Puppet Multi-master

PuppetMaster Single Click Configure ON NODES Linux and Windows

In this Lab we are going to do single click configuration on Nodes likes Linux and Windows server 2012. 

This Configuration is used for Install epel, clam, tomcat, Nagios, os_patching and create a user on Linux Nodes and Install chocolatey, tomcat, Nagios-client, windows update services, and create a user on windows nodes.

Install and Setup puppet server Configuration. 

To enable the repository as a root user run the following commands:

#  rpm -Uvh https://yum.puppet.com/puppet6/puppet6-release-el-7.noarch.rpm

You can verify, if the Puppet repo has been added successfully, using the yum repo list:

# yum repolist | grep puppet

# yum install puppetserver -y

edit: /etc/sysconfig/puppetserver with correct java memory

# Modify this if you'd like to change the memory allocation, enable JMX, etc

 JAVA_ARGS="-Xms2g -Xmx2g"

Change the file for your need as 1g or 512m

Step 3: Edit the following line in the file as to where the file location 

vi /etc/puppetlabs/puppet/puppet.conf

 

[agent]

server=puppetserver.zippyops.com

Step 4: Start the Puppet Server service:

# systemctl start puppetserver && systemctl enable puppetserver

Puppet Server configure is Ready.

PuppetDB opensource Installation 

Puppet DB requires Postgres 11 or later, but Centos 7 comes with a 9.2 default. We have to add another repo to install the latest version of Postgresql 11.

we are going to install PuppetDB in another standalone machine do the following as root user run,

Install and configure PostgreSQL

Start with downloading PostgreSQL and setting it up.

Enable the PostgreSQL repo and install it on the host.

Install

yum install postgresql11-server postgresql11-contrib -y

Now initialize the db

# /usr/pgsql-11/bin/postgresql-11-setup initdb

Start PostrgeSQL service

systemctl start postgresql-11 && systemctl enable postgresql-11

Switch to postgress user, create user puppetdb and puppetdb database

sudo -iu postgres

createuser -DRSP puppetdb

createdb -E UTF8 -O puppetdb puppetdb

psql puppetdb -c 'create extension pg_trgm'

Edit  /var/lib/pgsql/11/data/pg_hba.conf

Untitled.png


If all went well up-till here then the next step is to install and setup PuppetDB and puppetdb-terminus.

Install puppetDB

Install and configure PuppetDB 

First, start off with enabling the Repo for Puppetlabs.

# rpm -Uvh https://yum.puppet.com/puppet6/puppet6-release-el-7.noarch.rpm

Then install puppetdb 

# yum -y install puppetdb

Edit /etc/puppetlabs/puppetdb/conf.d/database.ini, specify puppetdb username/password

[database]

classname = org.postgresql.Driver

subprotocol = postgresql

# The database address, i.e. //HOST:PORT/DATABASE_NAME

subname = //localhost:5432/puppetdb

# Connect as a specific user

username = puppetdb

# Use a specific password

password = puppetdb

Edit /etc/puppetlabs/puppetdb/conf.d/jetty.ini

Uncomment host = 0.0.0.0

Edit /etc/sysconfig/puppetdb and re-map memory needed for puppetdb

By Default It will look like this, Don’t change the value

JAVA_ARGS="-Xmx192m

Start puppetdb

systemctl start puppetdb && systemctl enable puppetdb

Setting Puppet server

make sure puppet DNS name is resolvable (/etc/hosts)

Edit /etc/puppetlabs/puppet/puppet.conf, add following lines

[master]

storeconfigs = true

storeconfigs_backend = puppetdb

Create /etc/puppetlabs/puppet/puppetdb.conf

[main]

Create /etc/puppetlabs/puppet/routes.yaml

---

master:

facts:

terminus: puppetdb

cache: yaml

install puppetdb-termini and restart the puppet server

yum install puppetdb-termini -y

systemctl restart puppetserver

On puppet node run puppet -t

Login to puppetdb and verify data from the node are transferred to puppetdb

psql -h localhost puppetdb puppetdb

puppetdb=>\x

puppetdb=>select * from catalogs;

Untitled.png


PUPPET BOARD INSTALLATION

In this following lab, we should learn How to configure puppet dashboard in puppet open source

To do we can understand puppet board is Puppet Dashboard, installing its dependencies, running and exploring puppet Dashboard

Puppet Board is a web frontend for Puppetdb

follow this link to understands puppet board configure

Step 1: Install dependencies,

 # yum install gcc python-devel python2-pip

Step 2: Install PuppetBoard

 # pip install puppetboard

To find where puppetboard is installed to check the file directory as follws,

# ls -l /usr/lib/python2.7/site-packages/puppetboard

Step 4: install httpd service as follows,

# yum install httpd mod_wsgi -y

Step 5: create a directory as following path,

# mkdir -p /var/www/html/puppetboard

# cp /usr/lib/python2.7/site-packages/puppetboard/default_settings.py /var/www/html/puppetboard/settings.py

Step 6: Open the file and changethe values as follows,

# vi /var/www/html/puppetboard/settings.py

import os

PUPPETDB_HOST = 'puppetdb.zippyops.com'

PUPPETDB_PORT = 8081

PUPPETDB_SSL_VERIFY = '/etc/puppetlabs/puppet/ssl/certs/ca.pem'

PUPPETDB_KEY='/etc/puppetlabs/puppet/ssl/private_keys/puppetdb.zippyops.com.pem'

PUPPETDB_CERT = '/etc/puppetlabs/puppet/ssl/certs/puppetdb.zippyops.com.pem'

PUPPETDB_TIMEOUT = 20

DEFAULT_ENVIRONMENT = 'production'

SECRET_KEY = 'vkrZAu7jFn4zW+braPqjJj5nXqoTw3tM'

DEV_LISTEN_HOST = '127.0.0.1'

DEV_LISTEN_PORT = 5000

DEV_COFFEE_LOCATION = 'coffee'

UNRESPONSIVE_HOURS = 2

ENABLE_QUERY = True

LOCALISE_TIMESTAMP = True

LOGLEVEL = 'info'

NORMAL_TABLE_COUNT = 100

LITTLE_TABLE_COUNT = 10

TABLE_COUNT_SELECTOR = [10, 20, 50, 100, 500]

DISPLAYED_METRICS = ['resources.total',

                     'events.failure',

                     'events.success',

                     'resources.skipped',

                     'events.noop']

OFFLINE_MODE = False

ENABLE_CATALOG = False

OVERVIEW_FILTER = None

GRAPH_TYPE = 'pie'

GRAPH_FACTS = ['architecture',

               'clientversion',

               'domain',

               'lsbcodename',

               'lsbdistcodename',

               'lsbdistid',

               'lsbdistrelease',

               'lsbmajdistrelease',

               'netmask',

               'osfamily',

               'puppetversion',

               'processorcount']

INVENTORY_FACTS = [('Hostname', 'fqdn'),

                   ('IP Address', 'ipaddress'),

                   ('OS', 'lsbdistdescription'),

                   ('Architecture', 'hardwaremodel'),

                   ('Kernel Version', 'kernelrelease'),

                   ('Puppet Version', 'puppetversion'), ]

REFRESH_RATE = 30

DAILY_REPORTS_CHART_ENABLED = True

DAILY_REPORTS_CHART_DAYS = 8

Step 7: Then next open the file

# vi /var/www/html/puppetboard/wsgi.py

from __future__ import absolute_import

import os

#Needed if a settings.py file exists

os.environ['PUPPETBOARD_SETTINGS'] = '/var/www/html/puppetboard/settings.py'

from puppetboard.app import app as application

step 8: Create a File root home directory and paste it as follows

# vi key.py

import os

a = os.urandom(24)

print a.encode('base-64')

Then run a command

# python key.py

Step 9: Copy the key to this file

# vi /var/www/html/puppetboard/settings.py

SECRET_KEY = 'vkrZAu7jFn4zW+braPqjJj5nXqoTw3tM'

Step 10: change the ownership of the files

# chown -R apache:apache /var/www/html/puppetboard

# chown -R apache:apache /etc/puppetlabs/puppet/ssl

Step 10: create a apache configuaration file

# vi /etc/httpd/conf.d/puppetboard.conf

    WSGIDaemonProcess puppetboard user=apache group=apache threads=5

    WSGIScriptAlias / /var/www/html/puppetboard/wsgi.py

    ErrorLog logs/puppetboard-error_log

    CustomLog logs/puppetboard-access_log combined

    Alias /static /usr/lib/python2.7/site-packages/puppetboard/static

         Satisfy Any

        Allow from all

        WSGIProcessGroup puppetboard

        WSGIApplicationGroup %{GLOBAL}

        Order deny,allow

        Allow from all

     

Next, Start apache service,

systemctl start httpd

To check the status service is running,

# Ps -ef | grep httpd

Then Go to the Browser URL and run the IP address of the node you will see PuppetBoard is Running….



Then we have to install the following modules from Puppet Forge. Here the question mark modules are created by root.



Install Only This module from Puppet Forge as Latest Version…

puppet module install puppetlabs-ntp 

puppet module install aco-tomcat

puppet module install albatrossflavour-os_patching

puppet module install puppetlabs-chocolatey

puppet module install puppetlabs-wsus_client

After Setting up Modules for Our configuration then go to the File Location 

# vi /etc/puppetlabs/code/environments/production/manifests/site.pp

Here we can configure the main Manifest site. pp file whatever we configured for our Needs as the 

Following Code as succuessfully Deployed On  Both Linux and Windows Server-2012

# // ThisConfiguration is used for install epel, clam, tomcat, nagios, os_patching and create user on Linux Nodes.

node /server1.zippyops.com/ {

        include epel

        include clam

        include tomcat

        include nagios::client

        #include os_patching

        group { 'admin':

                ensure => present,

                }

        user { 'admin':

                ensure     => present,

                password   => '482c811da5d5b4bc6d497ffa98491e38',

                home       => '/home/admin',

                managehome => true,

                gid        => 'admin',

                groups     => 'wheel',

                shell      => '/bin/bash',

                }

        class { 'os_patching':

                patch_window     => 'Week3',

                }

        }

 # // This Configuration is used for install chocolatey,tomcat,nagios-client,windows_update service and create user on windows nodes..

node /winserver2012.zippyops.com/ {

        include chocolatey

        package { 'avastfreeantivirus ':

                ensure => 'installed',

                provider => 'chocolatey',

                }

         user { 'test':

   name => 'test',

                ensure => present,

                password => 'Master!@#123',

                groups => ['Users','Administrators'],

                managehome => true,

                }

        user { 'praveen':

                name => 'praveen',

                ensure => present,

                password => 'Master!@#123',

                groups => ['Users','Administrators'],

                managehome => true,

                }

package {'tomcat':

                ensure => installed,

                provider => chocolatey

                }

        include mymodule

        package {'nscp':

                ensure => installed,

                provider => chocolatey,

                #allowed_hosts => ['localhost','192.168.1.27']

                }

        class { 'wsus_client':

                accept_trusted_publisher_certs => true,

                auto_install_minor_updates  => true,

                auto_update_option     => "AutoInstall",

                #auto_update_option     => "AutoNotify",

                #auto_update_option     => "Scheduled",

                #scheduled_install_day  => "Everyday",

                #scheduled_install_hour => 13.00,

                }

Recent Comments

No comments

Leave a Comment