Configure Cobbler to Prepare Puppet

This tutorial assume you have completed the kickstart and puppet tutorials.

Have Cobbler Setup Puppet

You can configure cobbler to install the puppet client packages, generate the certificates, and even sign the certificates if you choose, and if cobbler/kickstart is running on the same server as puppet.

Enable puppet auto setup in cobbler settings

sed -i 's/puppet_auto_setup: 0/puppet_auto_setup: 1/g'/etc/cobbler/settings
/etc/init.d/cobblerd restart && cobbler sync

Add EPEL repo to cobbler so it procure the puppet packages

cobbler repo add --arch=i386 --breed=yum --keep-updated=Y --mirror=http://mirrors.xmission.com/fedora/epel/6/i386/ --name=mr-epel

Add mr-epel to repos for default cent63-i386 profile

cobbler profile edit --name=cent63-i386 --repos=mr-epel

Run reposync to mirror the repo
Note: this step will take a while, you are syncing about 6GB

cobbler reposync

Modify sample.ks default cent63-i386 kickstart
Because puppet or puppet.example.motorrobot.net will not resolve in DNS in my setup, and perhaps your test environments, we need to modify the default kickstart, and just have it create
a hosts file entry for puppet after the install. I put this below %post and above

I add it on line 55 of /var/lib/cobbler/kickstarts/sample.ks add

echo "192.168.7.2 puppet puppet.example.motorrobot.net" >> /etc/hosts

So your whole /var/lib/cobbler/kickstarts/sample.ks file should look like:

#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth  --useshadow  --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
# Use text mode install
text
# Firewall configuration
firewall --enabled
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# Use network installation
url --url=$tree
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot
 
#Root password
rootpw --iscrypted $default_password_crypted
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone  America/New_York
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Allow anaconda to partition the system as needed
autopart
 
 
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
 
%packages
$SNIPPET('func_install_if_enabled')
$SNIPPET('puppet_install_if_enabled')
 
%post
echo "192.168.7.2 puppet puppet.example.motorrobot.net" >> /etc/hosts
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('puppet_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$SNIPPET('kickstart_done')
# End final steps

Manually signing puppet cert

[root@puppet ~]# puppet cert list
  motorrobot2.example.motorrobot.net (16:6C:C5:A6:DB:CB:09:CD:09:67:69:7D:F8:1D:3F:30)
[root@puppet ~]# puppet cert sign motorrobot2.example.motorrobot.net
notice: Signed certificate request formotorrobot2.example.motorrobot.net
notice: Removing file Puppet::SSL::CertificateRequest motorrobot2.example.motorrobot.net at'/var/lib/puppet/ssl/ca/requests/motorrobot2.example.motorrobot.net.pem'
 
cp /var/lib/cobbler/kickstarts/sample.ks /var/lib/cobbler/kickstarts/puppetize.ks

Add this to the %post part of the kickstart…

vi /var/lib/cobbler/kickstarts/puppetize.ks

%post
echo “192.168.7.2 puppet puppet.example.motorrobot.net” >> /etc/hosts

# Associate sync’d repo with the default cent63-x86_64 profile

cobbler profile edit --name=cent63-x86_64 --repo=my-epel

In order for auto-cert sign to work, the puppet and cobbler instances must reside on the same server.

sed -i 's/sign_puppet_certs_automatically: 0/sign_puppet_certs_automatically: 1/g' /etc/cobbler/settings
/etc/init.d/cobblerd restart && cobbler sync
(Comments)

Comments