Overview
– puppet-master (ubuntu 16.04)
– db1 (ubuntu 16.04)
Setup puppet master
On master server, do the following steps:
Add puppet host in /etc/hosts
$ vim /etc/hosts ip-private puppet-master
Install puppet master:
$ wget https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb $ sudo dpkg -i puppetlabs-release-pc1-xenial.deb $ sudo apt-get update -y $ sudo apt-get install puppetserver -y
Change memory allocation:
open /etc/default/puppetserver, change the JAVA_ARGS to:
JAVA_ARGS="-Xms512m -Xmx512m"
Set puppet master hostname:
open/etc/puppetlabs/puppet/puppet.conf, and add the following lines at the bottom of the file:
.... [main] certname = puppet-master server = puppet-master environment = production
Open port 8140:
$ sudo ufw allow 8140
Start the service, and enable to run on boot:
$ sudo systemctl start puppetserver $ sudo systemctl enable puppetserver
Setup puppet agent
Add puppet-master host in /etc/hosts
$ vim /etc/hosts ip-private puppet-master
Install puppet agent
$ wget https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb $ sudo dpkg -i puppetlabs-release-pc1-xenial.deb $ sudo apt-get update $ sudo apt-get install puppet-agent
Add configuration for puppet agent:
$ vim /etc/puppetlabs/puppet/puppet.conf [main] certname = db1 server = puppet-master environment = production
Start the service, and enableĀ to run on boot:
$ sudo systemctl start puppet $ sudo systemctl enable puppet
Sign the puppet agent certificate on puppet master
$ sudo /opt/puppetlabs/bin/puppet cert list "db1" (SHA256) 7C:28:E8:AF:09:23:55:19:AF:C1:EE:C3:66:F2:02:73:AD:7F:53:17:28:CE:B0:26:AE:C7:6C:67:16:05:6F:2E
Sign the incoming certificate from specific hostname (db1):
$ sudo /opt/puppetlabs/bin/puppet cert sign db1
or if you prefer to sign all certificates at once, use this command:
$ sudo /opt/puppetlabs/bin/puppet cert sign --all
Test the connection:
$ sudo /opt/puppetlabs/bin/puppet agent --test