Install and Configure Puppet on Ubuntu 14
How to install Puppet master and client in Ubuntu 14.04
need atleast two systems to configure PuppetServer and PuppetClient
Step 1) Preliminary Configuuration
Add host entries to host file in PuppetMaster and PuppetClient
Both Server and Desktop must have time sync, Install and confgiure ntp service on both the server and client.
step 2) Puppet master installation at Ubuntu Server 14.04
To install Puppet master we will the latest repository and install the Puppet as follows:
cd /tmp
wget https://apt.puppetlabs.com/puppetlabs...
dpkg -i puppetlabs-release-trusty.deb
apt-get update
apt-get install puppetmaster
Check the puppet version as:
puppet --version
We have puppet version as 3.8 Now we need to lock the puppet version update as this will hamper the configurations while updating the puppet.
It will be done by editing the file as follows:
vim /etc/apt/preferences.d/00-puppet.pref
Add the entries in the newly created file as:
/etc/apt/preferences.d/00-puppet.pref
Package: puppet puppet-common puppetmaster-passenger
Pin: version 3.8*
Pin-Priority: 501
Next we will change the configuration file as follows:
nano /etc/puppet/puppet.conf
[main]
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
#templatedir=$confdir/templates
[master]
These are needed when the puppetmaster is run by passenger
and can safely be removed if webrick is used.
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
Just comment the line templatedir=$confdir/templates and save the file.
Now we will stop and then start the services:
service puppetmaster stop
service puppetmaster start
step 3) Puppet client installation at Ubuntu Desktop 14.04
Your client must be configured for the /etc/hosts
Next we will install Puppet as follows:
cd /tmp
wget https://apt.puppetlabs.com/puppetlabs...
dpkg -i puppetlabs-release-trusty.deb
apt-get update
apt-get install puppet
Check the puppet version as:
puppet -V
Now we need to lock the puppet version update as this will hamper the configurations while updating the puppet.
vim /etc/apt/preferences.d/00-puppet.pref
Add the entries in the newly created file as:
/etc/apt/preferences.d/00-puppet.pref
Package: puppet puppet-common puppetmaster-passenger
Pin: version 3.8*
Pin-Priority: 501
Next we will change the configuration file as follows:
nano /etc/puppet/puppet.conf
[main]
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
#templatedir=$confdir/templates
#[master]
These are needed when the puppetmaster is run by passenger
and can safely be removed if webrick is used.
#ssl_client_header = SSL_CLIENT_S_DN
#ssl_client_verify_header = SSL_CLIENT_VERIFY
[agent]
server = puppetserver
Just comment the lines as mentioned above and add the agent entries and save the file.
Next we need to edit the file vi /etc/default/puppet and make changes from no to yes as show below:
nano /etc/default/puppet
[...]
START=yes
[...]
Now we are ready to start the puppet service, it will be done as follows:
service puppet start
Now our client machine is ready to communicate with Puppet Master server.
step 4 Cert exchange from Puppet master to puppet client
To view such cert request run the command at Puppet Master Ubuntu server.
puppet cert list
Now the puppet master server must sign the cert requested from puppet client. It can be done as follows:
puppet cert sign puppetclient
We can check the sign certificates with command as well:
puppet cert list -all
root@puppetserver:~# puppet cert list -all
"puppetclient" (SHA256) 7A:B7:CE:C4:A0:05:99:E7:E2:53:AD:D2:7F:6E:B5:38:CA:87:E0:8D:C7:0E:71:89:82:E1:17:FA:9D:B1:01:6D
"puppetserver.puppetserver" (SHA256) FF:E2:49:B9:2F:B4:D1:79:21:E9:1A:83:22:FA:DB:E8:5D:9B:9A:1C:E1:4D:83:B9:16:9D:FD:8B:72:FD:62:5F (alt names: "DNS:puppet", "DNS:puppet.puppetserver", "DNS:server1.puppetserver")
root@puppetserver:~#
The above + sign in the output shows successful certificate signing at Puppet master Ubuntu Server.
To view the client cert fingerprint at Puppet Client Ubuntu desktop, run:
puppet agent --fingerprint
Similarly we can add any number of clients with Puppet master Ubuntu Server and sign the cert requests from the clients. If for any administrative requiremnet you wish to to revoke the certs from the Puppet master Ubuntu Server we can run:
puppet cert clean puppetclient
To be sure the certificates are completely removed on the Puppet Master Ubuntu server I explicitly cleaned them again
puppet cert -c
![PlayerUnknown’s Battlegrounds. Питничный стрим [1440]](https://images.videosashka.com/watch/RGqikbXTuH4)
