"

Example of using file server from PUPPET to client nodes is given below.

We will consider the first manifest “apache_install_start.pp”

 

p22

The source file refers to “/etc/puppet/files/index_html”.

If this class is included in any client node definition, in that node httpd pkg will be installed, service will be started and index file will be copied from puppet master server to the destination defined.

Next Stage

You may find yourself in the situation where you will want to have more complicated manifests, for this we need to understand modules in puppet.

You should invest some time and browsehttps://forge.puppetlabs.com. Forge is a repository of the Puppet community modules and it’s very likely that you find the solution for your problem already made there.

Now, let’s assume that you have already found a module that would fix your problem. How to install it into the system? It is actually quite easy, because Puppet already contains an interface to download modules directly. Simply type the following command:

# puppet module install <module_name>

And if you would like to see what modules you already installed, type:

# puppet module list