*snip*
Puppet is system administration — Automated.
Puppet speaks the local language
Administer One Server or 1,000
The Robustness of Open Source
Powerful, Flexible, Extensible
Facter Sets the Stage
Repeatable Configurations

For a more complete description visit Reductive Labs.

Preliminary Note:

I’m using two empty CentOS 5.2 servers in this tutorial:

* server1.example.co.za (IP 10.0.0.100): Puppet Master
* server2.example.co.za (IP 10.0.0.102): Puppet

Installing the Puppet Master and Puppet(s) packages:

Firstly setup the Extra Packages for Enterprise Linux (EPEL) repos for Centos on the Puppet Master and Puppet choosing the correct package depending on your distribution (32 bit or 64 bit).

# rpm -Uvh http://download.fedora.redhat.com/pub/epel/5Server/x86_64/epel-release-5-3.noarch.rpm
# rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm

Disable non-standard repos. In the YUM configuration files on both Puppet Master and Puppet edit the EPEL configuration files.

# vi /etc/yum.repos.d/epel.repo

[epel]
enabled=0

Install the puppet server on Puppet Master

# yum install puppet-server –enablerepo=epel

(Optional) If you want “—help” command

# yum install ruby-rdoc

Install the puppet client on Puppet

# yum install puppet –enablerepo=epel

(Optional) If you want “—help” command

# yum install ruby-rdoc

Configuring Puppet Master with a Simple Manifest: Managing Ownership of a File

Step 1: Create a minimal manifest file called site.pp in /etc/puppet/manifests with the following content:

# vi /etc/puppet/manifests/site.pp

# /etc/puppet/manifests/site.pp

import "classes/*"

node default {
    include sudo
 }

The import statement on the first line, imports all of the class files located in the classes subdirectory of the Puppet home directory (i.e. /etc/puppet/manifests/classes).

After the classes have been imported, create a default node definition. The default node definition will be applied to any node that doesn’t fall into any other node definition’s. In this case, all nodes will follow this node definition and so any node will include our sudo class.

Step 2: Next create the sudo.pp class in /etc/puppet/manifests/classes/ with the following content:

# vi /etc/puppet/manifests/classes/sudo.pp

# /etc/puppet/manifests/classes/sudo.pp

class sudo {
    file { "/etc/sudoers":
        owner => "root",
        group => "root",
        mode  => 440,
    }
}

This class which will ensure that the owner, group, and mode of the /etc/sudoers file will be set consistently across all systems that belong to that class.

Step 3: Start the Puppet Master service and enable start on boot

# service puppet-server start
# chkconfig puppet-server on

Configuring Puppet

Configure the puppet client to connect to the server and enable logging. Edit the file /etc/sysconfig/puppet and uncomment the PUPPET_LOG and PUPPET_SERVER line specifying the servers address.

# vi /etc/sysconfig/puppet

# The puppetmaster server
PUPPET_SERVER=Puppet Master

# If you wish to specify the port to connect to do so here
#PUPPET_PORT=8140

# Where to log to. Specify syslog to send log messages to the system log.
PUPPET_LOG=/var/log/puppet/puppet.log

# You may specify other parameters to the puppet client here
#PUPPET_EXTRA_OPTS=--waitforcert=500

The client will automatically pull configuration from the server every 30 minutes, start it as a service and enable start on boot

# service puppet start
# chkconfig puppet on

On the Puppet Master sign the SSL key request from the Puppet
In order for the two systems to communicate securely we need to create signed SSL certificates. You should be logged into both the Puppet Master and Puppet machines for this next step.

# puppetca --list
server2.example.co.za

# puppetca --sign server2.example.co.za
Signed server2.example.co.za

Related posts:

1. Installing #Puppet Master with #Foreman frontend on #CentOS 5.5
2. Installing #Puppet Dashboard on #CentOS 5.5