[Show page]
[Old revisions]
[[unknown link type]]
[
]

Differences

This shows you the differences between two versions of the page.

--- linux:puppet [2014/11/06 21:00]
admin [Client side again]
+++ linux:puppet [2019/01/28 15:16] (current)
admin [Client side again]
@@ Line 1: / Line 1: @@
 ====== Client side =====
-. add puppet to your /etc/hosts
+First
+   apt install puppet
+You can choose how to reach the server by configuring it or using dns, which is a    great advantage if you have all the servers in one domain.
+==== Config way ====
+   puppet config set server puppet.starlab.cz
+==== DNS way ====
+  - make sure you have properly setup hostname in /etc/hostname and /etc/hosts
+  - add puppet to your /etc/hosts
 <file /etc/hosts>
 .0.4.60 puppet puppet.starlab.cz
@@ Line 8: / Line 18: @@
 .20.102.91 puppet puppet.starlab.cz
 </file>
+  - initiate connection to server<code bash>
-<code bash>
+xen-starlab:~# puppetd --server puppet --test
-xen-jpcomp:~# puppetd --server puppet --test
+info: Creating a new SSL key for xen.starlab.cz
-info: Creating a new SSL key for xen-jpcomp.jpcomp.cz
 info: Caching certificate for ca
-info: Creating a new SSL certificate request for xen-jpcomp.jpcomp.cz
+info: Creating a new SSL certificate request for xen.starlab.cz
 info: Certificate Request fingerprint (md5): AA:A6:EA:69:9A:35:91:C2:EA:8B:CF:B4:70:8E:2E:4B
 Exiting; no certificate found and waitforcert is disabled
+</code>
+v novejsi verzi puppetu:
+<code bash>
+xen-starlab:~# puppet agent --server puppet --test
 </code>
@@ Line 27: / Line 40: @@
 Hey! We have a new client
-  root@ibm:~# puppetca --list
+  root@ibm:~# puppet cert --list
-    "xen-jpcomp.jpcomp.cz" (AA:A6:EA:69:9A:35:91:C2:EA:8B:CF:B4:70:8E:2E:4B)
+    "xen.starlab.cz" (AA:A6:EA:69:9A:35:91:C2:EA:8B:CF:B4:70:8E:2E:4B)
 So sign it!
-  puppetca --sign xen-jpcomp.jpcomp.cz
+  puppet cert --sign xen.starlab.cz
-  notice: Signed certificate request for xen-jpcomp.jpcomp.cz
+  notice: Signed certificate request for xen.starlab.cz
-  notice: Removing file Puppet::SSL::CertificateRequest xen-jpcomp.jpcomp.cz at '/path/to.pem'
+  notice: Removing file Puppet::SSL::CertificateRequest xen.starlab.cz at '/path/to.pem'
@@ Line 45: / Line 58: @@
 Here is the output:
 <code>
-xen-jpcomp:~# puppetd --server puppet --waitforcert 80 --test
+xen-starlab:~# puppetd --server puppet --waitforcert 80 --test
-info: Caching catalog for xen-jpcomp.jpcomp.cz
+info: Caching catalog for xen.starlab.cz
 info: Applying configuration version '1413471896'
 notice: /Stage[main]//File[nrpe_local.cfg]/content:
@@ Line 70: / Line 83: @@
 notice: /Stage[main]//File[nrpe_local.cfg]/content: content changed '{md5}19c1c67393a0b6002f4595b535c71cc2' to '{md5}d8116d9a68b755368037d6bc08d3f1db'
 notice: Finished catalog run in 0.44 seconds
+</code>
+Create a cron job
+<code>
+    puppet resource cron puppet-agent ensure=present user=root minute=30 command='/usr/bin/puppet agent --onetime --no-daemonize --splay'
+</code>
+Output:
+<code>
+notice: /Cron[puppet-agent]/ensure: created
+cron { 'puppet-agent':
+  ensure  => 'present',
+  command => '/usr/bin/puppet agent --onetime --no-daemonize --splay',
+  minute  => ['30'],
+  target  => 'root',
+  user    => 'root',
+}
+</code>
+and the cron line is not system wide, but root's
+<code bash>
+server:~# crontab -l
+# HEADER: This file was autogenerated at Thu Nov 06 21:21:15 +0100 2014 by puppet.
+# HEADER: While it can still be managed manually, it is definitely not recommended.
+# HEADER: Note particularly that the comments starting with 'Puppet Name' should
+# HEADER: not be deleted, as doing so could cause duplicate cron jobs.
+# Puppet Name: puppet-agent
+* * * * /usr/bin/puppet agent --onetime --no-daemonize --splay
+</code>
+Why cron job instead of daemon? Cron job can sometimes perform better and use less memory.
+===== Autostart =====
+<code bash>
+puppet agent --enable
+service puppet restart
 </code>

linux/puppet.1415304015.txt.gz · Last modified: 2014/11/06 21:00 by admin