Puppet Multi-master
PuppetMaster Single Click Configure ON NODES Linux and Windows
In this Lab we are going to do single click configuration on Nodes likes Linux and Windows server 2012.
This Configuration is used for Install epel, clam, tomcat, Nagios, os_patching and create a user on Linux Nodes and Install chocolatey, tomcat, Nagios-client, windows update services, and create a user on windows nodes.
Install and Setup puppet server Configuration.
To enable the repository as a root user run the following commands:
# rpm -Uvh https://yum.puppet.com/puppet6/puppet6-release-el-7.noarch.rpm
You can verify, if the Puppet repo has been added successfully, using the yum repo list:
# yum repolist | grep puppet
# yum install puppetserver -y
edit: /etc/sysconfig/puppetserver with correct java memory
# Modify this if you'd like to change the memory allocation, enable JMX, etc
JAVA_ARGS="-Xms2g -Xmx2g"
Change the file for your need as 1g or 512m
Step 3: Edit the following line in the file as to where the file location
vi /etc/puppetlabs/puppet/puppet.conf
[agent]
server=puppetserver.zippyops.com
Step 4: Start the Puppet Server service:
# systemctl start puppetserver && systemctl enable puppetserver
Puppet Server configure is Ready.
PuppetDB opensource Installation
Puppet DB requires Postgres 11 or later, but Centos 7 comes with a 9.2 default. We have to add another repo to install the latest version of Postgresql 11.
we are going to install PuppetDB in another standalone machine do the following as root user run,
Install and configure PostgreSQL
Start with downloading PostgreSQL and setting it up.
Enable the PostgreSQL repo and install it on the host.
https://download.postgresql.org/pub/repos/yum/11/redhat/rhel-7-x86_64/pgdg-centos11-11-2.noarch.rpm
Install
yum install postgresql11-server postgresql11-contrib -y
Now initialize the db
# /usr/pgsql-11/bin/postgresql-11-setup initdb
Start PostrgeSQL service
systemctl start postgresql-11 && systemctl enable postgresql-11
Switch to postgress user, create user puppetdb and puppetdb database
sudo -iu postgres
createuser -DRSP puppetdb
createdb -E UTF8 -O puppetdb puppetdb
psql puppetdb -c 'create extension pg_trgm'
Edit /var/lib/pgsql/11/data/pg_hba.conf
If all went well up-till here then the next step is to install and setup PuppetDB and puppetdb-terminus.
Install puppetDB
Install and configure PuppetDB
First, start off with enabling the Repo for Puppetlabs.
# rpm -Uvh https://yum.puppet.com/puppet6/puppet6-release-el-7.noarch.rpm
Then install puppetdb
# yum -y install puppetdb
Edit /etc/puppetlabs/puppetdb/conf.d/database.ini, specify puppetdb username/password
[database]
classname = org.postgresql.Driver
subprotocol = postgresql
# The database address, i.e. //HOST:PORT/DATABASE_NAME
subname = //localhost:5432/puppetdb
# Connect as a specific user
username = puppetdb
# Use a specific password
password = puppetdb
Edit /etc/puppetlabs/puppetdb/conf.d/jetty.ini
Uncomment host = 0.0.0.0
Edit /etc/sysconfig/puppetdb and re-map memory needed for puppetdb
By Default It will look like this, Don’t change the value
JAVA_ARGS="-Xmx192m
Start puppetdb
systemctl start puppetdb && systemctl enable puppetdb
Setting Puppet server
make sure puppet DNS name is resolvable (/etc/hosts)
Edit /etc/puppetlabs/puppet/puppet.conf, add following lines
[master]
storeconfigs = true
storeconfigs_backend = puppetdb
Create /etc/puppetlabs/puppet/puppetdb.conf
[main]
server_urls = https://puppetdb.example.com:8081/
Create /etc/puppetlabs/puppet/routes.yaml
---
master:
facts:
terminus: puppetdb
cache: yaml
install puppetdb-termini and restart the puppet server
yum install puppetdb-termini -y
systemctl restart puppetserver
On puppet node run puppet -t
Login to puppetdb and verify data from the node are transferred to puppetdb
psql -h localhost puppetdb puppetdb
puppetdb=>\x
puppetdb=>select * from catalogs;
PUPPET BOARD INSTALLATION
In this following lab, we should learn How to configure puppet dashboard in puppet open source
To do we can understand puppet board is Puppet Dashboard, installing its dependencies, running and exploring puppet Dashboard
Puppet Board is a web frontend for Puppetdb
follow this link to understands puppet board configure
https://learning.oreilly.com/learning-paths/learning-path puppet/9781788996709/9781788294881-video1_3
Step 1: Install dependencies,
# yum install gcc python-devel python2-pip
Step 2: Install PuppetBoard
# pip install puppetboard
To find where puppetboard is installed to check the file directory as follws,
# ls -l /usr/lib/python2.7/site-packages/puppetboard
Step 4: install httpd service as follows,
# yum install httpd mod_wsgi -y
Step 5: create a directory as following path,
# mkdir -p /var/www/html/puppetboard
# cp /usr/lib/python2.7/site-packages/puppetboard/default_settings.py /var/www/html/puppetboard/settings.py
Step 6: Open the file and changethe values as follows,
# vi /var/www/html/puppetboard/settings.py
import os
PUPPETDB_HOST = 'puppetdb.zippyops.com'
PUPPETDB_PORT = 8081
PUPPETDB_SSL_VERIFY = '/etc/puppetlabs/puppet/ssl/certs/ca.pem'
PUPPETDB_KEY='/etc/puppetlabs/puppet/ssl/private_keys/puppetdb.zippyops.com.pem'
PUPPETDB_CERT = '/etc/puppetlabs/puppet/ssl/certs/puppetdb.zippyops.com.pem'
PUPPETDB_TIMEOUT = 20
DEFAULT_ENVIRONMENT = 'production'
SECRET_KEY = 'vkrZAu7jFn4zW+braPqjJj5nXqoTw3tM'
DEV_LISTEN_HOST = '127.0.0.1'
DEV_LISTEN_PORT = 5000
DEV_COFFEE_LOCATION = 'coffee'
UNRESPONSIVE_HOURS = 2
ENABLE_QUERY = True
LOCALISE_TIMESTAMP = True
LOGLEVEL = 'info'
NORMAL_TABLE_COUNT = 100
LITTLE_TABLE_COUNT = 10
TABLE_COUNT_SELECTOR = [10, 20, 50, 100, 500]
DISPLAYED_METRICS = ['resources.total',
'events.failure',
'events.success',
'resources.skipped',
'events.noop']
OFFLINE_MODE = False
ENABLE_CATALOG = False
OVERVIEW_FILTER = None
GRAPH_TYPE = 'pie'
GRAPH_FACTS = ['architecture',
'clientversion',
'domain',
'lsbcodename',
'lsbdistcodename',
'lsbdistid',
'lsbdistrelease',
'lsbmajdistrelease',
'netmask',
'osfamily',
'puppetversion',
'processorcount']
INVENTORY_FACTS = [('Hostname', 'fqdn'),
('IP Address', 'ipaddress'),
('OS', 'lsbdistdescription'),
('Architecture', 'hardwaremodel'),
('Kernel Version', 'kernelrelease'),
('Puppet Version', 'puppetversion'), ]
REFRESH_RATE = 30
DAILY_REPORTS_CHART_ENABLED = True
DAILY_REPORTS_CHART_DAYS = 8
Step 7: Then next open the file
# vi /var/www/html/puppetboard/wsgi.py
from __future__ import absolute_import
import os
#Needed if a settings.py file exists
os.environ['PUPPETBOARD_SETTINGS'] = '/var/www/html/puppetboard/settings.py'
from puppetboard.app import app as application
step 8: Create a File root home directory and paste it as follows
# vi key.py
import os
a = os.urandom(24)
print a.encode('base-64')
Then run a command
# python key.py
Step 9: Copy the key to this file
# vi /var/www/html/puppetboard/settings.py
SECRET_KEY = 'vkrZAu7jFn4zW+braPqjJj5nXqoTw3tM'
Step 10: change the ownership of the files
# chown -R apache:apache /var/www/html/puppetboard
# chown -R apache:apache /etc/puppetlabs/puppet/ssl
Step 10: create a apache configuaration file
# vi /etc/httpd/conf.d/puppetboard.conf
WSGIDaemonProcess puppetboard user=apache group=apache threads=5
WSGIScriptAlias / /var/www/html/puppetboard/wsgi.py
ErrorLog logs/puppetboard-error_log
CustomLog logs/puppetboard-access_log combined
Alias /static /usr/lib/python2.7/site-packages/puppetboard/static
Satisfy Any
Allow from all
WSGIProcessGroup puppetboard
WSGIApplicationGroup %{GLOBAL}
Order deny,allow
Allow from all
Next, Start apache service,
# systemctl start httpd
To check the status service is running,
# Ps -ef | grep httpd
Then Go to the Browser URL and run the IP address of the node you will see PuppetBoard is Running….
Then we have to install the following modules from Puppet Forge. Here the question mark modules are created by root.
Install Only This module from Puppet Forge as Latest Version…
puppet module install puppetlabs-ntp
puppet module install aco-tomcat
puppet module install albatrossflavour-os_patching
puppet module install puppetlabs-chocolatey
puppet module install puppetlabs-wsus_client
After Setting up Modules for Our configuration then go to the File Location
# vi /etc/puppetlabs/code/environments/production/manifests/site.pp
Here we can configure the main Manifest site. pp file whatever we configured for our Needs as the
Following Code as succuessfully Deployed On Both Linux and Windows Server-2012
# // ThisConfiguration is used for install epel, clam, tomcat, nagios, os_patching and create user on Linux Nodes.
node /server1.zippyops.com/ {
include epel
include clam
include tomcat
include nagios::client
#include os_patching
group { 'admin':
ensure => present,
}
user { 'admin':
ensure => present,
password => '482c811da5d5b4bc6d497ffa98491e38',
home => '/home/admin',
managehome => true,
gid => 'admin',
groups => 'wheel',
shell => '/bin/bash',
}
class { 'os_patching':
patch_window => 'Week3',
}
}
# // This Configuration is used for install chocolatey,tomcat,nagios-client,windows_update service and create user on windows nodes..
node /winserver2012.zippyops.com/ {
include chocolatey
package { 'avastfreeantivirus ':
ensure => 'installed',
provider => 'chocolatey',
}
user { 'test':
name => 'test',
ensure => present,
password => 'Master!@#123',
groups => ['Users','Administrators'],
managehome => true,
}
user { 'praveen':
name => 'praveen',
ensure => present,
password => 'Master!@#123',
groups => ['Users','Administrators'],
managehome => true,
}
package {'tomcat':
ensure => installed,
provider => chocolatey
}
include mymodule
package {'nscp':
ensure => installed,
provider => chocolatey,
#allowed_hosts => ['localhost','192.168.1.27']
}
class { 'wsus_client':
accept_trusted_publisher_certs => true,
auto_install_minor_updates => true,
auto_update_option => "AutoInstall",
#auto_update_option => "AutoNotify",
#auto_update_option => "Scheduled",
#scheduled_install_day => "Everyday",
#scheduled_install_hour => 13.00,
}
Recent Comments
No comments
Leave a Comment
We will be happy to hear what you think about this post