We already have Puppet server (Community Edition) installed on this server (Oracle Linux 7.2) :

[root@puppetserver ~]# rpm -qa | grep puppet
puppetlabs-release-pc1-1.1.0-4.el7.noarch
puppet-agent-1.7.1-1.el7.x86_64
puppetserver-2.6.0-1.el7.noarch

And we would like to install PuppetDB with packages …

PuppetDB installation

Using Puppet, Install both PuppetDB and PuppetDB-termini :

[root@puppetserver ~]# puppet resource package puppetdb ensure=latest
Notice: /Package[puppetdb]/ensure: created
package { 'puppetdb':
  ensure => '4.2.4-1.el7',
}
[root@puppetserver ~]# puppet resource package puppetdb-termini ensure=latest
Notice: /Package[puppetdb-termini]/ensure: created
package { 'puppetdb-termini':
  ensure => '4.2.4-1.el7',
}

PostgreSQL

Install PostgreSQL 9.6 :

  • Install the repository :
[root@puppetserver ~]# yum -y install https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7.3-x86_64/pgdg-oraclelinux96-9.6-3.noarch.rpm
  • Install PosgreSQL :
[root@puppetserver ~]# yum -y install postgresql96-server postgresql96-contrib
  • Initialize the database :
[root@puppetserver ~]# /usr/pgsql-9.6/bin/postgresql96-setup initdb
Initializing database ... OK
  • Start (and keep it started on a reboot) PosgreSQL :
[root@puppetserver ~]# systemctl start postgresql-9.6
[root@puppetserver ~]# systemctl enable postgresql-9.6
Created symlink from /etc/systemd/system/multi-user.target.wants/postgresql-9.6.service to /usr/lib/systemd/system/postgresql-9.6.service.

PosgreSQL account and database for PuppetDB

Using “postgres” account :

[root@puppetserver ~]# su - postgres
-bash-4.2$
  • Create a PostgreSQL account for PuppetDB :
[root@puppetserver ~]# su - postgres
-bash-4.2$ createuser -DRSP puppetdb
Enter password for new role:
Enter it again:
  • Create a database for PuppetDB :
-bash-4.2$ createdb -E UTF8 -O puppetdb puppetdb
  • For RegExp-optimized index extension pg_trgm :
-bash-4.2$ psql puppetdb -c 'create extension pg_trgm'
CREATE EXTENSION
  • Logoff “postgres” account :
-bash-4.2$ exit
logout

Now, edit “pg_hba.conf” to allow MD5 authentication :

[root@puppetserver ~]# egrep "^local|^host" /var/lib/pgsql/9.6/data/pg_hba.conf
local   all             all                                     md5
host    all             all             127.0.0.1/32            md5
host    all             all             ::1/128                 md5

Restart PosgreSQL :

[root@puppetserver ~]# systemctl restart postgresql-9.6

Check your authentication :

[root@puppetserver ~]# su - postgres -c "psql -h localhost puppetdb puppetdb"
Password for user puppetdb:
psql (9.6.1)
Type "help" for help.

puppetdb=> \q

It works !

PuppetDB configuration for PostgreSQL

Set “[database]” section in “database.conf” file :

[root@puppetserver ~]# egrep -v "^#|^$" /etc/puppetlabs/puppetdb/conf.d/database.ini
[database]
classname = org.postgresql.Driver
subprotocol = postgresql
subname = //localhost:5432/puppetdb
username = puppetdb
password = your_password
log-slow-statements = 10

Start and enable PuppetDB using Puppet :

[root@puppetserver ~]# puppet resource service puppetdb ensure=running enable=true
Notice: /Service[puppetdb]/ensure: ensure changed 'stopped' to 'running'
service { 'puppetdb':
  ensure => 'running',
  enable => 'true',
}

is PuppetDB service running ?

[root@puppetserver ~]# systemctl status puppetdb
● puppetdb.service - puppetdb Service
   Loaded: loaded (/usr/lib/systemd/system/puppetdb.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2016-10-31 19:01:32 CET; 1min 6s ago
 Main PID: 3499 (java)
   CGroup: /system.slice/puppetdb.service
           └─3499 /usr/bin/java -Xmx192m -Djava.security.egd=/dev/urandom -XX:OnOutOfMemoryError=kill -9 %p -cp /opt/puppetlabs/server/ap...

Oct 31 19:00:02 puppetserver.argonay.wou systemd[1]: Starting puppetdb Service...
Oct 31 19:01:03 puppetserver.argonay.wou puppetdb[3490]: The [database] classname setting has been retired and will be ignored.
Oct 31 19:01:03 puppetserver.argonay.wou puppetdb[3490]: The [database] subprotocol setting has been retired and will be ignored.
Oct 31 19:01:17 puppetserver.argonay.wou puppetdb[3490]: The [database] classname setting has been retired and will be ignored.
Oct 31 19:01:17 puppetserver.argonay.wou puppetdb[3490]: The [database] subprotocol setting has been retired and will be ignored.
Oct 31 19:01:32 puppetserver.argonay.wou systemd[1]: Started puppetdb Service.

Puppet server configuration for PuppetDB

Edit configurations files in $CONFDIR directory :

  • Go to this directory :
[root@puppetserver ~]# cd $(puppet config print confdir)
  • Create “puppetdb.conf” :
[root@puppetserver puppet]# cat puppetdb.conf
[main]
server_urls = https://puppetserver.argonay.wou:8081
  • Add both “storeconfigs” ; “storeconfigs_backend” and “reports” values in “puppet.conf” :
[root@puppetserver puppet]# awk -v RS= '/\[master\]/ {if (first) print "";print;first=1}' puppet.conf
[master]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code
storeconfigs = true
storeconfigs_backend = puppetdb
reports = store,puppetdb

Create “routes.yaml” file :

[root@puppetserver puppet]# cat $(puppet master --configprint route_file)
---
master:
  facts:
    terminus: puppetdb
    cache: yaml

All Puppet configuration files must belong to “puppet:puppet” :

[root@puppetserver puppet]# chown -R puppet:puppet $(puppet config print confdir)

Allow port 8081 :

[root@puppetserver puppet]# firewall-cmd --permanent --add-port=8081/tcp
success
[root@puppetserver puppet]# firewall-cmd --reload
success

Restart Puppet server :

[root@puppetserver puppet]# systemctl restart puppetserver

It’s time to test !

launch Puppet agent on any node (here Psuppet server itself) :

[root@puppetserver puppet]# puppet agent -tv

View result in log file :

[root@puppetserver puppet]# tail -3 /var/log/puppetlabs/puppetdb/puppetdb.log
2016-10-31 20:15:30,109 INFO [p.p.command] [65b9d04f-ab96-4251-a7f0-cdb82fd773c5] [replace facts] puppetserver.argonay.wou
2016-10-31 20:15:31,656 INFO [p.p.command] [7c1bbcbf-796f-4f24-95c9-ff6f4ff82551] [replace catalog] puppetserver.argonay.wou
2016-10-31 20:15:32,806 INFO [p.p.command] [f8993111-f1a4-4d43-a4fe-4e88d7c7bd28] [store report] puppet v4.7.0 - puppetserver.argonay.wou

 

 

PDF24    Send article as PDF   

Leave a Reply

Your email address will not be published. Required fields are marked *


*