Thursday, April 9, 2015

# Puppet new node addition

# Puppet new node addition
# I suppose we did install centos 7 version via vagrant or other methods and ubuntu14.04 trusy version puppet master.
# Personally I prefer vagrant method for just testing and developing.

Puppet master: ubuntu 14.04 trusty
Puppet new node(client) : centos 7.0

#http://docs.puppetlabs.com/guides/install_puppet/install_el.html
[vagrant@ct7]$ sudo rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
Retrieving http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
warning: /var/tmp/rpm-tmp.DIS9XB: Header V4 RSA/SHA1 Signature, key ID 4bd6ec30: NOKEY
Preparing...                          ################################# [100%]
Updating / installing...
   1:puppetlabs-release-7-11          ################################# [100%]

[vagrant@ct7 ~]$ sudo yum install puppet
Installed:
  puppet.noarch 0:3.7.5-1.el7                                                       

Dependency Installed:
  augeas-libs.x86_64 0:1.1.0-17.el7         facter.x86_64 1:2.4.3-1.el7             
  hiera.noarch 0:1.3.4-1.el7                libselinux-ruby.x86_64 0:2.2.2-6.el7    
  libyaml.x86_64 0:0.1.4-11.el7_0           pciutils.x86_64 0:3.2.1-4.el7           
  ruby.x86_64 0:2.0.0.598-24.el7            ruby-augeas.x86_64 0:0.4.1-3.el7        
  ruby-irb.noarch 0:2.0.0.598-24.el7        ruby-libs.x86_64 0:2.0.0.598-24.el7     
  ruby-shadow.x86_64 1:2.2.0-2.el7          rubygem-bigdecimal.x86_64 0:1.2.0-24.el7
  rubygem-io-console.x86_64 0:0.4.2-24.el7  rubygem-json.x86_64 0:1.7.7-24.el7      
  rubygem-psych.x86_64 0:2.0.0-24.el7       rubygem-rdoc.noarch 0:4.0.0-24.el7      
  rubygems.noarch 0:2.0.14-24.el7         

Complete!

On puppet master(ubuntu trusty) register new centos7 node hostname ct7

root@puppet:~# cat /etc/hosts | head -6
127.0.0.1    localhost
127.0.1.1 puppet puppet
10.0.0.5 puppet puppet
10.0.0.7 ts
10.0.0.9 ts1
10.0.0.11 ct7

root@puppet:~#

#puppet master domain to /etc/hosts file
[vagrant@ct7 ~]$ sudo vi /etc/hosts
[vagrant@ct7 ~]$ cat /etc/hosts
127.0.0.1   ct7 localhost localhost.localdomain localhost4 localhost4.localdomain4
10.0.0.5 puppet

# centos node new key generating
[vagrant@ct7 ~]$ sudo puppet agent --test
Info: Creating a new SSL key for ct7
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for ct7
Info: Certificate Request fingerprint (SHA256): 3A:B2:29:D5:77:F0:38:3A:D5:F6:06:07:39:21:9E:93:BC:1F:D3:36:96:17:BF:28:2D:41:3A:3A:90:6C:D9:D1
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled
[vagrant@ct7 ~]$

#ct7 register to puppet.conf
root@puppet:~# vi /etc/puppet/puppet.conf
[main]
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
#templatedir=$confdir/templates
prerun_command=/etc/puppet/etckeeper-commit-pre
postrun_command=/etc/puppet/etckeeper-commit-post
dns_alt_names = puppet,ts,ts1,ct7

[master]
# These are needed when the puppetmaster is run by passenger
# and can safely be removed if webrick is used.
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY


root@puppet:~# puppet cert --list
  "ct7" (SHA256) 3A:B2:29:D5:77:F0:38:3A:D5:F6:06:07:39:21:9E:93:BC:1F:D3:36:96:17:BF:28:2D:41:3A:3A:90:6C:D9:D1
root@puppet:~#


root@puppet:~# puppet cert sign ct7
Notice: Signed certificate request for ct7
Notice: Removing file Puppet::SSL::CertificateRequest ct7 at '/var/lib/puppet/ssl/ca/requests/ct7.pem'

No comments:

Post a Comment