Here is by Debian release :

wou@puppet_agent:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 8.5 (jessie)
Release:        8.5
Codename:       jessie

We need to become “root” :

wou@puppet_agent:~$ sudo bash
[sudo] password for wou:

Puppet agent installation

Download Puppet repository

To download the Community Edition :

Repositories are defined in Puppet Community Edition collections

Don’t worry about Java, Ruby and others, they will come as dedicated distribution for Puppet.

Install the required DEB :

  • go to “/tmp” directory :
root@puppet_agent:/home/wou# cd /tmp
  • And doanlod the DEB file :
root@puppet_agent:/tmp# wget https://apt.puppetlabs.com/puppetlabs-release-pc1-jessie.deb
converted 'https://apt.puppetlabs.com/puppetlabs-release-pc1-jessie.deb' (ANSI_X3.4-1968) -> 'https://apt.puppetlabs.com/puppetlabs-release-pc1-jessie.deb' (UTF-8)
--2016-06-29 19:25:37--  https://apt.puppetlabs.com/puppetlabs-release-pc1-jessie.deb
Resolving apt.puppetlabs.com (apt.puppetlabs.com)... 192.155.89.90, 2600:3c03::f03c:91ff:fedb:6b1d
Connecting to apt.puppetlabs.com (apt.puppetlabs.com)|192.155.89.90|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 5362 (5.2K) [application/x-debian-package]
Saving to: 'puppetlabs-release-pc1-jessie.deb'

puppetlabs-release-pc1-jessie. 100%[=====================================================>]   5.24K  --.-KB/s   in 0.005s

2016-06-29 19:25:38 (1005 KB/s) - 'puppetlabs-release-pc1-jessie.deb' saved [5362/5362]
  • Then, install it :
root@puppet_agent:/tmp# dpkg -i puppetlabs-release-pc1-jessie.deb
Selecting previously unselected package puppetlabs-release-pc1.
(Reading database ... 29760 files and directories currently installed.)
Preparing to unpack puppetlabs-release-pc1-jessie.deb ...
Unpacking puppetlabs-release-pc1 (1.0.0-2jessie) ...
Setting up puppetlabs-release-pc1 (1.0.0-2jessie) ...
  • And launch an update :
root@puppet_agent:/tmp# apt-get update

Puppet agent installation

Here are Puppet agent releases we can install :

root@puppet_agent:/tmp# apt-cache show puppet-agent | egrep "^Version"
Version: 1.5.3-1jessie
Version: 1.5.2-1jessie
Version: 1.5.1-1jessie
Version: 1.5.0-1jessie
Version: 1.4.2-1jessie
Version: 1.4.1-1jessie
Version: 1.4.0-1jessie
Version: 1.3.6-1jessie
Version: 1.3.5-1jessie
Version: 1.3.4-1jessie
Version: 1.3.2-1jessie
Version: 1.3.1-1jessie
Version: 1.3.0-1jessie
Version: 1.2.7-1jessie
Version: 1.2.6-1jessie
Version: 1.2.5-1jessie
Version: 1.2.4-1jessie
Version: 1.2.2-1jessie
Version: 1.2.1-1jessie
Version: 1.2.0-1jessie

Install Puppet agent latest release :

root@puppet_agent:/tmp# apt-get -y install puppet-agent=1.5.3-1jessie

Stop Puppet agent daemon (we’ll start it manually) :

root@puppet:/home/wou# systemctl stop puppet

And don’t start it next reboot :

root@puppet_agent:/home/wou# systemctl disable puppet
Synchronizing state for puppet.service with sysvinit using update-rc.d...
Executing /usr/sbin/update-rc.d puppet defaults
Executing /usr/sbin/update-rc.d puppet disable
insserv: warning: current start runlevel(s) (empty) of script `puppet' overrides LSB defaults (2 3 4 5).
insserv: warning: current stop runlevel(s) (0 1 2 3 4 5 6) of script `puppet' overrides LSB defaults (0 1 6).

Puppet agent configuration

For this lab, we don’t have any DNS server, so we have to edit “/etc/hosts” file :

root@puppet_agent:/home/wou# grep puppet /etc/hosts
192.168.1.156 puppet_server.argonay.wou puppet_server
192.168.1.157 puppet_agent.argonay.wou puppet_agent

Update the hostname :

root@puppet_agent:/home/wou# hostnamectl set-hostname puppet_agent

a new SSH session will display the new prompt :

wou@puppet_agent:~$

Become “root” :

wou@puppet_agent:~$ sudo bash
[sudo] password for wou:

Require a certificate

We are able to ping the Puppet server :

root@puppet_agent:/home/wou# ping -c1 puppet_server.argonay.wou
PING puppet_server.argonay.wou (192.168.1.156) 56(84) bytes of data.
64 bytes from puppet_server.argonay.wou (192.168.1.156): icmp_seq=1 ttl=64 time=1.24 ms

--- puppet_server.argonay.wou ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.242/1.242/1.242/0.000 ms

Open 8140/TCP port on master :

[root@puppet_server ~]# firewall-cmd --permanent --add-port=8140/tcp
success
[root@puppet_server ~]# firewall-cmd --reload
success

Request a certificate on the agent :

root@puppet_agent:/home/wou# puppet agent -tv --waitforcert=120 --server=puppet_server.argonay.wou
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for puppet_agent.argonay.wou
Info: Certificate Request fingerprint (SHA256): 39:10:7A:32:91:84:EB:F3:F1:09:4C:0C:97:36:FA:25:15:0C:95:E2:57:B1:1F:FB:6A:A2:EF:16:85:CC:D8:8D
Info: Caching certificate for ca
Info: Caching certificate for puppet_agent.argonay.wou
Notice: Skipping run of Puppet configuration client; administratively disabled (Reason: 'Disabled by default on new or unconfigured old installations');
Use 'puppet agent --enable' to re-enable.

In the meantime, validate the certificate on the server :

[root@puppet_server ~]# puppet cert --list
  "puppet_agent.argonay.wou" (SHA256) 39:10:7A:32:91:84:EB:F3:F1:09:4C:0C:97:36:FA:25:15:0C:95:E2:57:B1:1F:FB:6A:A2:EF:16:85:CC:D8:8D
[root@puppet_server ~]# puppet cert --sign puppet_agent.argonay.wou
Notice: Signed certificate request for puppet_agent.argonay.wou
Notice: Removing file Puppet::SSL::CertificateRequest puppet_agent.argonay.wou at '/etc/puppetlabs/puppet/ssl/ca/requests/puppet_agent.argonay.wou.pem'

Edit “puppet.conf” configuration file

root@puppet_agent:/home/wou# cat /etc/puppet/puppet.conf
[main]
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
prerun_command=/etc/puppet/etckeeper-commit-pre
postrun_command=/etc/puppet/etckeeper-commit-post

[master]
# These are needed when the puppetmaster is run by passenger
# and can safely be removed if webrick is used.
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY

[agent]
server = puppet_server.argonay.wou

Enable Puppet agent :

root@puppet_agent:/home/wou# puppet agent --enable

Try to launch Puppet agent :

root@puppet_agent:/home/wou# puppet agent -tv
Info: Caching certificate_revocation_list for ca
Info: Retrieving pluginfacts
Error: Could not retrieve pluginfacts: Parameter source failed on File[/var/lib/puppet/facts.d]: Could not understand source puppet://puppet_server.argonay.wou/pluginfacts: the scheme puppet does not accept registry part: puppet_server.argonay.wou (or bad hostname?)
Wrapped exception:
Could not understand source puppet://puppet_server.argonay.wou/pluginfacts: the scheme puppet does not accept registry part: puppet_server.argonay.wou (or bad hostname?)
Wrapped exception:
the scheme puppet does not accept registry part: puppet_server.argonay.wou (or bad hostname?)
Info: Retrieving plugin
Error: Could not retrieve plugin: Parameter source failed on File[/var/lib/puppet/lib]: Could not understand source puppet://puppet_server.argonay.wou/plugins: the scheme puppet does not accept registry part: puppet_server.argonay.wou (or bad hostname?)
Wrapped exception:
Could not understand source puppet://puppet_server.argonay.wou/plugins: the scheme puppet does not accept registry part: puppet_server.argonay.wou (or bad hostname?)
Wrapped exception:
the scheme puppet does not accept registry part: puppet_server.argonay.wou (or bad hostname?)
Info: Caching catalog for puppet_agent.argonay.wou
Info: Applying configuration version '1467308111'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.03 seconds

Currently, we have no module defined in the Puppet Server, this is why we got this error…

 

 

 

 

PDF24    Send article as PDF   

Leave a Reply

Your email address will not be published. Required fields are marked *


*