Installation
Server:
sudo apt-get install irb libopenssl-ruby
libreadline-ruby rdoc ri ruby ruby-dev
sudo apt-get install puppet puppetmaster
Client:
sudo apt-get install irb libopenssl-ruby
libreadline-ruby rdoc ri ruby ruby-dev
sudo apt-get install puppet
Configration
1) Both side: server and
client
1.1) Edit: gedit /etc/hosts
Set syntax below:
Server ip:
192.168.10.56 puppetserver.example.com
Client ip:
192.168.10.14 puppetclient.example.com
2) Puppet
server
2.1) Edit puppet.conf:
gedit /etc/puppet/puppet.conf
Set
syntax below:
pluginsync=false
certname = puppetserver.example.com
(This name will be puppet server name for certificate)
2.2) Create Folder in Puppet:
2.2.1) Step - 1:
make folder in /etc/puppet/
which name is 'files'
At cmd:
mkdir /etc/puppet/files
2.2.2) Step - 2:
make folder 'testing' in
'files' folder which will clone at client side
At cmd:
mkdir
/etc/puppet/files/testing
Copy testing source and paste /etc/puppet/files/testing
At cmd:
cp -r / tesing / /etc/puppet/files/testing
2.3)
Edit fileserver.conf
gedit
etc/puppet/fileserver.conf
Set
syntax below :
[files]
path /etc/puppet/files
allow *
# deny
*.evil.example.com
allow 192.168.10.14
[plugins]
allow *
# deny
*.evil.example.com
allow 192.168.10.14
2.4) Create 'site.pp'
file in /etc/puppet/manifests/
Add below code :
class sudo {
file { "/ tesing ":
mode => "644",
owner => 'root',
group => 'root',
ensure => directory,
recurse => true,
purge => true,
force => true,
source => 'puppet:///files/ tesing’
}
}
node
puppetclient {
include sudo
}
Restart puppetserver
cmd: /etc/init.d/puppetmaster restart
3) Puppet client
3.1) Edit puppet.conf
gedit
/etc/puppet/puppet.conf
Set
syntax as given below:
certname
= puppetclient.example.com
(This
name is puppet client name for certificate)
server
= puppetserver.example.com
runinterval
= 60
3.2) Restart puppet
cmd: /etc/init.d/puppet restart
4) Connect server and
client
Client side
As a command, for certificate request:
puppetd --server puppetserver.example.com --waitforcert 60 –test
(You should see
the following message.)
err: No certificate; running with reduced functionality.
err: No certificate; running with reduced functionality.
info: Creating a new certificate
request for pclient.example.con
info: Requesting certificate
warning: peer certificate won’t be verified in this SSL session
notice: Did not receive certificate
info: Requesting certificate
warning: peer certificate won’t be verified in this SSL session
notice: Did not receive certificate
Server side
Use command as shown below:
puppetca --list
Then Display client request like below:
puppetclient.example.com
Then sign the
certificate.
To sign the certificate, use below command
puppetca
–sign puppetclient.example.com
Signed puppetclient.example.com
If
everything went OK you should see this message on puppetclient.
info:
Requesting certificate
warning: peer certificate won’t be verified in this SSL session
notice: Ignoring –listen on onetime run
warning: peer certificate won’t be verified in this SSL session
notice: Ignoring –listen on onetime run
info: Caching
configuration at /etc/puppet/localconfig.yaml
notice: Starting configuration run
notice: //puppetclient/test_class/File[/tmp/testfile]/ensure: created
info: Creating state file /var/lib/puppet/state/state.yaml
notice: Finished configuration run in 0.11 seconds
notice: Starting configuration run
notice: //puppetclient/test_class/File[/tmp/testfile]/ensure: created
info: Creating state file /var/lib/puppet/state/state.yaml
notice: Finished configuration run in 0.11 seconds
if
everything is ok, client have folder named liferay-tomcat in filesystem.
5) If any problem to verify
certificate, use below command
find
/var/lib/puppet -type f -print0 |xargs -0r rm
restart client and send
request by going again to step (4).