======================================================================================================================================================
master 172.31.10.249 linux1 linux1.test.com
agent 172.31.10.220 linux2 linux2.test.com
======================================================================================================================================================
Install puppet master
======================================================================================================================================================
[root@linux1 puppet]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.0 (Maipo)
[root@linux1 ~]# hostname linux1
[root@linux1 ~]# rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
[root@linux1 ~]# yum list |grep puppet
puppet.noarch 3.7.2-1.el7 puppetlabs-products
puppet-server.noarch 3.7.2-1.el7 puppetlabs-products
puppetdb.noarch 2.2.2-1.el7 puppetlabs-products
puppetdb-terminus.noarch 2.2.2-1.el7 puppetlabs-products
puppetserver.noarch 0.3.0-1.el7 puppetlabs-products
ruby-shadow.x86_64 1:2.2.0-2.el7 puppetlabs-deps
rubygem-deep_merge.noarch 1.0.0-2.el7 puppetlabs-deps
rubygem-puppet-lint.noarch 0.3.2-1.el7 puppetlabs-deps
rubygem-stomp.noarch 1.3.2-1.el7 puppetlabs-deps
rubygem-stomp-doc.noarch 1.3.2-1.el7 puppetlabs-deps
[root@linux1 ~]# yum install puppet-server
Installed:
puppet-server.noarch 0:3.7.2-1.el7
Dependency Installed:
augeas-libs.x86_64 0:1.1.0-12.el7 facter.x86_64 1:2.2.0-1.el7 hiera.noarch 0:1.3.4-1.el7 libselinux-ruby.x86_64 0:2.2.2-6.el7 pciutils.x86_64 0:3.2.1-4.el7
puppet.noarch 0:3.7.2-1.el7 ruby.x86_64 0:2.0.0.353-20.el7 ruby-augeas.x86_64 0:0.5.0-1.el7 ruby-irb.noarch 0:2.0.0.353-20.el7 ruby-libs.x86_64 0:2.0.0.353-20.el7
ruby-shadow.x86_64 1:2.2.0-2.el7 rubygem-bigdecimal.x86_64 0:1.2.0-20.el7 rubygem-io-console.x86_64 0:0.4.2-20.el7 rubygem-json.x86_64 0:1.7.7-20.el7 rubygem-psych.x86_64 0:2.0.0-20.el7
rubygem-rdoc.noarch 0:4.0.0-20.el7 rubygems.noarch 0:2.0.14-20.el7
Complete!
[root@linux1 puppet]# vim /etc/puppet/puppet.conf
dns_alt_names = linux1,linux1.test.com
certname = linux1.test.com
server = linux1.test.com
[root@linux1 puppet]# ls -l /var/lib/puppet/
total 0
drwxr-x---. 2 puppet puppet 6 Oct 21 17:54 reports
drwxr-x---. 2 puppet puppet 6 Oct 21 17:54 state
[root@linux1 puppet]# puppet master --verbose --no-daemonize
Info: Creating a new SSL key for ca
Info: Creating a new SSL certificate request for ca
Info: Certificate Request fingerprint (SHA256): 72:8D:7B:70:02:59:01:F7:95:C1:77:49:87:28:F6:96:23:26:A1:27:A8:DC:58:CD:34:F9:44:69:4B:D5:46:60
Notice: Signed certificate request for ca
Info: Creating a new certificate revocation list
Info: Creating a new SSL key for linux1.cn-north-1.compute.internal
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for linux1.cn-north-1.compute.internal
Info: Certificate Request fingerprint (SHA256): 8E:8C:8C:C0:E1:88:2A:E1:FF:65:E3:06:25:79:8B:B4:E3:B3:FB:34:B1:97:4E:48:70:1E:F8:C4:FD:97:72:83
Notice: linux1.cn-north-1.compute.internal has a waiting certificate request
Notice: Signed certificate request for linux1.cn-north-1.compute.internal
Notice: Removing file Puppet::SSL::CertificateRequest linux1.cn-north-1.compute.internal at '/var/lib/puppet/ssl/ca/requests/linux1.cn-north-1.compute.internal.pem'
Notice: Removing file Puppet::SSL::CertificateRequest linux1.cn-north-1.compute.internal at '/var/lib/puppet/ssl/certificate_requests/linux1.cn-north-1.compute.internal.pem'
Notice: Starting Puppet master version 3.7.2
[root@linux1 puppet]# ls -l /var/lib/puppet/
total 4
drwxr-x---. 2 puppet puppet 6 Oct 29 23:49 bucket
drwxr-xr-x. 2 root root 6 Oct 29 23:49 facts.d
drwxr-xr-x. 2 root root 6 Oct 29 23:49 lib
drwxr-x---. 2 puppet puppet 6 Oct 21 17:54 reports
drwxr-x---. 2 puppet puppet 6 Oct 29 23:49 rrd
drwxr-x---. 2 puppet puppet 6 Oct 29 23:49 server_data
drwxrwx--x. 8 puppet puppet 4096 Oct 29 23:49 ssl
drwxr-xr-t. 2 puppet puppet 6 Oct 21 17:54 state
drwxr-x---. 2 puppet puppet 6 Oct 29 23:49 yaml
[root@linux1 public_keys]# service puppetmaster start
Redirecting to /bin/systemctl start puppetmaster.service
[root@linux1 public_keys]# puppet cert list
======================================================================================================================================================
Install puppet agent
======================================================================================================================================================
[root@linux2 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.0 (Maipo)
[root@linux2 ~]# rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
Retrieving http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
warning: /var/tmp/rpm-tmp.905Pmg: Header V4 RSA/SHA1 Signature, key ID 4bd6ec30: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:puppetlabs-release-7-11 ################################# [100%]
[root@linux2 ~]# yum install puppet
Installed:
puppet.noarch 0:3.7.2-1.el7
Dependency Installed:
augeas-libs.x86_64 0:1.1.0-12.el7 facter.x86_64 1:2.2.0-1.el7 hiera.noarch 0:1.3.4-1.el7 libselinux-ruby.x86_64 0:2.2.2-6.el7 pciutils.x86_64 0:3.2.1-4.el7
ruby.x86_64 0:2.0.0.353-20.el7 ruby-augeas.x86_64 0:0.5.0-1.el7 ruby-irb.noarch 0:2.0.0.353-20.el7 ruby-libs.x86_64 0:2.0.0.353-20.el7 ruby-shadow.x86_64 1:2.2.0-2.el7
rubygem-bigdecimal.x86_64 0:1.2.0-20.el7 rubygem-io-console.x86_64 0:0.4.2-20.el7 rubygem-json.x86_64 0:1.7.7-20.el7 rubygem-psych.x86_64 0:2.0.0-20.el7 rubygem-rdoc.noarch 0:4.0.0-20.el7
rubygems.noarch 0:2.0.14-20.el7
Complete!
[root@linux2 ~]# cat /etc/hosts
172.31.10.249 linux1 linux1.test.com
172.31.10.220 linux2 linux2.test.com
[root@linux2 ~]# vim /etc/puppet/puppet.conf
server = linux1.test.com
certname = linux2.test.com
[root@linux2 ~]# ls -l /var/lib/puppet/
total 0
drwxr-x---. 2 puppet puppet 6 Oct 21 17:54 reports
drwxr-x---. 2 puppet puppet 6 Oct 21 17:54 state
[root@linux2 ~]# service puppet start
Redirecting to /bin/systemctl start puppet.service
[root@linux2 ~]# ls -l /var/lib/puppet/
total 0
drwxr-x---. 2 root root 6 Oct 30 02:58 clientbucket
drwxr-x---. 2 root root 6 Oct 30 02:58 client_data
drwxr-x---. 2 root root 6 Oct 30 02:58 client_yaml
drwxr-xr-x. 2 root root 6 Oct 30 02:58 facts.d
drwxr-xr-x. 2 root root 6 Oct 30 02:58 lib
drwxr-x---. 2 puppet puppet 6 Oct 21 17:54 reports
drwxrwx--x. 7 puppet puppet 96 Oct 30 02:58 ssl
drwxr-xr-t. 3 puppet puppet 19 Oct 30 02:58 state
======================================================================================================================================================
Sign cert for the agent and verify connection
======================================================================================================================================================
[root@linux1 puppet]# puppet cert list
"linux2.test.com" (SHA256) 9B:00:2C:3F:44:F2:D7:E1:59:D9:50:4C:EE:34:A1:ED:34:BD:1F:2B:58:BF:B6:EA:3D:60:6F:1D:FB:5B:1F:EA
[root@linux1 puppet]# puppet cert sign linux2.test.com
Notice: Signed certificate request for linux2.test.com
Notice: Removing file Puppet::SSL::CertificateRequest linux2.test.com at '/var/lib/puppet/ssl/ca/requests/linux2.test.com.pem'
[root@linux1 puppet]# tail -f /var/log/puppet/masterhttp.log
[2014-10-30 03:09:01] 172.31.10.220 - - [30/Oct/2014:03:09:01 EDT] "GET /production/certificate/linux2.test.com? HTTP/1.1" 200 1980
[2014-10-30 03:09:01] - -> /production/certificate/linux2.test.com?
[2014-10-30 03:09:01] 172.31.10.220 - - [30/Oct/2014:03:09:01 EDT] "GET /production/certificate_revocation_list/ca? HTTP/1.1" 200 991
[2014-10-30 03:09:01] - -> /production/certificate_revocation_list/ca?
[2014-10-30 03:09:01] 172.31.10.220 - - [30/Oct/2014:03:09:01 EDT] "GET /production/node/linux2.test.com?transaction_uuid=1816306d-94b3-4c84-b74c-1d3faad34648&fail_on_404=true HTTP/1.1" 200 85
[2014-10-30 03:09:01] - -> /production/node/linux2.test.com?transaction_uuid=1816306d-94b3-4c84-b74c-1d3faad34648&fail_on_404=true
[2014-10-30 03:09:01] 172.31.10.220 - - [30/Oct/2014:03:09:01 EDT] "GET /production/file_metadatas/pluginfacts?links=manage&recurse=true&ignore=.svn&ignore=CVS&ignore=.git&checksum_type=md5 HTTP/1.1" 200 278
[2014-10-30 03:09:01] - -> /production/file_metadatas/pluginfacts?links=manage&recurse=true&ignore=.svn&ignore=CVS&ignore=.git&checksum_type=md5
[2014-10-30 03:09:01] 172.31.10.220 - - [30/Oct/2014:03:09:01 EDT] "GET /production/file_metadatas/plugins?links=manage&recurse=true&ignore=.svn&ignore=CVS&ignore=.git&checksum_type=md5 HTTP/1.1" 200 278
[2014-10-30 03:09:01] - -> /production/file_metadatas/plugins?links=manage&recurse=true&ignore=.svn&ignore=CVS&ignore=.git&checksum_type=md5
[2014-10-30 03:09:02] 172.31.10.220 - - [30/Oct/2014:03:09:02 EDT] "POST /production/catalog/linux2.test.com HTTP/1.1" 200 576
[2014-10-30 03:09:02] - -> /production/catalog/linux2.test.com
[2014-10-30 03:09:02] 172.31.10.220 - - [30/Oct/2014:03:09:02 EDT] "PUT /production/report/linux2.test.com HTTP/1.1" 200 9
[2014-10-30 03:09:02] - -> /production/report/linux2.test.com
[root@linux1 puppet]# service puppetmaster status
Oct 30 03:02:32 linux1 puppet[10681]: Notice: Starting Puppet master version 3.7.2
Oct 30 03:09:02 linux1 puppet[10681]: Notice: Compiled catalog for linux2.test.com in environment production in 0.01 seconds
[root@linux2 puppet]# service puppet status
Oct 30 03:07:01 linux2 puppet-agent[1157]: Did not receive certificate
Oct 30 03:09:01 linux2 puppet-agent[1157]: Starting Puppet client version 3.7.2
Oct 30 03:09:02 linux2 puppet-agent[1230]: Finished catalog run in 0.01 seconds
[root@linux2 puppet]# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for linux2.test.com
Info: Applying configuration version '1414652942'
Notice: Finished catalog run in 0.01 seconds
[root@linux1 puppet]# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for linux1.test.com
Info: Applying configuration version '1414652942'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.01 seconds
======================================================================================================================================================
Install a module from the Forge
======================================================================================================================================================
[root@linux1 puppet]# puppet module list
/etc/puppet/modules (no modules installed)
/usr/share/puppet/modules (no modules installed)
[root@linux1 puppet]# puppet module search apache |grep puppetlabs
Notice: Searching https://forgeapi.puppetlabs.com ...
puppetlabs-apache Puppet module for Apache @puppetlabs apache web httpd centos rhel ubuntu ssl wsgi proxy
puppetlabs-passenger Puppet module for Passenger @puppetlabs apache passenger rails rack
[root@linux1 puppet]# puppet module install puppetlabs-apache
Notice: Preparing to install into /etc/puppet/modules ...
Notice: Downloading from https://forgeapi.puppetlabs.com ...
Notice: Installing -- do not interrupt ...
/etc/puppet/modules
└─┬ puppetlabs-apache (v1.1.1)
├── puppetlabs-concat (v1.1.2)
└── puppetlabs-stdlib (v4.3.2)
[root@linux1 puppet]# puppet module list
/etc/puppet/modules
├── puppetlabs-apache (v1.1.1)
├── puppetlabs-concat (v1.1.2)
└── puppetlabs-stdlib (v4.3.2)
/usr/share/puppet/modules (no modules installed)
[root@linux1 puppet]# ls -l /etc/puppet/modules/
total 12
drwxr-xr-x. 8 root root 4096 Jul 18 14:08 apache
drwxr-xr-x. 7 root root 4096 Oct 28 15:13 concat
drwxr-xr-x. 6 root root 4096 Jul 16 17:11 stdlib
other command
[root@linux1 puppet]# puppet module uninstall puppetlabs-apache
[root@linux1 puppet]# puppet module upgrade puppetlabs-apache --version 0.0.3
[root@linux1 puppet]# puppet module install --module_repository http://dev-forge.example.com puppetlabs-apache
[root@linux1 puppet]# puppet module install ~/puppetlabs-apache-0.10.0.tar.gz --ignore-dependencies
======================================================================================================================================================
https://docs.puppetlabs.com/