Puppet : Install2023/08/10 |
Install and setup the Configuration management tool [Puppet]. It's necessary to setup DNS or hosts settings to resolve names or IP address and also NTP settings first. |
|
[1] | Configure Puppet on Server Host. |
root@dlp:~#
apt -y install puppet-master
root@dlp:~#
vi /etc/puppet/puppet.conf # add to the end
[main]
certname = dlp.srv.world
server = dlp.srv.world
[server]
dns_alt_names = dlp.srv.world,dlp
# any [environment] name
environment = production
systemctl enable --now puppetserver |
[2] | Configure Puppet on Client Host. |
root@node01:~#
apt -y install puppet-agent
root@node01:~#
vi /etc/puppet/puppet.conf # add to the end
[main]
certname = node01.srv.world
server = dlp.srv.world
[agent]
server = dlp.srv.world
ca_server = dlp.srv.world
# interval for applying catalogs on server
# if set [0], always applied
# default is 30 minutes if the value is not set
runinterval = 30m
systemctl enable --now puppet |
[3] | Enable certificate from Puppet Client on Puppet Server. |
root@dlp:~# puppetserver ca list --all Requested Certificates: node01.srv.world (SHA256) 29:29:5F:AE:77:5C:A6:BD:F2:AB:C0:D5:3F:11:07:51:6B:12:2F:FD:77:4C:6A:13:BB:F3:3E:5A:96:45:1F:B3 Signed Certificates: dlp.srv.world (SHA256) DA:A0:09:AA:9A:8E:87:E3:CA:D0:67:A3:FB:AD:BA:DC:F7:37:73:D1:50:23:8F:FD:69:3D:44:9C:86:9B:D7:F4 alt names: ["DNS:dlp.srv.world", "DNS:dlp", "DNS:dlp.srv.world"] authorization extensions: [pp_cli_auth: true] # sign root@dlp:~# puppetserver ca sign --certname node01.srv.world Successfully signed certificate request for node01.srv.world |
[4] | Verify Puppet Server and Client work normally to create a test manifest. Puppet clients apply manifests on Puppet server for every 30 minutes by default, so wait for a moment to make sure the setting or if you'd like to make sure at once, reload Puppet Client daemon. |
# create a directory for putting manifests # for the name [production], specify the name set for [environment = ***] parameter in [puppet.conf] root@dlp:~# mkdir -p /etc/puppet/code/environments/production/manifests
root@dlp:~#
vi /etc/puppet/code/environments/production/manifests/site.pp # for example, create a [testgroup] group { 'testgroup': ensure => present, gid => 2000, } # on Client host, reload puppet if you like to verify settings immediately root@node01:~# systemctl reload puppet
grep testgroup /etc/group testgroup:x:2000: |
[5] | If you like to apply manifest manually on localhost, run like follows. |
root@dlp:~# puppet apply /etc/puppet/code/environments/production/manifests/site.pp Notice: Compiled catalog for dlp.srv.world in environment production in 0.01 seconds Notice: /Stage[main]/Main/Group[testgroup]/ensure: created Notice: Applied catalog in 0.04 seconds root@dlp:~# grep testgroup /etc/group testgroup:x:2000: |
Sponsored Link |
|