Difference between revisions of "HowTo/InstallPuppetClient"
| Line 6: | Line 6: | ||
Example (you need to change IP and insert position): | Example (you need to change IP and insert position): | ||
| − | < | + | <pre> |
iptables -I INPUT 8 -s 188.165.38.75 -m tcp -p tcp --dport 8140 -j ACCEPT | iptables -I INPUT 8 -s 188.165.38.75 -m tcp -p tcp --dport 8140 -j ACCEPT | ||
| − | </ | + | </pre> |
=== Client side === | === Client side === | ||
| Line 21: | Line 21: | ||
vim /etc/yum.repos.d/puppet.repo | vim /etc/yum.repos.d/puppet.repo | ||
| − | < | + | <pre> |
[puppetlabs] | [puppetlabs] | ||
name=Puppet Labs Packages | name=Puppet Labs Packages | ||
| Line 32: | Line 32: | ||
enabled=1 | enabled=1 | ||
gpgcheck=0 | gpgcheck=0 | ||
| − | </ | + | </pre> |
- Install puppet | - Install puppet | ||
| − | < | + | <pre> |
yum install -y puppet | yum install -y puppet | ||
chkconfig puppet on | chkconfig puppet on | ||
| − | </ | + | </pre> |
- Make sure the hostname is fully qualified, eg 'yuka.lunasys.fr' and not just 'yuka' | - Make sure the hostname is fully qualified, eg 'yuka.lunasys.fr' and not just 'yuka' | ||
| Line 44: | Line 44: | ||
- Edit configuration file /etc/puppet/puppet.conf to have: | - Edit configuration file /etc/puppet/puppet.conf to have: | ||
| − | < | + | <pre> |
[main] | [main] | ||
logdir = /var/log/puppet | logdir = /var/log/puppet | ||
| Line 56: | Line 56: | ||
report = true | report = true | ||
pluginsync = true | pluginsync = true | ||
| − | </ | + | </pre> |
- Register with the master | - Register with the master | ||
| − | < | + | <pre> |
puppetd --waitforcert 30 --server puppet.lunasys.fr -v | puppetd --waitforcert 30 --server puppet.lunasys.fr -v | ||
| − | </ | + | </pre> |
==== Debian ==== | ==== Debian ==== | ||
| Line 68: | Line 68: | ||
- Install puppet | - Install puppet | ||
| − | < | + | <pre> |
apt-get install puppet | apt-get install puppet | ||
| − | </ | + | </pre> |
- Edit configuration file =/etc/puppet/puppet.conf= to have: | - Edit configuration file =/etc/puppet/puppet.conf= to have: | ||
| − | < | + | <pre> |
[main] | [main] | ||
logdir = /var/log/puppet | logdir = /var/log/puppet | ||
| Line 89: | Line 89: | ||
report = true | report = true | ||
pluginsync = true | pluginsync = true | ||
| − | </ | + | </pre> |
- Register with the master | - Register with the master | ||
| − | < | + | <pre> |
puppetd --waitforcert 30 --server puppet.lunasys.fr -v | puppetd --waitforcert 30 --server puppet.lunasys.fr -v | ||
| − | </ | + | </pre> |
=== On the server - Finalization === | === On the server - Finalization === | ||
| Line 102: | Line 102: | ||
First, list requests: | First, list requests: | ||
| − | + | puppetca -l | |
| − | puppetca -l | ||
| − | |||
Select the hostname of the wanted server and allow it: | Select the hostname of the wanted server and allow it: | ||
| − | + | puppetca -s <hostname> | |
| − | puppetca -s <hostname> | + | |
| − | |||
You're done. The client is registered and will apply the required configuration. | You're done. The client is registered and will apply the required configuration. | ||
| Line 123: | Line 120: | ||
- If you get 'Could not request certificate: getaddrinfo: Name or service not known', you may need to add the following line in /etc/puppet/puppet.conf under the '[agent]' section: | - If you get 'Could not request certificate: getaddrinfo: Name or service not known', you may need to add the following line in /etc/puppet/puppet.conf under the '[agent]' section: | ||
| − | < | + | <pre> |
server = puppet.winsoft.fr | server = puppet.winsoft.fr | ||
| − | </ | + | </pre> |
==== Useful links ==== | ==== Useful links ==== | ||
Revision as of 16:28, 16 October 2012
Contents
Puppet Client Installation and Configuration
On the server - Preparation
- Add the iptables rules to allow port 8140 for the new client:
Example (you need to change IP and insert position):
iptables -I INPUT 8 -s 188.165.38.75 -m tcp -p tcp --dport 8140 -j ACCEPT
Client side
CentOS / RHEL
In this doc, we assume the master is located at puppet.winsoft-international.com
- [[Public.EPEL][Add EPEL]]
- (Optional: only if latest release required) Add the puppet repo:
vim /etc/yum.repos.d/puppet.repo
[puppetlabs] name=Puppet Labs Packages baseurl=http://yum.puppetlabs.com/el/6/products/x86_64/ enabled=1 gpgcheck=0 [puppetlabs2] name=Puppet Labs Packages Deps baseurl=http://yum.puppetlabs.com/el/6/dependencies/x86_64/ enabled=1 gpgcheck=0
- Install puppet
yum install -y puppet chkconfig puppet on
- Make sure the hostname is fully qualified, eg 'yuka.lunasys.fr' and not just 'yuka'
- Edit configuration file /etc/puppet/puppet.conf to have:
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
server = puppet.lunasys.fr
report = true
pluginsync = true
- Register with the master
puppetd --waitforcert 30 --server puppet.lunasys.fr -v
Debian
- Install puppet
apt-get install puppet
- Edit configuration file =/etc/puppet/puppet.conf= to have:
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
vardir = /var/lib/puppet
ssldir = $vardir/ssl
factpath = $vardir/lib/facter
templatedir = $confdir/templates
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
server = puppet.lunasys.fr
report = true
pluginsync = true
- Register with the master
puppetd --waitforcert 30 --server puppet.lunasys.fr -v
On the server - Finalization
- Allow the new client:
First, list requests:
puppetca -l
Select the hostname of the wanted server and allow it:
puppetca -s <hostname>
You're done. The client is registered and will apply the required configuration.
Troubleshooting
Installation issues
If the installation of the puppet package fails because of an error related to 'ruby(selinux)', you need to add the 'optional' software channel in redhat.
/var/log/messages
- If you get 'Could not request certificate: getaddrinfo: Name or service not known', you may need to add the following line in /etc/puppet/puppet.conf under the '[agent]' section:
server = puppet.winsoft.fr
Useful links
- General issues: [[1]]
- Certificate issues: [[2]]
