Tag: puppet

Overview

– puppet-master (ubuntu 16.04)
– db1 (ubuntu 16.04)

Setup puppet master

On master server, do the following steps:
Add puppet host in /etc/hosts

$ vim /etc/hosts
ip-private puppet-master

Install puppet master:

$ wget https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb
$ sudo dpkg -i puppetlabs-release-pc1-xenial.deb
$ sudo apt-get update -y
$ sudo apt-get install puppetserver -y

Change memory allocation:

open /etc/default/puppetserver, change the JAVA_ARGS to:

JAVA_ARGS="-Xms512m -Xmx512m"

Set puppet master hostname:

open/etc/puppetlabs/puppet/puppet.conf, and add the following lines at the bottom of the file:

....
[main]
certname = puppet-master
server = puppet-master
environment = production

Open port 8140:

$ sudo ufw allow 8140

Start the service, and enable to run on boot:

$ sudo systemctl start puppetserver
$ sudo systemctl enable puppetserver

Setup puppet agent

Add puppet-master host in /etc/hosts

$ vim /etc/hosts
ip-private puppet-master

Install puppet agent

$ wget https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb
$ sudo dpkg -i puppetlabs-release-pc1-xenial.deb
$ sudo apt-get update
$ sudo apt-get install puppet-agent

Add configuration for puppet agent:

$ vim /etc/puppetlabs/puppet/puppet.conf
[main]
certname = db1
server = puppet-master
environment = production

Start the service, and enable  to run on boot:

$ sudo systemctl start puppet
$ sudo systemctl enable puppet

Sign the puppet agent certificate on puppet master

$ sudo /opt/puppetlabs/bin/puppet cert list
"db1" (SHA256) 7C:28:E8:AF:09:23:55:19:AF:C1:EE:C3:66:F2:02:73:AD:7F:53:17:28:CE:B0:26:AE:C7:6C:67:16:05:6F:2E

Sign the incoming certificate from specific hostname (db1):

$ sudo /opt/puppetlabs/bin/puppet cert sign db1

or if you prefer to sign all certificates at once, use this command:

$ sudo /opt/puppetlabs/bin/puppet cert sign --all

Test the connection:

$ sudo /opt/puppetlabs/bin/puppet agent --test