tag:blogger.com,1999:blog-68292734294194845762024-03-12T18:39:53.993-07:00Puppet - Configuration Management ToolAnonymoushttp://www.blogger.com/profile/01079172149209810817noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-6829273429419484576.post-68905987082570862742014-02-11T00:48:00.000-08:002014-02-11T00:48:05.204-08:00Credentials-Password<div dir="ltr" style="text-align: left;" trbidi="on">
We would be learning about, how to set password in clients via puppet in this post. This seems to be easy task, but believe me its not.<br />
<br />
Before, we start setting up password for user, lets checkout for some of the important files in <i>/etc/puppet</i> on master server, <i>auth.conf</i>, <i>fileserver.conf</i>, <i>puppet.conf</i>. <br />
<br />
We would be discussing as to how to share/transfer a file to client via puppet.<br />
We will be putting all the files to share in <i>/etc/puppet/files</i> directory, if directory is not existing, we need to create it, its not necessary that we need to have same name, but we stick to it.<br />
<br />
Edit file <i>/etc/puppet/fileserver.conf</i><br />
<br />
Add mentioned lines at end, you can also search MOUNT POINTS section and uncomment it, but is is wise to have it done at end of file.<br />
<!-- HTML generated using hilite.me --><br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">[files]
path /etc/puppet/files
allow *
</pre>
</div>
<br />
Edit file <i>/etc/puppet/auth.conf</i><br />
<br />
Add mentioned lines below <b>"path /file"</b> section and not above it as it can implement extra security and would be hard for you to debug.<br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">path ~ ^/file_(metadata|content)/files/
auth yes
allow /^(.+\.)<span style="background-color: #e3d2d2; color: #a61717;">?</span>puppet.com<span style="background-color: #e3d2d2; color: #a61717;">$</span>/
allow_ip <span style="color: white;">192.168</span>.<span style="color: white;">1.0</span>/<span style="color: white;">24</span>
</pre>
</div>
<br />
In our case 192.168.1.0/24 is private range and puppet.com as domain, set according to your convenience.<br />
<br />
Edit file <i>/etc/puppet/puppet.conf</i><br />
<br />
In <b>[main]</b> section add the mentioned parameter<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">pluginsync = true
</pre>
</div>
<br />
After doing all necessary changes, restart service for puppet master.<br />
<br />
On master server : CentOS<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #3399cc;">/</span><span style="color: #cccccc;">etc</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">init</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">d</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">puppetmaster</span> <span style="color: #cccccc;">restart</span>
</pre>
</div>
<br />
Lets move onto setting up password in <i>/etc/shadow</i> file. We tried alot of methods to set password but eventually the method which worked is defined under.<br />
<br />
First, we will create a <i>sh</i> file and place it in files folder in <i>/etc/puppet</i>.<br />
This file basically, queries second field of <i>/etc.shadow</i> file and if returned with <b>"!"</b> it sets password, else does not executes change password command i.e chpasswd.<br />
<br />
Create and edit file <i>/etc/puppet/files/shadow.sh </i><br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #008800; font-style: italic;">#!/bin/bash</span>
rc=<span style="color: white;">`/bin/grep $1 /etc/shadow | awk -F":" '($2 == "!")' | wc -l`</span>
<span style="color: white; font-weight: bold;">if</span> [ <span style="background-color: #e3d2d2; color: #a61717;">$</span>rc -eq <span style="color: white;">0</span> ]
then
exit <span style="color: white;">1</span>
<span style="color: white; font-weight: bold;">else</span>
exit <span style="color: white;">0</span>
fi
</pre>
</div>
<br />
Edit file <i>/etc/puppet/modules/accounts/init.pp</i><br />
<br />
In this file we will add file type and exec type under accounts class, file type will share/transfer file created in above step on the client and exec type will execute chpasswd on client along with username and password. To avoid password in shadow to overwritten again and again whenever the client is synchronized, an <b>onlyif</b> attribute is set, wherein with the help of above script file and the user name it will query the second field for "!" and if not returned with the same result, it will not execute chpasswd utility.<br />
<br />
<!-- HTML generated using hilite.me -->Also, to remember on the client there should be a directory templates, in our case Ubuntu is by default having it, so we transferred file onto that location, location can be anything according to your convenience, but be sure to point it to right location in file type and similarly using it in exec type.<br />
<!-- HTML generated using hilite.me --><br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: white; font-weight: bold;">class</span> accounts {
file { <span style="color: white;">'/etc/puppet/templates/shadow.sh'</span>:
ensure => file,
recurse => true,
mode => <span style="color: white;">"0777"</span>,
source => <span style="color: white;">"puppet:///files/shadow.sh"</span>,
}
@accounts::system { <span style="color: white;">'demo'</span>:
comment => <span style="color: white;">'demo users'</span>,
}
<span style="color: white; font-weight: bold;">exec</span> { <span style="color: white;">"demo"</span>:
command => <span style="color: white;">'echo "demo:password@123" | chpasswd'</span>,
provider => <span style="color: white;">'shell'</span>,
onlyif => <span style="color: white;">"/etc/puppet/templates/shadow.sh demo"</span>,
}
}
</pre>
</div>
<br />
<br />
Edit file <i>/etc/puppet/manifests/nodes/client2.pp</i><br />
<br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">node <span style="color: white;">'client2.puppet.com'</span> {
include accounts
realize (Accounts::System[<span style="color: white;">'demo'</span>])
}
</pre>
</div>
<br />
Apply changes on the master to take effect.<br />
<br />
<b>On master server : CentOS </b><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">papply</span>
<span style="color: #cccccc;">Notice:</span> <span style="color: #cccccc;">Compiled</span> <span style="color: #cccccc;">catalog</span> <span style="color: #cdcd00;">for</span> <span style="color: #cccccc;">server</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">com</span> <span style="color: #cdcd00;">in</span> <span style="color: #cccccc;">environment</span> <span style="color: #cccccc;">production</span> <span style="color: #cdcd00;">in</span> <span style="color: #cd00cd;">0.16</span> <span style="color: #cccccc;">seconds</span>
<span style="color: #cccccc;">Notice:</span> <span style="color: #cccccc;">Finished</span> <span style="color: #cccccc;">catalog</span> <span style="color: #cccccc;">run</span> <span style="color: #cdcd00;">in</span> <span style="color: #cd00cd;">0.11</span> <span style="color: #cccccc;">seconds</span>
</pre>
</div>
<br />
<br />
Let move on to client to fetch changes.<br />
<br />
<b>On client server : Ubuntu</b><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">pagent</span>
<span style="color: #cccccc;">Info:</span> <span style="color: #cccccc;">Retrieving</span> <span style="color: #cccccc;">plugin</span>
<span style="color: #cccccc;">Info:</span> <span style="color: #cccccc;">Caching</span> <span style="color: #cccccc;">catalog</span> <span style="color: #cdcd00;">for</span> <span style="color: #cccccc;">client2</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">com</span>
<span style="color: #cccccc;">Info:</span> <span style="color: #cccccc;">Applying</span> <span style="color: #cccccc;">configuration</span> <span style="color: #cccccc;">version</span> <span style="color: #cd0000;">'1392108081'</span>
<span style="color: #cccccc;">Notice:</span> <span style="color: #3399cc;">/</span><span style="color: #cccccc;">Stage[main]</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">Accounts</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">Accounts::System[demo]</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">User[demo]</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">ensure:</span> <span style="color: #cccccc;">created</span>
<span style="color: #cccccc;">Notice:</span> <span style="color: #3399cc;">/</span><span style="color: #cccccc;">Stage[main]</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">Accounts</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">Exec[demo]</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">returns:</span> <span style="color: #cccccc;">executed</span> <span style="color: #cccccc;">successfully</span>
<span style="color: #cccccc;">Notice:</span> <span style="color: #cccccc;">Finished</span> <span style="color: #cccccc;">catalog</span> <span style="color: #cccccc;">run</span> <span style="color: #cdcd00;">in</span> <span style="color: #cd00cd;">3.05</span> <span style="color: #cccccc;">seconds</span>
</pre>
</div>
<br />
<br /></div>
Anonymoushttp://www.blogger.com/profile/01079172149209810817noreply@blogger.com0tag:blogger.com,1999:blog-6829273429419484576.post-76334532643213737602014-01-27T23:50:00.000-08:002014-01-28T01:21:50.629-08:00User Management<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
Now, that we have seen what directory and file structure should be in puppet management. Lets, discuss about user management - creation of local user on client, which is a daily/frequent task of system admin.<br />
<br />
Lets change directory to <i>/etc/puppet/modules</i> and create folder accounts with a sub-folder manifests i.e <i>/etc/puppet/modules/accounts/manifests</i>.<br />
<br />
We will be creating two files <i>init.pp</i> and <i>system.pp</i>. Please be careful with directory and file names as they hold the key to run your configuration in an appropriate way.<br />
<br />
Create and edit file - <i>/etc/puppet/modules/accounts/manifests/system.pp</i><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">define accounts::system (<span style="background-color: #e3d2d2; color: #a61717;">$</span>comment,<span style="background-color: #e3d2d2; color: #a61717;">$</span>password) {
user { <span style="background-color: #e3d2d2; color: #a61717;">$</span>title:
ensure => <span style="color: white;">'present'</span>,
shell => <span style="color: white;">'/bin/bash'</span>,
managehome => true,
}
}
</pre>
</div>
<br />
<br />
In the above file we have defined type <b>accounts::system</b>, which is done in order to ensure that every user should get home, shell as defined and not the default which is created by useradd utility. We also included variable for comment and password as these variables varies user to user and cannot be constant.<br />
<br />
<b>For example :</b> If we try to create user on ubuntu via useradd utility manually, we will end up having /bin/sh as its shell until explicitly defined using -s option. <br />
<br />
<br />
Create and edit file - <i>/etc/puppet/modules/accounts/manifests/init.pp</i><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: white; font-weight: bold;">class</span> accounts {
@accounts::system { <span style="color: white;">'demo'</span>:
comment => <span style="color: white;">'demo users'</span>,
password => <span style="color: white;">'*'</span>,
}
}
</pre>
</div>
</div>
<br />
<br />
Now that the defined type is done, we can use it to actually create the system user resources.We repeat as many times as necessary to
create a system <b>accounts::system</b> resource for each user account you
want to manage within Puppet.<br />
<br />
<br />
Once we are done with these configuration, we just then have to realize it in nodes.<br />
<br />
Edit file <i>/etc/puppet/manifests/nodes/client2.pp</i><br />
<br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">node <span style="color: white;">'client2.puppet.com'</span> {
include accounts
realize (Accounts::System[<span style="color: white;">'demo'</span>])
}
</pre>
</div>
<br />
Apply changes on the master to take effect.<br />
<br />
<b>On master server : CentOS</b><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">papply</span>
<span style="color: #cccccc;">Notice:</span> <span style="color: #cccccc;">Compiled</span> <span style="color: #cccccc;">catalog</span> <span style="color: #cdcd00;">for</span> <span style="color: #cccccc;">server</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">com</span> <span style="color: #cdcd00;">in</span> <span style="color: #cccccc;">environment</span> <span style="color: #cccccc;">production</span> <span style="color: #cdcd00;">in</span> <span style="color: #cd00cd;">0.05</span> <span style="color: #cccccc;">seconds</span>
<span style="color: #cccccc;">Notice:</span> <span style="color: #cccccc;">Finished</span> <span style="color: #cccccc;">catalog</span> <span style="color: #cccccc;">run</span> <span style="color: #cdcd00;">in</span> <span style="color: #cd00cd;">0.06</span> <span style="color: #cccccc;">seconds</span>
</pre>
</div>
<br />
<br />
Let move on to client to fetch changes.<br />
<br />
<b>On client server : Ubuntu</b><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">pagent</span>
<span style="color: #cccccc;">Info:</span> <span style="color: #cccccc;">Retrieving</span> <span style="color: #cccccc;">plugin</span>
<span style="color: #cccccc;">Info:</span> <span style="color: #cccccc;">Caching</span> <span style="color: #cccccc;">catalog</span> <span style="color: #cdcd00;">for</span> <span style="color: #cccccc;">client2</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">com</span>
<span style="color: #cccccc;">Info:</span> <span style="color: #cccccc;">Applying</span> <span style="color: #cccccc;">configuration</span> <span style="color: #cccccc;">version</span> <span style="color: #cd0000;">'1390898484'</span>
<span style="color: #cccccc;">Notice:</span> <span style="color: #3399cc;">/</span><span style="color: #cccccc;">Stage[main]</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">Accounts</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">Accounts::System[demo]</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">User[demo]</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">ensure:</span> <span style="color: #cccccc;">created</span>
<span style="color: #cccccc;">Notice:</span> <span style="color: #cccccc;">Finished</span> <span style="color: #cccccc;">catalog</span> <span style="color: #cccccc;">run</span> <span style="color: #cdcd00;">in</span> <span style="color: #cd00cd;">0.67</span> <span style="color: #cccccc;">seconds</span>
</pre>
</div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/01079172149209810817noreply@blogger.com0tag:blogger.com,1999:blog-6829273429419484576.post-8524345851285542222014-01-20T01:19:00.001-08:002014-01-28T01:16:07.990-08:00Puppet Management<div dir="ltr" style="text-align: left;" trbidi="on">
Lets, move one step ahead and clean up site.pp and follow a hierarchy in which resources should be setup, which is necessary, working with puppet.<br />
<br />
<i>/etc/puppet</i> contains two important directories manifests and modules.<br />
<br />
<br />
<u><b>Puppet</b></u> <br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #29088A; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">.
|-- auth.conf
|-- fileserver.conf
|-- manifests
| |-- nodes
| | |-- client1.pp
| | |-- client2.pp
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- server.pp
| <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- site.pp
|-- modules
| |-- accounts
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- manifests
| | |-- init.pp
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- system.pp
| |-- elinks
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- manifests
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- init.pp
| |-- nmap
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- manifests
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- init.pp
| <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- s3cmd
| <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- manifests
| <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- init.pp
<span style="background-color: #e3d2d2; color: #a61717;">`</span>-- puppet.conf
</pre>
</div>
<br />
<br />
<u><b>Manifests</b></u><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #29088A; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">manifests
| |-- nodes
| | |-- client1.pp
| | |-- client2.pp
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- server.pp
| <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- site.pp
</pre>
</div>
<br />
<br />
<u><b>Modules</b></u><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #29088A; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">modules
| |-- accounts
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- manifests
| | |-- init.pp
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- system.pp
| |-- elinks
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- manifests
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- init.pp
| |-- nmap
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- manifests
| | <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- init.pp
| <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- s3cmd
| <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- manifests
| <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- init.pp
</pre>
</div>
<br />
Edit file /etc/puppet/manifests/site.pp<br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: white; font-weight: bold;">import</span> <span style="color: white;">'nodes/*.pp'</span>
</pre>
</div>
<br />
Create directory /etc/puppet/manifests/nodes and create files with respective node name prefix in the nodes directory, in our case<br />
<br />
server.puppet.com - server.pp<br />
client1.puppet.com - client1.pp<br />
client2.puppet.com - client2.pp<br />
<br />
Edit file <i>/etc/puppet/manifests/nodes/server.pp</i><br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">node <span style="color: white;">'server.puppet.com'</span> {
}
</pre>
</div>
<br />
Edit file <i>/etc/puppet/manifests/nodes/client1.pp</i><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">node <span style="color: white;">'client1.puppet.com'</span> {
}
</pre>
</div>
<br />
Edit file <i>/etc/puppet/manifests/nodes/client2.pp</i><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">node <span style="color: white;">'client2.puppet.com'</span> {
}
</pre>
</div>
<br />
<br />
Now, lets create modules for the packages to be installed on the clients.<br />
Remember, we used nmap in our previous post, lets take it again.<br />
<br />
Change to directory <i>/etc/puppet/modules</i><br />
<br />
create directory with package name to be installed on clients, create a sub directory with name as manifests in the package directory.<br />
<br />
<u><b>Modules</b></u><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #29088A; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">|-- nmap
| <span style="background-color: #e3d2d2; color: #a61717;">`</span>-- manifests
</pre>
</div>
<br />
Next, we will create a init.pp file. The puppet autoloader convention require all modules contain an <i>init.pp</i>
file that contains a class or define that matches the module name.<br />
<br />
Create and edit file <i>/etc/puppet/modules/nmap/manifests/init.pp</i><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: white; font-weight: bold;">class</span> nmap {
case <span style="background-color: #e3d2d2; color: #a61717;">$</span>operatingsystem {
centos, redhat: {
package { <span style="color: white;">"nmap"</span>:
ensure => installed,
}
}
debian, ubuntu: {
package { <span style="color: white;">"nmap"</span>:
ensure => installed,
}
}
}
}
</pre>
</div>
<br />
Now, lets get back to main manifests directory having nodes and include package class.<br />
<br />
Edit file <i>/etc/puppet/manifests/nodes/client2.pp</i><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">node <span style="color: white;">'client2.puppet.com'</span> {
include nmap
}
</pre>
</div>
<br />
Before, applying changes lets create simple bash scripts for master and clients to apply and fetch changes respectively.<br />
<br />
<b>On master server : CentOS</b><br />
<br />
Create and edit file - <i>/usr/bin/papply</i><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #008800; font-style: italic;">#!/bin/bash</span>
/usr/bin/puppet apply -v /etc/puppet/manifests/site.pp
</pre>
</div>
<br />
<br />
<b>On client server :Ubuntu</b><br />
<br />
Create and edit file - <i>/usr/bin/pagent</i><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #008800; font-style: italic;">#!/bin/bash </span>
/usr/bin/puppet agent -v --test
</pre>
</div>
<br />
<br />
<b>On master server : CentOS</b><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">papply</span>
<span style="color: #cccccc;">Notice:</span> <span style="color: #cccccc;">Finished</span> <span style="color: #cccccc;">catalog</span> <span style="color: #cccccc;">run</span> <span style="color: #cdcd00;">in</span> <span style="color: #cd00cd;">0.07</span> <span style="color: #cccccc;">seconds</span>
</pre>
</div>
<br />
<br />
<b>On client server :Ubuntu</b><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">pagent</span>
<span style="color: #cccccc;">Info:</span> <span style="color: #cccccc;">Retrieving</span> <span style="color: #cccccc;">plugin</span>
<span style="color: #cccccc;">Info:</span> <span style="color: #cccccc;">Caching</span> <span style="color: #cccccc;">catalog</span> <span style="color: #cdcd00;">for</span> <span style="color: #cccccc;">client2</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">com</span>
<span style="color: #cccccc;">Info:</span> <span style="color: #cccccc;">Applying</span> <span style="color: #cccccc;">configuration</span> <span style="color: #cccccc;">version</span> <span style="color: #cd0000;">'1390207277'</span>
<span style="color: #cccccc;">Notice:</span> <span style="color: #cccccc;">Finished</span> <span style="color: #cccccc;">catalog</span> <span style="color: #cccccc;">run</span> <span style="color: #cdcd00;">in</span> <span style="color: #cd00cd;">0.41</span> <span style="color: #cccccc;">seconds</span>
</pre>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/01079172149209810817noreply@blogger.com0tag:blogger.com,1999:blog-6829273429419484576.post-916805629388251782014-01-11T07:43:00.000-08:002014-01-28T01:13:45.851-08:00Basic Puppet Programs - Manifest <div dir="ltr" style="text-align: left;" trbidi="on">
Basically, puppet programs are called “manifests,” and they use the <code>.pp</code> file extension.<br />
<br />
<b>site.pp</b>: first file that the Puppet Master parses when
determining a server’s catalog. It imports all the underlying
subdirectories and the other special files in this directory. It
also defines any global defaults, such as package managers as per <a href="http://projects.puppetlabs.com/projects/1/wiki/Puppet_Best_Practice2">http://projects.puppetlabs.com/projects/1/wiki/Puppet_Best_Practice2</a><br />
<br />
To begin with, lets start definining things in the first file that the puppet master parses.<br />
<br />
site.pp file should contain all the nodes -- clients as well as master, else it will not allow to proceed further.<br />
<br />
<b>On master server - CentOS</b><br />
<br />
Create file - <i>/etc/puppet/manifests/site.pp</i><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">node <span style="color: white;">'server.puppet.com'</span> {
}
node <span style="color: white;">'client1.puppet.com'</span>, <span style="color: white;">'client2.puppet.com'</span> {
}
</pre>
</div>
<br />
Now, lets move further and introduce packages that we need to install on clients.<br />
<br />
Now that we have clients on Ubuntu, we need to define operating system variable with a switch.<br />
<br />
<br />
Packages to be installed - <i>nmap</i> and <i>elinks</i>.<br />
<br />
Edit file <i>/etc/puppet/manifests/site.pp</i><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">node <span style="color: white;">'server.puppet.com'</span> {
}
node <span style="color: white;">'client1.puppet.com'</span>, <span style="color: white;">'client2.puppet.com'</span> {
include nmap
include elinks
}
<span style="color: white; font-weight: bold;">class</span> nmap {
case <span style="background-color: #e3d2d2; color: #a61717;">$</span>operatingsystem {
centos, redhat: {
package { <span style="color: white;">"nmap"</span>:
ensure => installed,
}
}
debian, ubuntu: {
package { <span style="color: white;">"nmap"</span>:
ensure => installed,
}
}
}
}
<span style="color: white; font-weight: bold;">class</span> elinks {
case <span style="background-color: #e3d2d2; color: #a61717;">$</span>operatingsystem {
centos, redhat: {
package { <span style="color: white;">"elinks"</span>:
ensure => installed,
}
}
debian, ubuntu: {
package { <span style="color: white;">"elinks"</span>:
ensure => installed,
}
}
}
}
</pre>
</div>
<br />
<b>Note</b><i> : If you can see in the above code in nodes section, we have included nmap and elinks class in clients and not in master. And in below section defined both the classes.</i><br />
<br />
Apply changes on the master to take effect.<br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">puppet</span> <span style="color: #cd00cd;">apply</span> <span style="color: #3399cc;">-</span><span style="color: #cccccc;">v</span> <span style="color: #3399cc;">/</span><span style="color: #cccccc;">etc</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">manifests</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">site</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">pp</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Applying</span> <span style="color: #008800;">configuration</span> <span style="color: #008800;">version</span> <span style="color: #008800;">'1389452030'</span>
<span style="color: #34fcfc;">notice:</span> <span style="color: #34fcfc;">Finished</span> <span style="color: #34fcfc;">catalog</span> <span style="color: #34fcfc;">run</span> <span style="color: #34fcfc;">in</span> <span style="color: #34fcfc;">2.43</span> <span style="color: #34fcfc;">seconds</span>
</pre>
</div>
<br />
<br />
Let move on to client to fetch changes.<br />
<br />
<b>On client server : Ubuntu</b><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">puppet</span> <span style="color: #cccccc;">agent</span> <span style="color: #3399cc;">-</span><span style="color: #cccccc;">v</span> <span style="color: #3399cc;">--</span><span style="color: #cccccc;">test</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Caching</span> <span style="color: #008800;">catalog</span> <span style="color: #008800;">for</span> <span style="color: #008800;">client2</span><span style="color: #008800;">.</span><span style="color: #008800;">puppet</span><span style="color: #008800;">.</span><span style="color: #008800;">com</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Applying</span> <span style="color: #008800;">configuration</span> <span style="color: #008800;">version</span> <span style="color: #008800;">'1389452959'</span>
<span style="color: #34fcfc;">notice:</span> <span style="color: #34fcfc;">/</span><span style="color: #34fcfc;">Stage[main]</span><span style="color: #34fcfc;">/</span><span style="color: #34fcfc;">Elinks</span><span style="color: #34fcfc;">/</span><span style="color: #34fcfc;">Package[elinks]</span><span style="color: #3399cc;">/</span><span style="color: #34fcfc;">ensure:</span> <span style="color: #34fcfc;">created</span>
<span style="color: #34fcfc;">notice:</span> <span style="color: #34fcfc;">/</span><span style="color: #34fcfc;">Stage[main]</span><span style="color: #34fcfc;">/</span><span style="color: #34fcfc;">Nmap</span><span style="color: #34fcfc;">/</span><span style="color: #34fcfc;">Package[nmap]</span><span style="color: #34fcfc;">/</span><span style="color: #34fcfc;">ensure:</span> <span style="color: #34fcfc;">ensure</span> <span style="color: #34fcfc;">changed</span> <span style="color: #34fcfc;">'purged'</span> <span style="color: #34fcfc;">to</span> <span style="color: #34fcfc;">'present'</span>
<span style="color: #34fcfc;">notice:</span> <span style="color: #34fcfc;">Finished</span> <span style="color: #34fcfc;">catalog</span> <span style="color: #34fcfc;">run</span> <span style="color: #34fcfc;">in</span> <span style="color: #34fcfc;">16.69</span> <span style="color: #34fcfc;">seconds</span>
</pre>
</div>
<br />
<br /><b>Note </b><i>:</i> <i>Client synchronizes every 30 minutes for any changes/configuration applied on the puppet master server.</i><br />
<br />
<br /></div>
Anonymoushttp://www.blogger.com/profile/01079172149209810817noreply@blogger.com1tag:blogger.com,1999:blog-6829273429419484576.post-38848644271852935192014-01-10T08:02:00.002-08:002014-01-28T01:11:04.190-08:00Puppet Configuration ( Setting up Master Server and Client Servers )<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
Setting up Master Puppet Server and Client Puppet Servers <br />
<br />
<br />
<br />
<span style="font-size: small;">Puppet as per dictionary means " </span><b><i>a movable model of a person or animal that is typically moved either by strings controlled from above or by a hand inside it.</i></b><span style="font-size: small;"> "</span><br />
<br />
<span style="font-size: small;">To setup Puppet Master and Client, we would be taking an example, wherein our Master server will on <i>CentOS</i> and clients on <i>Ubuntu</i>. </span><br />
<br />
<span style="font-size: small;">Master - server.puppet.com</span><br />
<span style="font-size: small;">Client 1 - client1.puppet.com </span><br />
<span style="font-size: small;">Client 2 - client2.puppet.com</span><br />
<br />
<span style="font-size: small;">Configurations, that need to be set before installing any packages.</span><br />
<br />
<b><span style="font-size: small;">On master server : CentOS</span></b><br />
<br />
<span style="font-size: small;">Edit file <i>/etc/sysconfig/network</i> </span><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">HOSTNAME=server.puppet.com
</pre>
</div>
<br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">service</span> <span style="color: #cccccc;">network</span> <span style="color: #cccccc;">restart</span>
<span style="color: #cccccc;">hostname</span> <span style="color: #cccccc;">server</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">com</span>
</pre>
</div>
</div>
<br />
<br />
Edit file <i>/etc/hosts</i><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: white;">127.0</span>.<span style="color: white;">0.1</span> server.puppet.com localhost.localdomain localhost
::<span style="color: white;">1</span> localhost6.localdomain6 localhost6
<span style="color: white;">192.168</span>.<span style="color: white;">1.28</span> server.puppet.com
<span style="color: white;">192.168</span>.<span style="color: white;">1.10</span> client1.puppet.com
<span style="color: white;">192.168</span>.<span style="color: white;">1.19</span> client2.puppet.com
</pre>
</div>
<br />
<br />
<b><span style="font-size: small;">On client server : Ubuntu</span></b><br />
<br />
<b><span style="font-size: small;"> </span></b><span style="font-size: small;">Edit file <i>/etc/hostname</i></span><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">client1.puppet.com
</pre>
</div>
<br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #3399cc;">/</span><span style="color: #cccccc;">etc</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">init</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">d</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">hostname</span> <span style="color: #cccccc;">restart</span>
<span style="color: #cccccc;">hostname</span> <span style="color: #cccccc;">client1</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">com</span>
</pre>
</div>
<span style="font-size: small;"><br /></span>
<br />
<span style="font-size: small;"><br /></span>
<br />
Edit file <i>/etc/hosts</i><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid RED; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: white;">127.0</span>.<span style="color: white;">0.1</span> client1.puppet.com localhost
<span style="color: #008800; font-style: italic;"># The following lines are desirable for IPv6 capable hosts</span>
::<span style="color: white;">1</span> ip6-localhost ip6-loopback
fe00::<span style="color: white;">0</span> ip6-localnet
ff00::<span style="color: white;">0</span> ip6-mcastprefix
ff02::<span style="color: white;">1</span> ip6-allnodes
ff02::<span style="color: white;">2</span> ip6-allrouters
<span style="color: white;">192.168</span>.<span style="color: white;">1.10</span> client1.puppet.com
<span style="color: white;">192.168</span>.<span style="color: white;">1.28</span> server.puppet.com
</pre>
</div>
<br />
<br />
Now, lets move onto installing necessary packages on both the servers<i>.</i><br />
<i><br /></i>
<b><span style="font-size: small;">On master server : CentOS</span></b><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">yum</span> <span style="color: #cccccc;">install</span> <span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">-</span><span style="color: #cccccc;">server</span>
<span style="color: #3399cc;">/</span><span style="color: #cccccc;">etc</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">init</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">d</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">puppetmaster</span> <span style="color: #cccccc;">start</span>
</pre>
</div>
<br />
<b><span style="font-size: small;">On client server : Ubuntu</span></b><br />
<b><span style="font-size: small;"> </span></b><i> </i>
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">apt</span><span style="color: #3399cc;">-</span><span style="color: #cccccc;">get</span> <span style="color: #cccccc;">install</span> <span style="color: #cccccc;">puppet</span>
<span style="color: #3399cc;">/</span><span style="color: #cccccc;">etc</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">init</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">d</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">puppet</span> <span style="color: #cccccc;">start</span>
<span style="color: #cccccc;">telnet</span> <span style="color: #cccccc;">server</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">com</span> <span style="color: #cd00cd;">8140</span>
<span style="color: #cccccc;">Trying</span> <span style="color: #cd00cd;">192.168</span><span style="color: #3399cc;">.</span><span style="color: #cd00cd;">1.28</span><span style="color: #3399cc;">...</span>
<span style="color: #cccccc;">Connected</span> <span style="color: #cccccc;">to</span> <span style="color: #cccccc;">server</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">com</span><span style="color: #3399cc;">.</span>
<span style="color: #cccccc;">Escape</span> <span style="color: #cccccc;">character</span> <span style="color: #cdcd00;">is</span> <span style="color: #cd0000;">'^]'</span><span style="color: #3399cc;">.</span>
<span style="color: #3399cc;">^</span><span style="color: #cccccc;">]q</span>
<span style="color: #cccccc;">telnet</span><span style="color: #3399cc;">></span> <span style="color: #cccccc;">q</span>
<span style="color: #cccccc;">Connection</span> <span style="color: #cccccc;">closed</span><span style="color: #3399cc;">.</span>
</pre>
</div>
<br />
<br />
<br />
Lets, move onto configuration, generating and signing of certificates.<br />
<br />
<br />
<b><span style="font-size: small;">On client server : Ubuntu</span></b><br />
<br />
<span style="font-size: small;">Configuration - Edit file </span><b><span style="font-size: small;"> </span></b><i><span style="font-size: small;">/etc/puppet/puppet.conf</span></i><b><span style="font-size: small;"><br /></span></b><br />
<br />
In <b>[main]</b> section add the mentioned parameter<br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #1111111; border-width: .1em .1em .1em .8em; border: solid red; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;">[main]
server=server.puppet.com
</pre>
</div>
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #3399cc;">/</span><span style="color: #cccccc;">etc</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">init</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">d</span><span style="color: #3399cc;">/</span><span style="color: #cccccc;">puppet</span> <span style="color: #cccccc;">restart</span>
</pre>
</div>
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">puppet</span> <span style="color: #cccccc;">agent</span> <span style="color: #3399cc;">--</span><span style="color: #cccccc;">waitforcert</span> <span style="color: #cd00cd;">60</span> <span style="color: #3399cc;">--</span><span style="color: #cccccc;">test</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Caching</span> <span style="color: #008800;">certificate</span> <span style="color: #008800;">for</span> <span style="color: #008800;">ca</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Creating</span> <span style="color: #008800;">a</span> <span style="color: #008800;">new</span> <span style="color: #008800;">SSL</span> <span style="color: #008800;">certificate</span> <span style="color: #008800;">request</span> <span style="color: #008800;">for</span> <span style="color: #008800;">client2</span><span style="color: #008800;">.</span><span style="color: #008800;">puppet</span><span style="color: #008800;">.</span><span style="color: #008800;">com</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Certificate</span> <span style="color: #008800;">Request</span> <span style="color: #008800;">fingerprint</span> <span style="color: #008800;">(md5):</span> <span style="color: #008800;">72</span><span style="color: #008800;">:B7:</span><span style="color: #008800;">5</span><span style="color: #008800;">B:</span><span style="color: #008800;">78</span><span style="color: #008800;">:</span><span style="color: #008800;">46</span><span style="color: #008800;">:BF:DA:</span><span style="color: #008800;">6</span><span style="color: #008800;">A:</span><span style="color: #008800;">8</span><span style="color: #008800;">F:</span><span style="color: #008800;">8</span><span style="color: #008800;">C:CF:</span><span style="color: #008800;">62</span><span style="color: #008800;">:</span><span style="color: #008800;">11</span><span style="color: #008800;">:</span><span style="color: #008800;">93</span><span style="color: #008800;">:CD:F1</span>
</pre>
</div>
<br />
<br />
The above command will send a certificate signing request (csr) to master server, and as csr is delivered to master, we need execute commands on master server <span data-dobid="hdw">simultaneously after we see above info i.e.</span><br />
<br />
<span style="font-size: xx-small;"><b>info: Certificate Request fingerprint (md5): 72:B7:5B:78:46:BF:DA:6A:8F:8C:CF:62:11:93:CD:F1</b></span><br />
<br />
The above client will not exit to terminal prompt until it receives an acknowledgement of the signed certificate by master server.<br />
<br />
<b><span style="font-size: small;">On master server : CentOS</span></b><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">puppetca</span> <span style="color: #3399cc;">--</span><span style="color: #cd00cd;">list</span>
<span style="color: #cd0000;">"client1.puppet.com"</span> <span style="color: #cccccc;">(</span><span style="color: #cd00cd;">72</span><span style="color: #cccccc;">:B7:</span><span style="color: #cd00cd;">5</span><span style="color: #cccccc;">B:</span><span style="color: #cd00cd;">78</span><span style="color: #cccccc;">:</span><span style="color: #cd00cd;">46</span><span style="color: #cccccc;">:BF:DA:</span><span style="color: #cd00cd;">6</span><span style="color: #cccccc;">A:</span><span style="color: #cd00cd;">8</span><span style="color: #cccccc;">F:</span><span style="color: #cd00cd;">8</span><span style="color: #cccccc;">C:CF:</span><span style="color: #cd00cd;">62</span><span style="color: #cccccc;">:</span><span style="color: #cd00cd;">11</span><span style="color: #cccccc;">:</span><span style="color: #cd00cd;">93</span><span style="color: #cccccc;">:CD:F1)</span>
</pre>
</div>
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">puppetca</span> <span style="color: #3399cc;">--</span><span style="color: #cccccc;">sign</span> <span style="color: #cccccc;">client1</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">com</span>
<span style="color: #cccccc;">notice:</span> <span style="color: #cccccc;">Signed</span> <span style="color: #cccccc;">certificate</span> <span style="color: #cccccc;">request</span> <span style="color: #cdcd00;">for</span> <span style="color: #cccccc;">client1</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">com</span>
<span style="color: #cccccc;">notice:</span> <span style="color: #cccccc;">Removing</span> <span style="color: #cd00cd;">file</span> <span style="color: #cccccc;">Puppet::SSL::CertificateRequest</span> <span style="color: #cccccc;">client1</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">puppet</span><span style="color: #3399cc;">.</span><span style="color: #cccccc;">com</span> <span style="color: #cccccc;">at</span> <span style="color: #cd0000;">'/var/lib/puppet/ssl/ca/requests/client1.puppet.com.pem'</span>
</pre>
</div>
<br />
<br />
<b><span style="font-size: small;">On client server : Ubuntu</span></b><br />
<br />
<span style="font-size: small;">As the certificate is signed from the master, complete output of previously executed commands on server will display info as,</span><br />
<br />
<!-- HTML generated using hilite.me --><br />
<div style="background: #000000; border-width: .1em .1em .1em .8em; border: solid gray; overflow: auto; padding: .2em .6em; width: auto;">
<pre style="line-height: 125%; margin: 0;"><span style="color: #cccccc;">puppet</span> <span style="color: #cccccc;">agent</span> <span style="color: #3399cc;">--</span><span style="color: #cccccc;">waitforcert</span> <span style="color: #cd00cd;">60</span> <span style="color: #3399cc;">--</span><span style="color: #cccccc;">test</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Caching</span> <span style="color: #008800;">certificate</span> <span style="color: #008800;">for</span> <span style="color: #008800;">ca</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Creating</span> <span style="color: #008800;">a</span> <span style="color: #008800;">new</span> <span style="color: #008800;">SSL</span> <span style="color: #008800;">certificate</span> <span style="color: #008800;">request</span> <span style="color: #008800;">for</span> <span style="color: #008800;">client2</span><span style="color: #008800;">.</span><span style="color: #008800;">puppet</span><span style="color: #008800;">.</span><span style="color: #008800;">com</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Certificate</span> <span style="color: #008800;">Request</span> <span style="color: #008800;">fingerprint</span> <span style="color: #008800;">(md5):</span> <span style="color: #008800;">72</span><span style="color: #008800;">:B7:</span><span style="color: #008800;">5</span><span style="color: #008800;">B:</span><span style="color: #008800;">78</span><span style="color: #008800;">:</span><span style="color: #008800;">46</span><span style="color: #008800;">:BF:DA:</span><span style="color: #008800;">6</span><span style="color: #008800;">A:</span><span style="color: #008800;">8</span><span style="color: #008800;">F:</span><span style="color: #008800;">8</span><span style="color: #008800;">C:CF:</span><span style="color: #008800;">62</span><span style="color: #008800;">:</span><span style="color: #008800;">11</span><span style="color: #008800;">:</span><span style="color: #008800;">93</span><span style="color: #008800;">:CD:F1</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Caching</span> <span style="color: #008800;">certificate</span> <span style="color: #008800;">for</span> <span style="color: #008800;">client2</span><span style="color: #008800;">.</span><span style="color: #008800;">puppet</span><span style="color: #008800;">.</span><span style="color: #008800;">com</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Caching</span> <span style="color: #008800;">certificate_revocation_list</span> <span style="color: #008800;">for</span> <span style="color: #008800;">ca</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Caching</span> <span style="color: #008800;">catalog</span> <span style="color: #008800;">for</span> <span style="color: #008800;">client2</span><span style="color: #008800;">.</span><span style="color: #008800;">puppet</span><span style="color: #008800;">.</span><span style="color: #008800;">com</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Applying</span> <span style="color: #008800;">configuration</span> <span style="color: #008800;">version</span> <span style="color: #008800;">'1389337083'</span>
<span style="color: #008800;">info:</span> <span style="color: #008800;">Creating</span> <span style="color: #008800;">state</span> <span style="color: #008800;">file</span> <span style="color: #008800;">/</span><span style="color: #008800;">var</span><span style="color: #008800;">/</span><span style="color: #008800;">lib</span><span style="color: #008800;">/</span><span style="color: #008800;">puppet</span><span style="color: #008800;">/</span><span style="color: #008800;">state</span><span style="color: #008800;">/</span><span style="color: #008800;">state</span><span style="color: #008800;">.</span><span style="color: #008800;">yaml</span>
<span style="color: #34fcfc;">notice:</span> <span style="color: #34fcfc;">Finished</span> <span style="color: #34fcfc;">catalog</span> <span style="color: #34fcfc;">run</span> <span style="color: #34fcfc;">in</span> <span style="color: #34fcfc;">0.04</span> <span style="color: #34fcfc;">seconds</span>
</pre>
</div>
<br />
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/01079172149209810817noreply@blogger.com2