Puppet Server (Master) Installation

How to setup and configure a CentOS puppetmaster

What we are starting with
OS Version: CentOS 6.3 minimal install from CD
Hostname: puppet.example.motorrobot.net
Static IP: 192.168.7.2

Make sure selinux and firewall are disabled

Setup EPEL Repository
The puppet client and server files are available on the EPEL repository for CentOS 6. So let’s install that if you don’t already have it installed.

yum -y install http://mirror.synds.com/distributions/fedora-epel/6/x86_64/epel-release-6-7.noarch.rpm

Or setup puppetlabs repo for latest versions




Install Puppet Master
The puppet-server package will be installed from the EPEL repository, and ruby-rdoc is part of base and is required to read help files.

yum -y install puppet-server ruby-rdoc


Setup /etc/hosts to resolve puppet
The puppet client by default tries to resolve “puppet” that is why we chose it for a hostname. Since we don’t have DNS setup, we’ll be defining all nodes in the /etc/hosts file. If you have DNS going already, you just need to make sure it’s properly setup.

echo "192.168.7.2 puppet puppet.example.motorrobot.net" >> /etc/hosts


Setup Puppet Fileserver
The puppet fileserver will serve configuration files, etc. out nodes in your network. This will set it up with the root path of it being /etc/puppet/files and allowing only machines on the 192.168.7.* network to authenticate.

mkdir /etc/puppet/files
cp /etc/hosts /etc/puppet/files/

Edit /etc/puppet/fileserver.conf to point to /etc/puppet/files

echo "[files]" > /etc/puppet/fileserver.conf
echo "path /etc/puppet/files" >> /etc/puppet/fileserver.conf

Edit /etc/puppet/auth.conf to allow servers to connect to fileserver path above.

You want to add this above the last definition.

# ==== INSERT THIS ====
path /files
auth any
allow *
# ==== INSERT THIS ====
# ==== above ==========
 
# deny everything else; this ACL is not strictly necessary, but
# illustrates the default policy.
path /
auth any


Create Initial Puppet Manifest
Create the initial site manifest /etc/puppet/manifests/site.pp where all configuration management will be defined.

vi /etc/puppet/manifests/site.pp

Copy and paste this as your first /etc/puppet/manifests/site.pp

node default {
    package { 'ntp' : ensure => installed, }
    package { 'sudo' : ensure => installed, }
    package { 'screen' : ensure => installed, }
    package { 'nano' : ensure => installed, }
 
    service { "ntpd" : ensure => running, enable => true, }
    service { "puppet" : ensure => running, enable => true, }
 
    file '/etc/hosts' :
        source => 'puppet:///files/hosts',
        mode => 0644,
        owner => "root",
        group => "root",
    }
}

This manifest will do the following on all nodes:

  • Installs Packages – make sure ntp, sudo, screen and nano are installed on all machines connected to puppet. Puppet automatically searches the configured yum repos for these packages.
  • Manages Services – Make sure ntpd and puppet services are running and enabled at boot.
  • Manages Files – serves /etc/hosts from the puppet fileserver so that all nodes controlled by puppet have the same hosts files and are aware of each other.

Eventually we will expand on these manifests quite a bit.

Start the Puppet Master
Start the puppetmaster service, and make sure it starts at boot.

/etc/init.d/puppetmaster start
/sbin/chkconfig puppetmaster on

Run puppet manually
You can run puppet manually and see if there are any problems in the output, you can also see what it’s doing.

puppetd -t

Note, with the above manifest the following is normal on the first run and will be fixed with a subsequent run. I left it in to demonstrate how you can watch what puppet is doing. Basically, it fails to start ntpd because the package is not yet installed. Puppet then installs the package along with some others. On the second run, you can see ntpd change from stopped to running.

[root@puppet ~]# puppetd -t
info: Caching catalog for puppet.example.motorrobot.net
info: Applying configuration version '1347541754'
err: /Stage[main]//Node[default]/Service[ntpd]/ensure: change from stopped to running failed: Could not start Service[ntpd]: Execution of '/sbin/service ntpd start' returned 1:  at /etc/puppet/manifests/site.pp:7
notice: /Stage[main]//Node[default]/Package[ntp]/ensure: created
notice: /Stage[main]//Node[default]/Package[screen]/ensure: created
notice: /Stage[main]//Node[default]/Package[sudo]/ensure: created
notice: /Stage[main]//Node[default]/Package[nano]/ensure: created
notice: /Stage[main]//Node[default]/Service[puppet]/enableenablechanged 'false' to 'true'
info: Creating state file /var/lib/puppet/state/state.yaml
notice: Finished catalog run in 14.55 seconds
[root@puppet ~]# puppetd -t
info: Caching catalog for puppet.example.motorrobot.net
info: Applying configuration version '1347541754'
notice: /Stage[main]//Node[default]/Service[ntpd]/ensure: ensure changed 'stopped' to 'running'
notice: Finished catalog run in 0.32 seconds

Start puppet client

/etc/init.d/puppet start

Make puppet start at boot

/sbin/chkconfig puppet on
(Comments)

Comments