Thursday, November 3, 2016

Configure Puppet Master and Slave

In my case following are the scenarios

Puppet Master - skynet.dc
Pupper Client - moonclouds

Enable RPM for puppet on both master and slave

RHEL/CentOS 7 - rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
RHEL/CentOS 6 - rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
RHEL/CentOS 5 - rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-5.noarch.rpm

On Puppet Master, install the following

yum install puppet-server
puppet resource package puppet-server ensure=latest
/etc/init.d/puppetmaster start

On Puppet Client, install the following

yum install puppet
puppet resource package puppet ensure=latest
/etc/init.d/puppet start

On Puppet Master, add the configuration

vi /etc/puppet/puppet.conf
add these names under [master] heading

dns_alt_names = puppet, master.local, puppet.skynet.dc

service puppetmaster restart

On Puppet Slave, add the configuration

vi /etc/puppet/puppet.conf

Add master DNS name under [agent] heading. Puppet will connect to server.

[agent]
server = puppet.skynet.dc

vi /etc/default/puppet
START=yes
service puppet restart

Sign Slave Certificate on Master

[root@skynet ~]# puppet cert --list
  "moonetclouds.in.oracle.com" (SHA256) 6C:0B:24:CE:EA:F1:97:BF:89:39:FF:AB:6A:B9:AB:FF:8E:B3:EE:0D:E6:73:DD:9A:D5:05:6C:CE:24:0C:3D:DC
[root@skynet ~]#

[root@skynet ~]# puppet cert --sign moonetclouds.in.oracle.com
Notice: Signed certificate request for moonetclouds.in.oracle.com
Notice: Removing file Puppet::SSL::CertificateRequest moonetclouds.in.oracle.com at '/var/lib/puppet/ssl/ca/requests/moonetclouds.in.oracle.com.pem'
[root@skynet ~]#

Location of certificates on puppet: /var/lib/puppet/ssl/

The above preparation will help the puppet clients to communicate with master. The next you need to code your requirement as code.