** Puppet ** is an open source configuration management system for a variety of applications, from automation to update installation.
Puppet is an open source configuration management system that can be used for a wide range of purposes, from automation to update installation. Written in Ruby, it is specially designed to manage operating system settings like Unix and Windows. Thousands of physical servers and virtual servers can be centrally managed from one server for easy installation and management.
Puppet can be used in both client-server and standalone architectures. In a client-server architecture, the server is known as the master and the client is known as the agent. There are two versions of Puppet, Enterprise and Open source. Both support many Linux distributions and Windows. Puppet helps system administrators reduce the time they spend on repetitive tasks and focus on projects that deliver greater business value.
--Puppet supports Idempotency, making it easy to run the same settings multiple times on the same machine. --Eliminates the need to duplicate the tasks of everyone solving the same problem. --All tasks are written in native code and are easy to share. --You can make repeatable changes automatically. --You can add extra features by adding extensions as needed.
This guide provides steps to install and configure open source Puppet on an Ubuntu 16.04 server with an Alibaba Cloud Elastic Compute Service (ECS) instance in a client / server architecture.
--Alibaba Cloud ECS instance for Puppet Master with Ubuntu 16.04 installed. --Alibaba Cloud ECS instance for Puppet agent with Ubuntu 16.04 installed. --The puppet master has a static IP address of 192.168.0.103. --The puppet agent has a static IP address of 192.168.0.104. --Puppet Master requires a minimum of 4GB of memory and a dual core CPU. --Both instances have non-root users with sudo privileges.
Before you start, you need to configure the / etc / hosts and / etc / hostname files on the Server and agent nodes so that they can communicate with each other.
Open the / etc / hosts and / etc / hostname files on the Server node and make the following changes:
sudo nano /etc/hosts
Add the following line to the end of the file.
192.168.0.0.103 puppet-server
sudo nano /etc/hostname
Modify the file as follows:
puppet-server
Save and close the file when finished.
Open the / etc / hosts and / etc / hostname files on the Agent node and make the following changes:
sudo nano /etc/hosts
Add the following line to the end of the file.
192.168.0.0.103 puppet-server
sudo nano /etc/hostname
Modify the file as follows:
puppet-agent
Save and close when you are finished.
The Puppet server is not available in the Ubuntu 16.04 default repository. Therefore, you need to add the Puppet Lab repository to both the Master node and the Agent node.
Run the following command on each node to download and install the Puppet repository.
wget https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb
sudo dpkg -i puppetlabs-release-pc1-xenial.deb
sudo apt-get update -y
Then install the Puppet server package on the master node with the following command:
sudo apt-get install puppetserver -y
After installing the Puppet server, you need to set the memory allocation. We recommend that you customize the memory usage according to the amount of memory on the master node. This can be done by editing the / etc / default / puppetserver file.
sudo nano /etc/default/puppetserver
Change the line to fit the capacity of the server.
Change the following line.
From JAVA_ARGS =" -Xms2g -Xmx2g -XX: MaxPermSize = 256m "
Go to JAVA_ARGS =" -Xms512m -Xmx512m ".
Save and close the file and start the Puppet server with the following command so that it can be started at startup.
sudo systemctl start puppetserver
sudo systemctl enable puppetserver
You can check the status of the Puppet server with the following command.
sudo systemctl status puppetserver
If everything is fine, you should see output similar to the following:
● puppetserver.service - puppetserver Service
Loaded: loaded (/lib/systemd/system/puppetserver.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2017-10-28 18:47:26 IST; 12min ago
Process: 887 ExecStart=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver start (code=exited, status=0/SUCCESS)
Main PID: 963 (java)
CGroup: /system.slice/puppetserver.service
└─963 /usr/bin/java -Xms256m -Xmx256m -Djava.security.egd=/dev/urandom -XX:OnOutOfMemoryError=kill -9 %p -cp /opt/puppetlabs/server/
The Puppet server is now up and running. It's finally time to install the Puppet agent on the Agent node.
Before installing the Puppet agent, make sure you have the Puppet Lab repository installed on your Agent node. Then just run the following command to install the Puppet agent.
sudo apt-get install puppet-agent -y
After installing the Puppet Agent, you need to edit the puppet configuration file to set the puppet master information.
This can be done with the following command:
sudo nano /etc/puppetlabs/puppet/puppet.conf
Add the following line.
[main]
certname = puppet-agent
server = puppet-server
environment = IT
Save, close the file, and start the Puppet Agent service with the following command so that it can be started at startup.
sudo systemctl start puppet
sudo systemctl enable puppet
The first time Puppet runs the Agent node, Puppet sends a certificate signing request to the puppet server. In a client-server architecture, the Puppet Master server must approve the certificate request for each agent node in order to control the agent nodes.
On the puppet server, list all unsigned certificate requests with the following command:
sudo /opt/puppetlabs/bin/puppet cert list
You should see one request with the host name of the agent node.
"puppet-agent" (SHA256) 7C:28:E8:AF:09:23:55:19:AF:C1:EE:C3:66:F2:02:73:AD:7F:53:17:28:CE:B0:26:AE:C7:6C:67:16:05:6F:2E
Then sign the certificate request with the following command:
sudo /opt/puppetlabs/bin/puppet cert sign puppet-agent
You should see output similar to the following.
Signing Certificate Request for:
"puppet-agent" (SHA256) 7C:28:E8:AF:09:23:55:19:AF:C1:EE:C3:66:F2:02:73:AD:7F:53:17:28:CE:B0:26:AE:C7:6C:67:16:05:6F:2E
Notice: Signed certificate request for puppet-agent
Notice: Removing file Puppet::SSL::CertificateRequest puppet-agent at '/etc/puppetlabs/puppet/ssl/ca/requests/puppet-agent.pem'
The Puppet Master Server can now communicate and control the Agent node. If you want to sign a certificate request for multiple nodes at once, run the following command:
sudo /opt/puppetlabs/bin/puppet cert sign —all
After the Puppet master signs the Puppet Agent certificate, test it by running the following command on the Puppet Agent node.
sudo /opt/puppetlabs/bin/puppet agent —test
If everything is done correctly, you should see output similar to the following:
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for puppet-agent
Info: Applying configuration version '1509200872'
Notice: Applied catalog in 0.09 seconds
This completes the settings for both the Puppet Master and Agent Nodes and is now working. Let's finally verify Puppet.
To do this, create a manifest file to install the Apache web server on the Agent node. The manifest is a data file that contains the client settings. By default, the manifest file is located in /etc/puppetlabs/code/environments/production/manifests/directory.
You need to install the puppetlabs-apache module before proceeding with creating the manifest file.
On the Puppet master node, run the following command to install the puppetlabs-apache module.
sudo /opt/puppetlabs/bin/puppet module install puppetlabs-apache
You should see output similar to the following.
Notice: Preparing to install into /etc/puppetlabs/code/environments/production/modules ...
Notice: Downloading from https://forgeapi.puppet.com ...
Notice: Installing -- do not interrupt ...
/etc/puppetlabs/code/environments/production/modules
└─┬ puppetlabs-apache (v2.3.0)
├── puppetlabs-concat (v4.1.0)
└── puppetlabs-stdlib (v4.20.0)
Next, create a manifest file on the Puppet master with the following command.
sudo nano /etc/puppetlabs/code/environments/production/manifests/site.pp
Add the following line.
node 'puppet-agent' {
class { 'apache': } # use apache module
apache::vhost { 'localhost': # define vhost resource
port => '80',
docroot => '/var/www/html'
}
}
With the above configuration, Apache is installed, a virtual host called localhost is set up, listening on port 80, and having the document root / var / www / html on the Agent node.
Now, run the following command on the Agent node to get all the settings from the manifest file.
sudo /opt/puppetlabs/bin/puppet agent —test
If all goes well, you should see output similar to the following:
`` Notice: /Stage[main]/Apache/Apache::Vhost[default]/File[15-default.conf symlink]/ensure: created Info: /Stage[main]/Apache/Apache::Vhost[default]/File[15-default.conf symlink]: Scheduling refresh of Class[Apache::Service] Notice: /Stage[main]/Main/Node[puppet-agent]/Apache::Vhost[localhost]/Concat[25-localhost.conf]/File[/etc/apache2/sites-available/25-localhost.conf]/ensure: defined content as '{md5}05a8b8c6772009021086814bdf8c985e' Info: Concat[25-localhost.conf]: Scheduling refresh of Class[Apache::Service] Notice: /Stage[main]/Main/Node[puppet-agent]/Apache::Vhost[localhost]/File[25-localhost.conf symlink]/ensure: created Info: /Stage[main]/Main/Node[puppet-agent]/Apache::Vhost[localhost]/File[25-localhost.conf symlink]: Scheduling refresh of Class[Apache::Service] Info: Class[Apache::Service]: Scheduling refresh of Service[httpd] Notice: /Stage[main]/Apache::Service/Service[httpd]: Triggered 'refresh' from 1 events Notice: Applied catalog in 53.11 seconds
Congratulations. Apache is now installed and running on the Agent node.
####Conclusion
In this tutorial, you can easily install a Puppet server in your production environment and easily manage your entire IT infrastructure. For more information on Puppet, see Puppet's official documentation page. For other tutorials, see[Alibaba Cloud Getting Started](https://www.alibabacloud.com/ja/getting-started)It is also posted on the channel.
*Alibaba Cloud has two data centers in Japan and has more than 60 Availability Zones in the Asia Pacific region No..1(2019 Gartner)Is a cloud infrastructure company.
Click here for more information on Alibaba Cloud.
[Alibaba Cloud Japan Official Page](https://www.alibabacloud.com/ja)*
Recommended Posts