puppet

What is Puppet?
Automate. Move Faster. Increase Reliability.
It’s not easy being in IT operations today. The volume and complexity of infrastructure you manage is growing and getting smarter. On top of that, you’ve got demands from the business to do more and faster, without sacrificing security and reliability. How do you strike that balance?

Get More Done in Less Time
With Puppet, you define the state of your IT infrastructure, and Puppet automatically enforces the desired state. Puppet automates every step of the software delivery process, from provisioning of physical and virtual machines to orchestration and reporting; from early-stage code development through testing, production release and updates.

Free up time to work on projects that deliver more business value Ensure consistency, reliability and stability Facilitate closer collaboration between sysadmins and developers

        ####################### MASTER ####################

hostnamectl set-hostname master.puppet.in

rpm -ivh https://yum.puppetlabs.com/el/7/products/x86_64/puppetlabs-release-7-11.noarch.rpm

rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm

yum install puppetserver -y

service puppetserver status

service puppetserver start

netstat -tlpn | grep ‘:8140’

systemctl status iptables.service

systemctl start iptables.service

iptables -I INPUT -p tcp –dport 8140 -j ACCEPT

systemctl save iptables.service

systemctl reload iptables.service

echo “ server=master.puppet.in” >> /etc/puppet/puppet.conf

##################### Agent #######################

telnet master.puppet.in 8140

rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

yum install puppet -y

systemctl start puppet

echo “ server=master.puppet.in” >> /etc/puppet/puppet.conf

echo  “172.16.28.128 master.puppet.in” >> /etc/hosts

puppet agent -t

puppet agent –server master.puppet.in –no-daemonize –onetime –debug

################# Master ####################

puppet cert list

puppet cert sign agent.puppet.in

###########################################
                                     How to create a user
vim user.pp
user { ‘jargyle’:
ensure   => ‘present’,
}
:wq!

[root@nd02server ~]# cat /etc/passwd | grep jargyle

[root@nd02server ~]# puppet apply user.pp
notice: /Stage[main]//User[jargyle]/ensure: created
notice: Finished catalog run in 0.12 seconds

[root@nd02server ~]# cat /etc/passwd | grep jargyle
jargyle:x:509:512::/home/jargyle:/bin/bash

####################################################
 How to create a group 
vim group.pp
group { ‘sample’
ensure => present,
}
:wq!
[root@nd02server ~]# cat /etc/group | grep sample

[root@nd02server ~]# puppet apply group.pp
notice: /Stage[main]//Group[sample]/ensure: created
notice: Finished catalog run in 0.11 seconds

[root@nd02server ~]# cat /etc/group | grep sample
sample:x:514:

#######################################################
  How to create a file  
vim file.pp
file { ‘/root/file1’:
ensure => present,
}
:wq!

[root@nd02server ~]# pwd
/root
[root@nd02server ~]# ls ­l | grep file1

[root@nd02server ~]# puppet apply file.pp
notice: /Stage[main]//File[/root/file1]/ensure: created
notice: Finished catalog run in 0.02 seconds

[root@nd02server ~]# ls ­l | grep file1
rw­r­­r­­  1 root         root          0 Jan 18 02:26 file1ow
###########################################################

                                              How to create a directory 
vim directory.pp
file {‘/root/rafi’:
ensure => ‘directory’,
}
:wq!

[root@nd02server ~]# ls ­ld | grep rafi

[root@nd02server ~]# puppet apply directory.pp
notice: /Stage[main]//File[/root/rafi]/ensure: created
notice: Finished catalog run in 0.02 seconds

[root@nd02server ~]# ls ­l | grep rafi
drwxr­xr­x  2 root         root       4096 Jan 18 02:35 rafi

##########################################################

How to change permissions

vim file.pp
file { ‘/root/file1’:
ensure => present,
mode => 777
}
:wq!

[root@nd02server ~]# puppet apply file.pp
notice: /Stage[main]//File[/root/file1]/mode: mode changed ‘0644’ to ‘0777’
notice: Finished catalog run in 0.02 seconds

[root@nd02server ~]# ls ­l | grep file1
rwxrwxrwx  1 root         root          0 Jan 18 02:26 file1
##########################################################
 How to change group  user 
vim groupchange.pp
file {‘/root/test1’:
owner  => “jargyle”,
group  => “sample”,
mode   => 755,
ensure => present
}
:wq!

[root@nd02server ~]# puppet apply groupchange.pp
notice: /Stage[main]//File[/root/test1]/ensure: created
notice: Finished catalog run in 0.02 seconds

[root@nd02server ~]# ls ­l | grep test1
rwxr­xr­x  1 jargyle      sample          0 Jan 18 02:42 test1
##############################################################

                                        How to install a package 

[root@nd02server ~]# rpm ­qa nmap

vim package.pp
package {“nmap”:
ensure => “installed”
}
:wq!

[root@nd02server ~]# puppet apply package.pp
notice: /Stage[main]//Package[nmap]/ensure: created
notice: Finished catalog run in 46.81 seconds

[root@nd02server ~]# rpm ­qa nmap
nmap­5.51­4.el6.x86_64

#################################################################

How to start a service

[root@nd02server ~]# service httpd status
httpd is stopped

vim service.pp
service {‘httpd’:
ensure => running
}
:wq!

[root@nd02server ~]# puppet apply service.pp
notice: /Stage[main]//Service[httpd]/ensure: ensure changed ‘stopped’ to ‘running’
notice: Finished catalog run in 0.15 seconds

[root@nd02server ~]# service httpd status
httpd (pid  10379) is running…
####################################################################

——————————— Master—————————-

puppet cert list

puppet cert sign agent.puppet.in

———————————————–

vim /etc/puppet/manifests/site.pp

node puppetclient {

 include httpd

}

———————————————–

mkdir /etc/puppet/modules/httpd

vim /etc/puppet/modules/httpd/init.pp

package {“httpd”:

ensure => “installed”

}

————————————–Agent————————–

puppet agent -t

————————————————————————————–

[root@li911-180 ~]# puppet agent -t
info: Caching certificate for ca
info: Creating a new SSL certificate request for li911-180.members.linode.com
info: Certificate Request fingerprint (SHA256): BF:D5:52:E2:C9:FA:C4:2F:14:D7:08:D1:3B:A4:D5:C1:79:3C:00:2B:75:25:95:20:AE:D6:A6:4E:54:83:29:7D
Exiting; no certificate found and waitforcert is disabled

[root@li911-180 ~]# puppet agent –server 45.79.151.113 –waitforcert 60 –test
notice: Did not receive certificate
info: Caching certificate for li911-180.members.linode.com
err: Could not retrieve catalog from remote server: Server hostname ‘45.79.151.113’ did not match server certificate; expected one of li1250-113.members.linode.com, DNS:puppet, DNS:li1250-113.members.linode.com
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
err: Could not send report: Server hostname ‘45.79.151.113’ did not match server certificate; expected one of li1250-113.members.linode.com, DNS:puppet, DNS:li1250-113.members.linode.com

[root@li911-180 ~]# puppet agent –server li1250-113.members.linode.com –waitforcert 60 –test
info: Caching certificate_revocation_list for ca
info: Caching catalog for li911-180.members.linode.com
info: Applying configuration version ‘1457445891’
info: Creating state file /var/lib/puppet/state/state.yaml
notice: Finished catalog run in 0.03 seconds

—————————————————————————————
[root@li1250-113 ~]# puppet cert –list –all
“li911-180.members.linode.com”  (SHA256) BF:D5:52:E2:C9:FA:C4:2F:14:D7:08:D1:3B:A4:D5:C1:79:3C:00:2B:75:25:95:20:AE:D6:A6:4E:54:83:29:7D
+ “li1250-113.members.linode.com” (SHA256) B9:98:5C:0B:74:65:08:9D:8B:DF:D4:12:14:44:89:C3:DC:3C:9C:8E:B5:26:6B:99:54:74:B8:F8:82:AA:26:A5 (alt names: “DNS:puppet”, “DNS:li1250-113.members.linode.com”)

[root@li1250-113 ~]# puppet cert sign li911-180.members.linode.com
Notice: Signed certificate request for li911-180.members.linode.com
Notice: Removing file Puppet::SSL::CertificateRequest li911-180.members.linode.com at ‘/var/lib/puppet/ssl/ca/requests/li911-180.members.linode.com.pem’

[root@li1250-113 ~]# puppet cert –list –all
+ “li1250-113.members.linode.com” (SHA256) B9:98:5C:0B:74:65:08:9D:8B:DF:D4:12:14:44:89:C3:DC:3C:9C:8E:B5:26:6B:99:54:74:B8:F8:82:AA:26:A5 (alt names: “DNS:puppet”, “DNS:li1250-113.members.linode.com”)
+ “li911-180.members.linode.com”  (SHA256) F1:4F:D8:04:59:7F:57:3B:E2:B3:86:19:23:CC:4F:11:FC:BA:6C:BE:4D:C6:B3:42:E6:C9:F9:6B:26:A2:E8:1B

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s