Puppet Enterprise How to

Posted on Posted in linux, Nagios, Puppet

Hello Sysadmin colleagues, recently I read an article about how install and configure Nagios with Puppet. If somebody don’t know what is Puppet the official documentation said:

Description

Puppet is IT automation software that helps system administrators manage infrastructure throughout its lifecycle, from provisioning and configuration to patch management and compliance. Using Puppet, you can easily automate repetitive tasks, quickly deploy critical applications, and proactively manage change, scaling from 10s of servers to 1000s, on-premise or in the cloud.

How Puppet Works

Puppet uses a declarative, model-based approach to IT automation.

  1. Define the desired state of the infrastructure’s configuration using Puppet’s declarative configuration language.
  2. Simulate configuration changes before enforcing them.
  3. Enforce the deployed desired state automatically, correcting any configuration drift.
  4. Report on the differences between actual and desired states and any changes made enforcing the desired state.

Define Reusable Configuration Modules

To define your infrastructure’s desired state, you can select from over 300 pre-built, freely downloadable configuration modules in the Puppet Forge, Puppet Labs’ online marketplace. Alternatively, if you have special requirements you can build a custom module using Puppet’s configuration language. Once defined, you can reuse these configurations across physical, virtual, and cloud environments as well as across operating systems. Moreover, you can combine configuration modules to create complete application configuration stacks that share common configurations.

Enforce Desired State

After you deploy your configuration modules, the Puppet Agent on each node communicates regularly with the Puppet Master server to automatically enforce the desired states of the nodes.

  1. The Puppet Agent on the node sends Facts, or data about its state, to the Puppet Master server.
  2. Using the Facts, the Puppet Master server compiles a Catalog, or detailed data about how the node should be configured, and sends this back to the Puppet Agent.
  3. After making any changes to return to the desired state (or, in “no-op mode,” simply simulating these changes), the Puppet Agent sends a complete Report back to the Puppet Master.
  4. The Reports are fully accessible via open APIs for integration with other IT systems.

Enterprise VS Open Source

Installation

Like I said in this post I’ll explain how install Puppet Enterprise Master (Server) and Agent (Client):

Master installation

Be sure that you have installed Mysql Server in your local master server or in a remote host, puppet master will need it.

Download the package from it, will need to register an account to download the package, after it install puppet:

tar xvfz puppet-enterprise-2.5.3-el-5-x86_64.tar.gz
cd puppet-enterprise-2.5.3-el-5-x86_64
./puppet-enterprise-installer

And the installation start:

=============================================================================================================================================================================================================================================

Puppet Enterprise v2.5.3 installer

Puppet Enterprise documentation can be found at http://links.puppetlabs.com/puppet_enterprise_2.5_documentation

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

STEP 1: SELECT AND CONFIGURE ROLES

   This installer will offer to install the puppet master, console, cloud provisioner, and puppet agent roles.

-> puppet master

   The puppet master serves configurations to a group of puppet agent nodes. This role also provides MCollective's message queue and client interface. It should be installed on a robust, dedicated server.

?? Install puppet master? [y/N] y

-> cloud provisioner

   The cloud provisioner can create and bootstrap new machine instances and add them to your Puppet infrastructure. It should be installed on a trusted node where site administrators have shell access.

?? Install the cloud provisioner? [y/N] y

-> console

   The console is a web interface for viewing reports, classifying nodes, directly managing resources, controlling Puppet runs, and invoking MCollective agents. It should usually be installed on the puppet master server, but can also
   installed separately.

?? Install the console? [Y/n]  

-> puppet agent

   The puppet agent role is automatically installed with the console, puppet master, and cloud provisioner roles.

?? The puppet master's certificate will contain a unique name ("certname"); this should be the main DNS name at which it can be reliably reached. Puppet master's certname? [Default: puppet.albertolarripa.com] 
?? The puppet master's certificate can contain DNS aliases; agent nodes will only trust the master if they reach it at its certname or one of these official aliases. Puppet master's DNS aliases (comma-separated list)? [Default:
   puppet,puppet.albertolarripa.com] 
?? Admin email address (will be used as account name) for accessing the console interface? alarripa@albertolarripa.com
?? Password for user alarripa@albertolarripa.com (minimum 8 characters)? 
Confirm Password: 

   The console requires an SMTP server to email account information to users.
?? What is the name of your SMTP server? smtp.albertolarripa.com

   The console requires a MySQL database and a user account able to edit it.
?? Is your existing MySQL server running on a remote host? [y/N]  
?? The console requires a database user with all privileges on both the console and inventory service databases as well as an auth user with its own database. Create the users and databases automatically? [Y/n] 
?? To set up the console users and databases, the root MySQL password is required. What password does the 'root' user have on the database server? 
Confirm Password: 

-> Vendor Packages

   The installer has detected that Puppet Enterprise requires additional packages from your operating system vendor's repositories, and can automatically install them. If you choose not to install these packages automatically, the
   installer will exit so you can install them manually.

   Additional vendor packages required for installation:
   * jre >= 1.6.0

?? Install these packages automatically? [Y/n] 

-> Convenience Links

   The selected Puppet software will be installed into "/opt/puppet", which may not be included in your default shell PATH. For ease of use, this installer can create symbolic links to these executables in "/usr/local/bin".

?? Create symbolic links to Puppet executables in "/usr/local/bin"? [Y/n] 

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

STEP 2: CONFIRM PLAN

You have selected to install the following components (and their dependencies)
* Puppet Master
* Console
* Cloud Provisioner
* Puppet Agent

?? Perform installation? [Y/n] 
## Saved answers to file: ./answers.lastrun.puppet.albertolarripa.com

=============================================================================================================================================================================================================================================
## Saved answers to file: /etc/puppetlabs/installer/answers.install
Created: /etc/puppetlabs/facter/facts.d

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

STEP 3: INSTALL PACKAGES

## Installing packages from repositories...
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package java-1.6.0-openjdk.x86_64 1:1.6.0.0-1.7.b09.el5 set to be updated
--> Processing Dependency: jpackage-utils >= 1.7.3-1jpp.2 for package: java-1.6.0-openjdk
--> Processing Dependency: libgif.so.4()(64bit) for package: java-1.6.0-openjdk
--> Running transaction check
---> Package giflib.x86_64 0:4.1.3-7.1.el5_3.1 set to be updated
---> Package jpackage-utils.noarch 0:1.7.3-1jpp.2.el5 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package                Arch       Version                     Repository  Size
================================================================================
Installing:
 java-1.6.0-openjdk     x86_64     1:1.6.0.0-1.7.b09.el5       myrepo      27 M
Installing for dependencies:
 giflib                 x86_64     4.1.3-7.1.el5_3.1           myrepo      39 k
 jpackage-utils         noarch     1.7.3-1jpp.2.el5            myrepo      61 k

Transaction Summary
================================================================================
Install       3 Package(s)
Upgrade       0 Package(s)

Total download size: 27 M
Downloading Packages:
--------------------------------------------------------------------------------
Total                                            27 MB/s |  27 MB     00:01     
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : giflib                                                   1/3 
  Installing     : jpackage-utils                                           2/3 
  Installing     : java-1.6.0-openjdk                                       3/3 

Installed:
  java-1.6.0-openjdk.x86_64 1:1.6.0.0-1.7.b09.el5                               

Dependency Installed:
  giflib.x86_64 0:4.1.3-7.1.el5_3.1   jpackage-utils.noarch 0:1.7.3-1jpp.2.el5  

Complete!
## Installing packages from files...
Preparando...               ##################################################
pe-puppet-enterprise-release##################################################
pe-ruby-libs                ##################################################
pe-ruby                     ##################################################
pe-httpd                    ##################################################
pe-ruby-mysql               ##################################################
pe-facter                   ##################################################
pe-ruby-irb                 ##################################################
pe-ruby-rdoc                ##################################################
pe-rubygems                 ##################################################
pe-rubygem-stomp            ##################################################
pe-rubygem-rake             ##################################################
pe-mcollective-common       ##################################################
pe-rubygem-rack             ##################################################
pe-httpd-passenger          ##################################################
pe-puppet-dashboard         ##################################################
pe-rubygem-ar-extensions    ##################################################
pe-rubygem-dalli            ##################################################
pe-rubygem-tilt             ##################################################
pe-rubygem-sinatra          ##################################################
pe-httpd.worker está parado
pe-live-management          ##################################################
pe-rubygem-activesupport    ##################################################
pe-rubygem-activerecord     ##################################################
pe-rubygem-builder          ##################################################
pe-rubygem-excon            ##################################################
pe-rubygem-formatador       ##################################################
pe-rubygem-guid             ##################################################
pe-rubygem-mime-types       ##################################################
pe-rubygem-multi-json       ##################################################
pe-rubygem-net-ssh          ##################################################
pe-rubygem-net-scp          ##################################################
pe-rubygem-nokogiri         ##################################################
pe-rubygem-rbvmomi          ##################################################
pe-rubygem-ruby-hmac        ##################################################
pe-rubygem-fog              ##################################################
pe-rubygem-trollop          ##################################################
pe-ruby-shadow              ##################################################
pe-puppet                   ##################################################
pe-rubygem-hiera            ##################################################
pe-augeas-libs              ##################################################
pe-tanukiwrapper            ##################################################
pe-activemq                 ##################################################
pe-augeas                   ##################################################
pe-cloud-provisioner        ##################################################
pe-console-auth             ##################################################
pe-libevent                 ##################################################
pe-mcollective              ##################################################
pe-mcollective-client       ##################################################
pe-memcached                ##################################################
pe-mod_ssl                  ##################################################
pe-puppet-dashboard-baseline##################################################

pe-puppet-server            ##################################################
pe-ruby-augeas              ##################################################
pe-rubygem-hiera-puppet     ##################################################
pe-rubygem-stomp-doc        ##################################################
pe-ruby-ldap                ##################################################
pe-ruby-ri                  ##################################################
## Setting up puppet master...
## Checking the agent certificate name detection...
## Setting up puppet agent...
## Setting up the console...
Performing Puppet dashboard database migration. This may take some time for larger databases...
Performing Puppet console authentication database migration. This may take some time for larger databases...
## Starting http server for puppet master and console.
## Creating symbolic links in "/usr/local/bin"...
Generating mcollective password...
Running puppet apply to configure MCollective ...
MCollective configuration is complete ...

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

STEP 4: DONE

Thanks for installing Puppet Enterprise!
   Puppet Enterprise has been installed to "/opt/puppet," and its configuration files are located in "/etc/puppetlabs".
## Answers from this session saved to './answers.lastrun.puppet.albertolarripa.com'
   !!! WARNING: Do not discard this file! All auto-generated database users and passwords, including the ROOT Mysql password, have been saved in it. This file should be secured as soon as possible!
=============================================================================================================================================================================================================================================

The console can be reached at the following URI:
 *  https://puppet.albertolarripa.com:443

   If you have a firewall running, please ensure the following TCP ports are open: 8140, 61613, 443
   WARNING: This system has 8 MB allocated for MySQL's innodb_buffer_pool_size, which is below the recommended minimum of 80 MB. Although this node will be a fully functional console, it may experience problems with database
   migrations during upgrades. Increasing the buffer pool size as described at http://links.puppetlabs.com/innodb_buffer_pool_size will help avoid this problem.
   WARNING: This system has 1001.70 MB of memory, which is below the minimum requirement of 1 GB for the puppet master role. You can attempt to use this system as a puppet master, but will probably experience serious problems unless
   you increase its memory.

=============================================================================================================================================================================================================================================

 Agent Installation

tar xvfz puppet-enterprise-2.5.3-el-5-x86_64.tar.gz
cd puppet-enterprise-2.5.3-el-5-x86_64
./puppet-enterprise-installer
Puppet Enterprise v2.5.3 installer

Puppet Enterprise documentation can be found at http://links.puppetlabs.com/puppet_enterprise_2.5_documentation

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

STEP 1: SELECT AND CONFIGURE ROLES

   This installer will offer to install the puppet master, console, cloud provisioner, and puppet agent roles.

-> puppet master

   The puppet master serves configurations to a group of puppet agent nodes. This role also provides MCollective's message queue and client interface. It should be installed on a robust, dedicated server.

?? Install puppet master? [y/N] 

-> cloud provisioner

   The cloud provisioner can create and bootstrap new machine instances and add them to your Puppet infrastructure. It should be installed on a trusted node where site administrators have shell access.

?? Install the cloud provisioner? [y/N] 

-> console

   The console is a web interface for viewing reports, classifying nodes, directly managing resources, controlling Puppet runs, and invoking MCollective agents. It should usually be installed on the puppet master server, but can also
   installed separately.

?? Install the console? [y/N] 

-> puppet agent

   The puppet agent applies configurations from the puppet master and submits reports and inventory information. It should be installed on every node you plan to manage with Puppet.

?? Install puppet agent? [Y/n] 
?? Puppet agent needs a unique name ("certname") for its certificate; this can be an arbitrary string. Certname for this node? [Default: repo] repo.albertolarripa.com
?? Puppet master hostname to connect to? [Default: puppet] puppet.albertolarripa.com

-> Convenience Links

   The selected Puppet software will be installed into "/opt/puppet", which may not be included in your default shell PATH. For ease of use, this installer can create symbolic links to these executables in "/usr/local/bin".

?? Create symbolic links to Puppet executables in "/usr/local/bin"? [Y/n] 

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

STEP 2: CONFIRM PLAN

You have selected to install the following components (and their dependencies)
* Puppet Agent

?? Perform installation? [Y/n] 
## Saved answers to file: ./answers.lastrun.repo

=============================================================================================================================================================================================================================================
## Saved answers to file: /etc/puppetlabs/installer/answers.install
Created: /etc/puppetlabs/facter/facts.d

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

STEP 3: INSTALL PACKAGES

## Installing packages from files...
Preparando...               ##################################################
pe-puppet-enterprise-release##################################################
pe-ruby-libs                ##################################################
pe-ruby                     ##################################################
pe-facter                   ##################################################
pe-ruby-irb                 ##################################################
pe-ruby-rdoc                ##################################################
pe-rubygems                 ##################################################
pe-rubygem-stomp            ##################################################
pe-mcollective-common       ##################################################
pe-ruby-shadow              ##################################################
pe-puppet                   ##################################################
pe-rubygem-hiera            ##################################################
pe-augeas-libs              ##################################################
pe-augeas                   ##################################################
pe-mcollective              ##################################################
pe-ruby-augeas              ##################################################
pe-rubygem-hiera-puppet     ##################################################
pe-rubygem-stomp-doc        ##################################################
pe-ruby-ldap                ##################################################
pe-ruby-ri                  ##################################################
## Checking the agent certificate name detection...
## Setting up puppet agent...
## Creating symbolic links in "/usr/local/bin"...

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

STEP 4: DONE

Thanks for installing Puppet Enterprise!
   Puppet Enterprise has been installed to "/opt/puppet," and its configuration files are located in "/etc/puppetlabs".
## Answers from this session saved to './answers.lastrun.repo'

=============================================================================================================================================================================================================================================

   If you have a firewall running, please ensure outbound connections to puppet.albertolarripa.com are allowed via the following TCP ports: 8140, 61613

Connect Client to Master

To connect the client with the master simple run:

  • Agent/Client
[root@repo ~]# puppet agent --server puppet --waitforcert 60 --test
  • Master/Server
[root@puppet ~]# puppet cert --sign repo.albertolarripa.com

The client automatically connect:

.....
...
notice: /Stage[main]/Pe_mcollective::Posix/File[peadmin-public.pem]/ensure: defined content as '{md5}5c5b1d70cb5d358274068b7faf664358'
info: /Stage[main]/Pe_mcollective::Posix/File[peadmin-public.pem]: Scheduling refresh of Service[mcollective]
notice: /Stage[main]/Pe_mcollective::Posix/File[puppet-dashboard-public.pem]/ensure: defined content as '{md5}86dcb4bbf62f3a582e892e108dd19f60'
info: /Stage[main]/Pe_mcollective::Posix/File[puppet-dashboard-public.pem]: Scheduling refresh of Service[mcollective]
notice: /Stage[main]/Pe_mcollective::Posix/Service[mcollective]: Triggered 'refresh' from 23 events
info: Creating state file /var/opt/lib/pe-puppet/state/state.yaml
notice: Finished catalog run in 4.71 seconds
[root@repo ~]#

Web Interface:

The Enterprise solution include Web interface, to login simple https://puppet.albertolarripa.com

In future post I’ll explain how install the OpenSource Solution, install/deploy modules, control remote host, etc.

If you need more information this is the official documentation, and here the Pro Puppet PDF book.

Leave a Reply

Your email address will not be published. Required fields are marked *