vagrant box add centos65-base centos65.box
vagrant box list
sudo yum -y install nano git ntp
sudo service ntpd start
sudo chkconfig ntpd on
sudo yum -y install http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
sudo yum -y install puppet-server
puppet master --version
--
puppet loads the site manifest by default:
/etc/puppet/manifests/site.pp
Directory environments?
Allow you to mantain test,development, adn productio environments separately on the same Puppet master.
each envronment controlled by the specific env. config. file.
/etc/puppet/environments/production/environment.conf -- env specific settngs for prod env
main puppet config file where we can specify env config files eithere there or not also.
/etc/puppet/puppet.conf
contains 3 sections.
Master
Agent
Main
puppet.conf sample
--------
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
[master]
environment = $confdir/environments #$confdir = /etc/puppet by defalt
basemodulepath = $confdir/modules:/opt/puppet/share/puppet/modules
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
sudo mkdir -p /etc/puppet/environments/production/{modules,manifests}
/etc/puppet/environments/production/environment.conf
--
modulepath = /etc/puppet/environments/production/modules
environment_timeout = 5s
/etc/puppet/puppet.conf
-----------------
(between main and agent add master section)
[master]
environment = $confdir/environments
basemodulepath = $confdir/modules:/opt/puppet/share/modules
(under main section at the end)
dns_alt_names = puppet,puppetmaster,puppetmaster.<sitename>.com
security in linux,set to permissive mode for puppet installation.SELinux
set setenforce permissive
sudo sed -i 's\=enforcing\=permissive\g' /etc/sysconfig/selinux #for bootime not to change again
sudo getenforce
generating certificates:
--------------
on master:
sudo puppet master --verbose --no-daemonize
sudo ls -la /var/lib/puppet/ssl
configuring IPTables Firewall
----------------
for tcp 8140
/etc/syscofig/iptables
add this line at end:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8140 -j ACCEPT
sudo service iptables restart
webserver
--
Webricks not for prod.
so install apache and passanger for ruby runtime
sudo yum -y install http httpd-devel mod_ssl ruby-devel rubygems gcc gcc-c++ libcurl-devel openssl-devel
sudo gem install rack passenger
sudo passenger-install-apache2-module
sudo mkdir -p /usr/share/puppet/rack/puppetmasterd/{public,tmp}
sudo cp /usr/share/puppet/ext/rack/config.ru /usr/share/puppet/rack/puppetmasterd/
sudo chown puppet:puppet /usr/share/puppet/rack/puppetmasterd/config.ru
cd ~
git clone https://github.com/benpiper/puppet-fundamentals-puppetmaster
cd puppet-fundamentals-puppetmaster
nano puppetmaster.conf #update the passenger install version details here,also update the SSLCertificateFile and SSLCertificateKeyFile locations
sudo cp puppet-master.conf /etc/httpd/conf.d/puppetmaster.conf
sudo service httpd start
sudo chkconfig httpd on
vagrant box list
sudo yum -y install nano git ntp
sudo service ntpd start
sudo chkconfig ntpd on
sudo yum -y install http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
sudo yum -y install puppet-server
puppet master --version
--
puppet loads the site manifest by default:
/etc/puppet/manifests/site.pp
Directory environments?
Allow you to mantain test,development, adn productio environments separately on the same Puppet master.
each envronment controlled by the specific env. config. file.
/etc/puppet/environments/production/environment.conf -- env specific settngs for prod env
main puppet config file where we can specify env config files eithere there or not also.
/etc/puppet/puppet.conf
contains 3 sections.
Master
Agent
Main
puppet.conf sample
--------
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
[master]
environment = $confdir/environments #$confdir = /etc/puppet by defalt
basemodulepath = $confdir/modules:/opt/puppet/share/puppet/modules
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
sudo mkdir -p /etc/puppet/environments/production/{modules,manifests}
/etc/puppet/environments/production/environment.conf
--
modulepath = /etc/puppet/environments/production/modules
environment_timeout = 5s
/etc/puppet/puppet.conf
-----------------
(between main and agent add master section)
[master]
environment = $confdir/environments
basemodulepath = $confdir/modules:/opt/puppet/share/modules
(under main section at the end)
dns_alt_names = puppet,puppetmaster,puppetmaster.<sitename>.com
security in linux,set to permissive mode for puppet installation.SELinux
set setenforce permissive
sudo sed -i 's\=enforcing\=permissive\g' /etc/sysconfig/selinux #for bootime not to change again
sudo getenforce
generating certificates:
--------------
on master:
sudo puppet master --verbose --no-daemonize
sudo ls -la /var/lib/puppet/ssl
configuring IPTables Firewall
----------------
for tcp 8140
/etc/syscofig/iptables
add this line at end:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8140 -j ACCEPT
sudo service iptables restart
webserver
--
Webricks not for prod.
so install apache and passanger for ruby runtime
sudo yum -y install http httpd-devel mod_ssl ruby-devel rubygems gcc gcc-c++ libcurl-devel openssl-devel
sudo gem install rack passenger
sudo passenger-install-apache2-module
sudo mkdir -p /usr/share/puppet/rack/puppetmasterd/{public,tmp}
sudo cp /usr/share/puppet/ext/rack/config.ru /usr/share/puppet/rack/puppetmasterd/
sudo chown puppet:puppet /usr/share/puppet/rack/puppetmasterd/config.ru
cd ~
git clone https://github.com/benpiper/puppet-fundamentals-puppetmaster
cd puppet-fundamentals-puppetmaster
nano puppetmaster.conf #update the passenger install version details here,also update the SSLCertificateFile and SSLCertificateKeyFile locations
sudo cp puppet-master.conf /etc/httpd/conf.d/puppetmaster.conf
sudo service httpd start
sudo chkconfig httpd on
No comments:
Post a Comment