Introduction

Petit tuto qui explique comment installer puppetmaster (3.3.1-1puppetlabs1), puppetdashbord et d'un client puppet (3.3.1-1) sur une debian wheezy. On décrit ici les étapes d'installation qui sont effectués soit sur le puppetmaster et le client avec un test de déploiement d'un module.

J'utilise 2 VM où j'appelle ici SERVEUR celui qui va porter puppetmaster et puppet-dasboard, CLIENT uniquement pour puppet

SERVEUR

# wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb
# dpkg -i puppetlabs-release-stable.deb
# apt-get update
# aptitude install puppetmaster apache2
# service puppetmaster stop
# aptitude install puppetmaster-passenger

Bug rencontré : http://projects.puppetlabs.com/issues/20897

Modifier le fichier /usr/share/puppet/rack/puppetmasterd/config.ru rajouter :

Encoding.default_external = Encoding::UTF_8

Restart apache :

# service apache2 restart

Desactiver puppetmaster au demarrage : /etc/default/puppetmaster

Installatop, puppet-dashboard

</code> # aptitude install puppet-dashboard mysql-server </code>

Mettre “START=yes”

  • /etc/default/puppet-dashboard
  • /etc/default/puppet-dashboard-workers

Modifier /etc/mysql/my.cnf

# Puppet Dashboard requirements:
# Allowing 32MB allows an occasional 17MB row with plenty of spare room
max_allowed_packet = 32M

Se connecter à MYSQL et entrer les informations suivantes. Le mot de passe 'qsdmlk' est à changer bien sûr.

CREATE DATABASE puppet_dashboard CHARACTER SET utf8;
GRANT ALL PRIVILEGES ON puppet_dashboard.* to 'puppet_dashboard'@'localhost' identified by 'qsdmlk';
FLUSH PRIVILEGES;

Modifier le fichier /etc/puppet-dashboard/database.yml

# vi /etc/puppet-dashboard/database.yml
production:
  database: puppet_dashboard
  username: puppet_dashboard
  password: qsdmlk
  host: localhost
  encoding: utf8
  adapter: mysql
...

Création de la base :

cd /usr/share/puppet-dashboard
rake RAILS_ENV=production db:migrate

Modifier le /etc/puppet/puppet.conf

[master]
reportdir = /var/lib/puppet/reports
reporturl = http://localhost:3000/reports/upload
reports = http,store,log
node_terminus = exec
external_nodes = /usr/bin/env PUPPET_DASHBOARD_URL=http://localhost:3000 /usr/share/puppet-dashboard/bin/external_node

Demarrage de puppet-dashboard

service puppet-dashboard start

Bug d'affichage lors du lancement </code> # ps aux | grep puppet-dashboard </code>

Mettre le pid dans /var/run/puppet-dashboard.pid

# vi /var/run/puppet-dashboard.pid

Démarrage de puppet-dashboard-workers

/etc/init.d/puppet-dashboard-workers start 

Prenez un navigateur et tester que l'interface est fonctionnelle : http://SERVEUR:3000

CLIENT

Installation du client ou plûtot du node dans le jargon de puppet

# wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb
# dpkg -i puppetlabs-release-stable.deb
# apt-get update
# apt-get install puppet

Modifier les fichier /etc/hosts et ajouter le nom du puppet master Modifier le fichier /etc/puppet/puppet.conf, rajouter le nom du puppetmaster via la directive server= dans le [main]

et

[agent]
report = true

Enregistrement :

# puppet agent --test

SERVEUR

Voir les demandes de signature

# puppet cert list
  "debian-puppet1" (SHA256) 44:3F:D4:20:F6:7A:3A:97:7C:0E:00:45:94:49:D2:A4:19:06:92:9D:48:14:65:EB:5B:FB:99:25:F9:C3:47:8C

Signer le client :

# puppet cert sign debian-puppetclient1

Notice: Signed certificate request for debian-puppet1 Notice: Removing file Puppet::SSL::CertificateRequest debian-puppet1 at '/var/lib/puppet/ssl/ca/requests/debian-puppet1.pem'

CLIENT

Enregistrement :

# puppet agent --test

SERVEUR

création d'un module puppet_agent qui active l'agent puppet par defaut au boot, vérifie que la dernière version est installé

cf https://mespotesgeek.fr/puppet-outil-de-gestion-de-configurations-partie-2/

# mkdir -p /etc/puppet/modules/puppet_agent/{manifests,files}
# vi /etc/puppet/modules/puppet_agent/manifests/init.pp
class puppet_agent {
        file { "/etc/puppet":
                ensure   => "directory",
                owner    => root,
                group    => root,
                mode     => 755;
        }

        file { "/etc/puppet/puppet.conf":
                 owner          => root,
                 group          => root,
                 mode           => 644,
                 source         => "puppet:///modules/puppet_agent/puppet.conf.client",
                 require        => File['/etc/puppet'];
        }

         file { "/etc/default/puppet":
                 owner          => root,
                 group          => root,
                 mode           => 644,
                 source         => "puppet:///modules/puppet_agent/puppet.default.client",
                 require        => File['/etc/puppet/puppet.conf'];
        }
 
        service { "puppet":
                ensure          => running,
                hasrestart      => true,
                enable          => true,
                require         => File['/etc/puppet/puppet.conf'],
        }

            package { "puppet":
                        ensure => "latest",
                        before  => Service["puppet"],
            }
}

Valider la conf

# puppet parser validate /etc/puppet/modules/puppet_agent/manifests/init.pp
# vi /etc/puppet/modules/puppet_agent/files/puppet.conf.client
[main]
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
templatedir=$confdir/templates
server = "debian-puppetmaster"

[master]
# These are needed when the puppetmaster is run by passenger
# and can safely be removed if webrick is used.
ssl_client_header = SSL_CLIENT_S_DN 
ssl_client_verify_header = SSL_CLIENT_VERIFY
vi /etc/puppet/modules/puppet_agent/files/puppet.default.client  
# Defaults for puppet - sourced by /etc/init.d/puppet

# Enable puppet agent service?
# Setting this to "yes" allows the puppet agent service to run.
# Setting this to "no" keeps the puppet agent service from running.
START=yes

# Startup options
DAEMON_OPTS=""
vi /etc/puppet/manifests/site.pp
import 'nodes.pp' 
Exec { path => "/usr/bin:/usr/sbin:/bin:/sbin" }
vi /etc/puppet/manifests/nodes.pp
node default {
   include puppet_agent
   notice("Chargement de la configuration pour : $fqdn ($ipaddress)")
}

CLIENT

Tester la config

puppet agent --server=debian-puppetmaster -v -t

Testez de nouveau puppet dashboard, http://SERVEUR:3000 vous verrez que le node s'est enregistré et vous voyiez son état

gestion_de_configuration/puppet.txt · Dernière modification: 2017/07/07 14:42 (modification externe)
CC Attribution-Noncommercial-Share Alike 4.0 International
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0