Getting started with Puppet Enterprise

It all starts with a request for ‘a couple’ of Linux server to be set up, which is duly built manually and managed individually. Pretty soon you get a request for some more servers and before long you find that you have a sprawling estate of servers that have to be looked after. It’s fair enough to manage a few servers manually, but image you have fifty servers, or five thousand servers?

The solution? A configuration management tool like Puppet or Chef which can be used to provision, configure and manage the servers *and* the applications on the servers.

In this post we are simply going to set up a Puppet Enterprise 2.6.1 puppet master and two nodes, i.e. two servers that will be managed by Puppet, all running on Ubuntu 12.04 LTS. Having a lab like this set up is an excellent environment for learning how Puppet works, and you can deploy up to 10 nodes without having to splash out for licensing. You will of course set this up in your non-production lab, right?

Puppet Master: ltdvsppm01
Puppet Node 1: ltdvsppc01
Puppet Node 2: ltdvsppc02

Note, if you don’t want to build your own, you can download the Learning Puppet VM which you can run in i.e. Virtualbox.

Build the puppet master

Set up a Ubuntu 12.04 LTS server, including OpenSSH and set up a static IP address.

Then we install MySQL and Apache2, and set a root password for MySQL when prompted:

$ sudo apt-get -y install mysql-server mysql-client apache2

Next, download the Puppet installer package: http://info.puppetlabs.com/download-pe2.html

Unpack the bad boy:

$ tar zxvf puppet-enterprise-2.6.1-ubuntu-12.04-amd64.tar.gz

Now we have the extracted files here:

$ ls -lh
total 74M
drwxrwxr-x 7 bbadmin bbadmin 4.0K Oct 19 11:38 puppet-enterprise-2.6.1-ubuntu-12.04-amd64
-rw-rw-r-- 1 bbadmin bbadmin  74M Oct 19 11:32 puppet-enterprise-2.6.1-ubuntu-12.04-amd64.tar.gz

Execute the installer script.

$ sudo ~/puppet-enterprise-2.6.1-ubuntu-12.04-amd64/puppet-enterprise-installer

Here’s a run through the important bits of the installation of a puppet master. To make the installation as easy as possible the most likely/expected answer to any prompt is in uppercase, in which case you can just hit return to carry on.

Our hostname for the puppet master is ltdvsppm01. It is strongly recommended that you ensure that a correct DNS record exists for this server, and it is further recommended that you set up a DNS entry pointing the name ‘puppet’ to the IP address on this puppet master.

STEP 1: SELECT AND CONFIGURE ROLES</p>
<p>...
Puppet Enterprise v2.6.1 installer
...
?? Install puppet master? [y/N] Y</p>
<p>?? Install the cloud provisioner? [y/N] Y</p>
<p>?? Install the console? [Y/n] Y</p>
<p>?? The puppet master's certificate will contain a unique name ("certname"); this should be the main DNS name at which it can be reliably reached. Puppet master's certname? [Default: ltdvsppm01]</p>
<p>?? The puppet master's certificate can contain DNS aliases; agent nodes will only trust the master if they reach it at its certname or one of these official aliases. Puppet master's DNS aliases (comma-separated list)? [Default: ltdvsppm01,puppet]</p>
<p>?? Admin email address (will be used as account name) for accessing the console interface?</p>
<p>?? Password for user user@domain.co.uk (minimum 8 characters)?</p>
<p>?? What is the name of your SMTP server?</p>
<p>The console requires a MySQL database and a user account able to edit it.
?? Is your existing MySQL server running on a remote host? [y/N] N</p>
<p>?? The console requires a database user with all privileges on both the console and inventory service databases as well as an auth user with its own database. Create the users and databases automatically? [Y/n] Y</p>
<p>?? To set up the console users and databases, the root MySQL password is required. What password does the 'root' user have on the database server?</p>
<p>-> Vendor Packages</p>
<p>   The installer has detected that Puppet Enterprise requires additional packages from your operating system vendor's repositories, and can automatically install them. If you choose not to install these packages automatically, the installer will exit so you can install them manually.</p>
<p>   Additional vendor packages required for installation:
   * libreadline5
   * libxslt1.1
   * openjdk-6-jre-headless</p>
<p>?? Install these packages automatically? [Y/n] Y</p>
<p>?? Create symbolic links to Puppet executables in "/usr/local/bin"? [Y/n] Y

STEP 2: CONFIRM PLAN</p>
<p>You have selected to install the following components (and their dependencies)
* Puppet Master
* Console
* Cloud Provisioner
* Puppet Agent</p>
<p>?? Perform installation? [Y/n] Y

Then it will crack on:

STEP 3: INSTALL PACKAGES</p>
<p>## Installing packages from repositories...
...
## Setting up puppet master...
## Checking the agent certificate name detection...
## Setting up puppet agent...
## Setting up the console...
...
## Starting http server for puppet master and console.

And finally:

STEP 4: DONE</p>
<p>Thanks for installing Puppet Enterprise!
   Puppet Enterprise has been installed to "/opt/puppet," and its configuration files are located in "/etc/puppetlabs".
## Answers from this session saved to '/home/bbadmin/puppet-enterprise-2.6.1-ubuntu-12.04-amd64/answers.lastrun.ltdvsppm01'
## In addition, auto-generated database users and passwords, including the ROOT MySQL password, have been saved to "/etc/puppetlabs/installer/database_info.install"
   !!! WARNING: Do not discard these files! All auto-generated database users and passwords, including the ROOT Mysql password, have been  saved in them.
========================================================================</p>
<p>The console can be reached at the following URI:
 *  https://ltdvsppm01:443

Point your browser to the console and check if it’s working as expected:

Puppet Master console login

Puppet node/client install

The same installation package as we have used for setting up the puppet master is used to install the agent on a Puppet node.

Our first node is going to be a Ubuntu 12.04 x64 server with hostname ltdvsppc01.

Begin by extracting the installer tarball:

$ tar zxvf puppet-enterprise-2.6.1-ubuntu-12.04-amd64.tar.gz

Start the installation script:

$ sudo ~/puppet-enterprise-2.6.1-ubuntu-12.04-amd64/puppet-enterprise-installer

STEP 1: SELECT AND CONFIGURE ROLES</p>
<p>?? Install puppet master? [y/N] n</p>
<p>?? Install the cloud provisioner? [y/N] n</p>
<p>?? Install the console? [y/N] n</p>
<p>?? Install puppet agent? [Y/n] y</p>
<p>?? Puppet agent needs a unique name ("certname") for its certificate; this can be an arbitrary string. Certname for this node? [Default: ltdvsppc01]</p>
<p>?? Puppet master hostname to connect to? [Default: puppet] ltdvsppm01</p>
<p>-> Vendor Packages</p>
<p>   The installer has detected that Puppet Enterprise requires additional packages from your operating system vendor's repositories, and can automatically install them. If you choose not to install these packages automatically, the installer will exit so you can install them manually.</p>
<p>   Additional vendor packages required for installation:
   * libreadline5</p>
<p>?? Install these packages automatically? [Y/n] Y</p>
<p>?? Create symbolic links to Puppet executables in "/usr/local/bin"? [Y/n] Y</p>
<p>STEP 2: CONFIRM PLAN</p>
<p>You have selected to install the following components (and their dependencies)
* Puppet Agent</p>
<p>?? Perform installation? [Y/n] Y</p>
<p>...</p>
<p>STEP 4: DONE</p>
<p>Thanks for installing Puppet Enterprise!
   Puppet Enterprise has been installed to "/opt/puppet," and its configuration files are located in "/etc/puppetlabs".
## Answers from this session saved to '/home/bbadmin/puppet-enterprise-2.6.1-ubuntu-12.04-amd64/answers.lastrun.ltdvsppc01'</p>
<p>=================================================================</p>
<p>   If you have a firewall running, please ensure outbound connections to ltdvsppm01 are allowed via the following TCP ports: 8140, 61613</p>
<p>

Build a second node, but quicker this time

Now let us set up a second node. Thanks to Puppet assuming that we are already starting to be keen on automating tasks it has kindly created an answer file that we can use for setting up the second node. The answer file referred to at the end of the first node’s installation can be used for setting up the next node. It only requires one change, which is the unique name for the certificate name (which we check out next).

Copy the answer file to the second node so that we can set it up. The second node is another Ubuntu 12.04 server called ltdvsppc02.

$ scp ~/puppet-enterprise-2.6.1-ubuntu-12.04-amd64/answers.lastrun.ltdvsppc01 bbadmin@ltdvsppc02:~/answers.lastrun.generic

Now edit the answer file and add a variable to the certname line. That will enable us to use this answer file on any machine as the script will use the hostname of the machine it runs on.

$ vi answers.lastrun.generic

q_puppetagent_certname=$(hostname -f)

Now we can use the answer file to automate the node installation:

$ sudo ./puppet-enterprise-installer -a ~/answers.lastrun.generic

– Installation with the -a option will fail if any required variables are not set. — Installation with the -A option will prompt you for any missing answers.

Node certificate signing

Now that the puppet master and the two nodes have been set up we need to sign the certificates of the nodes so that the master can manage the nodes.

On the puppetmaster, check the list of certificates waiting to be signed:

$ sudo puppet cert list
[sudo] password for bbadmin:
  "ltdvsppc01" (93:D8:A9:FD:72:0C:F5:AB:EF:D6:F6:EF:92:12:CF:36)
  "ltdvsppc02" (55:D0:D3:92:9F:AD:66:C1:4C:DB:63:5A:E5:D6:0E:46)

Now we can sign the certs for the two nodes:

$ sudo puppet cert sign ltdvsppc01
notice: Signed certificate request for ltdvsppc01
notice: Removing file Puppet::SSL::CertificateRequest ltdvsppc01 at '/etc/puppetlabs/puppet/ssl/ca/requests/ltdvsppc01.pem'</p>
<p>$ sudo puppet cert sign ltdvsppc02
notice: Signed certificate request for ltdvsppc02
notice: Removing file Puppet::SSL::CertificateRequest ltdvsppc02 at '/etc/puppetlabs/puppet/ssl/ca/requests/ltdvsppc02.pem'

Now log into the console on the master and you will see the available nodes:

The Puppet Enterprise console

In my next post we will take a look at the amazing things that you can do with Puppet now that we have the installation set up.

Be Sociable, Share!

No related posts.