https://www.itzgeek.com/how-tos/linux/centos-how-tos/install-and-configure-puppet-on-centos-7-rhel-7.html
ubuntu----
https://computingforgeeks.com/how-to-setup-puppet-master-and-agent-ubuntu-18-04-bionic-beaver/
https://www.youtube.com/watch?v=u9Q0Xf1G7oU
=================================
Puppet Master 192.168.0.103
================================
inet 192.168.0.103
### Diable firewall Settings
----------------------------------------------------------
sudo systemctl stop firewalld
sudo systemctl mask firewalld
sudo yum install iptables-services -y
sudo iptables -F
sudo service iptables save
[vagrant@cent7-PuppetMaster ~]$ sudo iptables -F
[vagrant@cent7-PuppetMaster ~]$ sudo service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
### Adding Repo
-------------------------
sudo rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
### Installing Puppet Server
------------------------------------
[vagrant@cent7-PuppetMaster ~]$ sudo yum -y install puppet-server
-Check conf. file creted or not : sudo cat /etc/puppet/puppet.conf
[vagrant@PuppetMaster ~]$ cat /etc/centos-release
CentOS Linux release 7.5.1804 (Core)
[vagrant@PuppetMaster ~]$ ruby -v
ruby 2.0.0p648 (2015-12-16) [x86_64-linux]
[vagrant@PuppetMaster ~]$ rpm -qa puppetserver
[vagrant@PuppetMaster ~]$
### Change host files
---------------------------
[vagrant@CentOs7 puppetmaster]$ sudo nano /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.103 puppet puppet.smlcodes.com
[vagrant@CentOs7 puppetmaster]$ sudo nano /etc/puppet/puppet.conf
[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
dns_alt_names = puppet,puppet.smlcodes.com
certname = puppet
### Start Pupper Server
--------------------------
[vagrant@PuppetMaster ~]$ sudo service puppetmaster start
Redirecting to /bin/systemctl start puppetmaster.service
[vagrant@PuppetMaster ~]$ systemctl status puppetmaster
● puppetmaster.service - Puppet master
Loaded: loaded (/usr/lib/systemd/system/puppetmaster.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2018-09-29 10:03:55 UTC; 6min ago
Main PID: 3352 (puppet)
CGroup: /system.slice/puppetmaster.service
└─3352 /usr/bin/ruby /usr/bin/puppet master --no-daemonize
[vagrant@PuppetMaster ~]$
### Accept & Sign Certificates from AGENTS
-------------------------------------------
-- Stop master first
[vagrant@PuppetMaster puppet]$ sudo service puppetmaster stop
Redirecting to /bin/systemctl stop puppetmaster.service
-Create CA Crtificate, Master certificate By
sudo -u puppet puppet master --verbose --no-daemonize --verbose
[vagrant@PuppetMaster puppet]$ sudo -u puppet puppet master --verbose --no-daemonize --verbose
Info: Creating a new SSL key for ca
Info: Creating a new SSL certificate request for ca
Info: Certificate Request fingerprint (SHA256): 27:3B:D1:C7:47:16:32:79:90:D0:4E:59:37:C0:F7:38:51:42:1A:3E:4E:A7:85:2F:45:0F:5C:39:90:4B:54:98
Notice: Signed certificate request for ca
Info: Creating a new certificate revocation list
Info: Creating a new SSL key for puppetmaster
Info: csr_attributes file loading from /var/lib/puppet/.puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for puppetmaster
Info: Certificate Request fingerprint (SHA256): A0:D3:F1:1C:E9:B6:59:E3:7C:0F:7E:7F:70:80:9D:EB:F4:4C:84:54:4F:4A:AE:AC:DC:E4:D0:09:CB:0E:8D:53
Notice: puppetmaster has a waiting certificate request
Notice: Signed certificate request for puppetmaster
Notice: Removing file Puppet::SSL::CertificateRequest puppetmaster at '/var/lib/puppet/.puppet/ssl/ca/requests/puppetmaster.pem'
Notice: Removing file Puppet::SSL::CertificateRequest puppetmaster at '/var/lib/puppet/.puppet/ssl/certificate_requests/puppetmaster.pem'
Notice: Starting Puppet master version 3.8.7
-Start Puppet Master by
puppet resource service puppetmaster ensure=running
[vagrant@PuppetMaster puppet]$ sudo puppet resource service puppetmaster ensure=running
Notice: /Service[puppetmaster]/ensure: ensure changed 'stopped' to 'running'
service { 'puppetmaster':
ensure => 'running',
}
-- Check status
[vagrant@PuppetMaster puppet]$ service puppetmaster status
Redirecting to /bin/systemctl status puppetmaster.service
● puppetmaster.service - Puppet master
Loaded: loaded (/usr/lib/systemd/system/puppetmaster.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2018-09-29 11:22:56 UTC; 36s ago
Main PID: 4512 (puppet)
CGroup: /system.slice/puppetmaster.service
└─4512 /usr/bin/ruby /usr/bin/puppet master --no-daemonize
================================
Puppet Agent - 192.168.0.102
================================
inet 192.168.0.102
### Diable firewall Settings
----------------------------------------------------------
sudo systemctl stop firewalld
sudo systemctl mask firewalld
sudo yum install iptables-services -y
sudo iptables -F
sudo service iptables save
[vagrant@cent7-PuppetMaster ~]$ sudo iptables -F
[vagrant@cent7-PuppetMaster ~]$ sudo service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
### Adding Repo
-------------------------
sudo rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
### Install Puppet Agent
--------------------------
[vagrant@CentOS7-Agent ~]$ sudo yum -y install puppet
--Check conf. file creted or not : sudo cat /etc/puppet/puppet.conf
### Change PuppetAgent Host name
---------------------------------
[vagrant@CentOs7 agent]$ sudo nano /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.102 puppetagent
192.168.0.103 puppet puppet.smlcodes.com
Go to sudo nano /etc/puppetlabs/puppet/puppet.conf add certname,server host
[main]
certname = puppetagent
server = puppet.smlcodes.com
### start agent
---------
[vagrant@CentOS7-Agent ~]$ sudo service puppet start
Redirecting to /bin/systemctl start puppet.service
[vagrant@CentOS7-Agent ~]$
check status
[Agent ~]$ sudo /opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true
### Send Certificate Sign Reqst to Master
-- stop agent
[vagrant@CentOS7-Agent ~]$ sudo service puppet stop
Redirecting to /bin/systemctl stop puppet.service
sudo /opt/puppetlabs/bin/puppet resource service puppet ensure=stopped enable=true
-- Generate Certificate Signing req. for master
[vagrant@CentOS7-Agent ~]$ puppet agent -t
Info: Creating a new SSL key for centos7-agent
Error: Could not request certificate: Failed to open TCP connection to puppet:8140 (No route to host - connect(2) for "puppet" port 8140)
Exiting; failed to retrieve certificate and waitforcert is disabled[vagrant@CentOS7-Agent ~]$
puppet agent -t
Warning: Downgrading to PSON for future requests
Error: Could not request certificate: Error 400 on SERVER: The environment must be purely alphanumeric, not 'puppet-ca'
Exiting; failed to retrieve certificate and waitforcert is disabled
ubuntu----
https://computingforgeeks.com/how-to-setup-puppet-master-and-agent-ubuntu-18-04-bionic-beaver/
https://www.youtube.com/watch?v=u9Q0Xf1G7oU
=================================
Puppet Master 192.168.0.103
================================
inet 192.168.0.103
### Diable firewall Settings
----------------------------------------------------------
sudo systemctl stop firewalld
sudo systemctl mask firewalld
sudo yum install iptables-services -y
sudo iptables -F
sudo service iptables save
[vagrant@cent7-PuppetMaster ~]$ sudo iptables -F
[vagrant@cent7-PuppetMaster ~]$ sudo service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
### Adding Repo
-------------------------
sudo rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
### Installing Puppet Server
------------------------------------
[vagrant@cent7-PuppetMaster ~]$ sudo yum -y install puppet-server
-Check conf. file creted or not : sudo cat /etc/puppet/puppet.conf
[vagrant@PuppetMaster ~]$ cat /etc/centos-release
CentOS Linux release 7.5.1804 (Core)
[vagrant@PuppetMaster ~]$ ruby -v
ruby 2.0.0p648 (2015-12-16) [x86_64-linux]
[vagrant@PuppetMaster ~]$ rpm -qa puppetserver
[vagrant@PuppetMaster ~]$
### Change host files
---------------------------
[vagrant@CentOs7 puppetmaster]$ sudo nano /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.103 puppet puppet.smlcodes.com
[vagrant@CentOs7 puppetmaster]$ sudo nano /etc/puppet/puppet.conf
[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
dns_alt_names = puppet,puppet.smlcodes.com
certname = puppet
### Start Pupper Server
--------------------------
[vagrant@PuppetMaster ~]$ sudo service puppetmaster start
Redirecting to /bin/systemctl start puppetmaster.service
[vagrant@PuppetMaster ~]$ systemctl status puppetmaster
● puppetmaster.service - Puppet master
Loaded: loaded (/usr/lib/systemd/system/puppetmaster.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2018-09-29 10:03:55 UTC; 6min ago
Main PID: 3352 (puppet)
CGroup: /system.slice/puppetmaster.service
└─3352 /usr/bin/ruby /usr/bin/puppet master --no-daemonize
[vagrant@PuppetMaster ~]$
### Accept & Sign Certificates from AGENTS
-------------------------------------------
-- Stop master first
[vagrant@PuppetMaster puppet]$ sudo service puppetmaster stop
Redirecting to /bin/systemctl stop puppetmaster.service
-Create CA Crtificate, Master certificate By
sudo -u puppet puppet master --verbose --no-daemonize --verbose
[vagrant@PuppetMaster puppet]$ sudo -u puppet puppet master --verbose --no-daemonize --verbose
Info: Creating a new SSL key for ca
Info: Creating a new SSL certificate request for ca
Info: Certificate Request fingerprint (SHA256): 27:3B:D1:C7:47:16:32:79:90:D0:4E:59:37:C0:F7:38:51:42:1A:3E:4E:A7:85:2F:45:0F:5C:39:90:4B:54:98
Notice: Signed certificate request for ca
Info: Creating a new certificate revocation list
Info: Creating a new SSL key for puppetmaster
Info: csr_attributes file loading from /var/lib/puppet/.puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for puppetmaster
Info: Certificate Request fingerprint (SHA256): A0:D3:F1:1C:E9:B6:59:E3:7C:0F:7E:7F:70:80:9D:EB:F4:4C:84:54:4F:4A:AE:AC:DC:E4:D0:09:CB:0E:8D:53
Notice: puppetmaster has a waiting certificate request
Notice: Signed certificate request for puppetmaster
Notice: Removing file Puppet::SSL::CertificateRequest puppetmaster at '/var/lib/puppet/.puppet/ssl/ca/requests/puppetmaster.pem'
Notice: Removing file Puppet::SSL::CertificateRequest puppetmaster at '/var/lib/puppet/.puppet/ssl/certificate_requests/puppetmaster.pem'
Notice: Starting Puppet master version 3.8.7
-Start Puppet Master by
puppet resource service puppetmaster ensure=running
[vagrant@PuppetMaster puppet]$ sudo puppet resource service puppetmaster ensure=running
Notice: /Service[puppetmaster]/ensure: ensure changed 'stopped' to 'running'
service { 'puppetmaster':
ensure => 'running',
}
-- Check status
[vagrant@PuppetMaster puppet]$ service puppetmaster status
Redirecting to /bin/systemctl status puppetmaster.service
● puppetmaster.service - Puppet master
Loaded: loaded (/usr/lib/systemd/system/puppetmaster.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2018-09-29 11:22:56 UTC; 36s ago
Main PID: 4512 (puppet)
CGroup: /system.slice/puppetmaster.service
└─4512 /usr/bin/ruby /usr/bin/puppet master --no-daemonize
================================
Puppet Agent - 192.168.0.102
================================
inet 192.168.0.102
### Diable firewall Settings
----------------------------------------------------------
sudo systemctl stop firewalld
sudo systemctl mask firewalld
sudo yum install iptables-services -y
sudo iptables -F
sudo service iptables save
[vagrant@cent7-PuppetMaster ~]$ sudo iptables -F
[vagrant@cent7-PuppetMaster ~]$ sudo service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
### Adding Repo
-------------------------
sudo rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
### Install Puppet Agent
--------------------------
[vagrant@CentOS7-Agent ~]$ sudo yum -y install puppet
--Check conf. file creted or not : sudo cat /etc/puppet/puppet.conf
### Change PuppetAgent Host name
---------------------------------
[vagrant@CentOs7 agent]$ sudo nano /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.102 puppetagent
192.168.0.103 puppet puppet.smlcodes.com
Go to sudo nano /etc/puppetlabs/puppet/puppet.conf add certname,server host
[main]
certname = puppetagent
server = puppet.smlcodes.com
### start agent
---------
[vagrant@CentOS7-Agent ~]$ sudo service puppet start
Redirecting to /bin/systemctl start puppet.service
[vagrant@CentOS7-Agent ~]$
check status
[Agent ~]$ sudo /opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true
### Send Certificate Sign Reqst to Master
-- stop agent
[vagrant@CentOS7-Agent ~]$ sudo service puppet stop
Redirecting to /bin/systemctl stop puppet.service
sudo /opt/puppetlabs/bin/puppet resource service puppet ensure=stopped enable=true
-- Generate Certificate Signing req. for master
[vagrant@CentOS7-Agent ~]$ puppet agent -t
Info: Creating a new SSL key for centos7-agent
Error: Could not request certificate: Failed to open TCP connection to puppet:8140 (No route to host - connect(2) for "puppet" port 8140)
Exiting; failed to retrieve certificate and waitforcert is disabled[vagrant@CentOS7-Agent ~]$
puppet agent -t
Warning: Downgrading to PSON for future requests
Error: Could not request certificate: Error 400 on SERVER: The environment must be purely alphanumeric, not 'puppet-ca'
Exiting; failed to retrieve certificate and waitforcert is disabled
0 Comments
Post a Comment