Download the CentOS7 minimal ISO and use it to build at least two VM's that can be configured using Puppet
Set and enable the network and host name - you can also edit the IP settings etc at this point as well, or later with the nmtui command
Set root password
Reboot
Update server
sudo yum -y update
Set IP configuration
nmtui
Set IP address to manual and also specify the bitmask to set the gateway - i.e. 10.0.1.201/21
Set both internal and external Google DNS - 8.8.8.8
Restart networking
service network restart
Check hostname
hostname
Check disks
df
Networking options
Add hostnames to DNS (FQDN to be confirmed)
Add resolves to /etc/hosts
10.0.1.201 stage-db
10.0.1.202 stage-solr
10.0.1.250 puppet
Add and install puppet agent or puppet server (depending on role - most will be puppet agent) repos
yum -y install
http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
ll /etc/yum.repos.d/
Disable software firewall on all servers
systemctl stop firewalld; systemctl disable firewalld
For server
yum -y install puppet-server
Edit the puppet conf file on master server to set parameters
vi /etc/puppet/puppet.conf
Make changes to the main section and change the highlighted line
[main]
dns_alt_names = puppet, puppet.test.comcertname = puppet# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
Generate Certs on the master puppet server
sudo puppet master --no-daemonize --verbose
PRESS CTRL + C
Start the puppet server
systemctl start puppetmaster
and ensure service starts automatically
systemctl enable puppetmaster
For agent
yum -y install puppet
Edit the puppet conf file on agent servers to talk to puppet master server
vi /etc/puppet/puppet.conf
Make changes to the agent section and change the highlighted line
[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
[agent]
server = puppet# The file in which puppetd stores a list of the classes
# associated with the retrieved configuration. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
Sign Certs on the puppet agent server
puppet agent -t
Once all servers (apart from puppet master, have signed, then return to the puppet master server to acknowledge the signing requests
puppet cert list
Then, one by one, sign each cert with - puppet cert sign , for example
puppet cert sign stage-db
start and enable the pupper agents on each server
systemctl start puppet
systemctl enable puppet
Check connectivity with
puppet agent -t
Create a puppet manifest file on the puppet server to make sure changes are pushed to all servers
cd /etc/puppet/manifests
vi site.pp
Paste in this basic config
node default {
file {'/etc/purple':
content => 'This is an Purple test',
}
}
Log into another server and check whether the content has been pulled
puppet agent -t