Category Archives: Puppet Enterprise

Puppet Enterprise – How to auto sign nodes

Basic autosigning is enabled by default and looks for a whitelist located at $confdir/autosign.conf

The autosign.conf whitelist file is a list of certnames or domain name globs (one per line) whose certificate requests will automatically be signed.

test.example.com
*.datacenter.example.com
*.localdinaub

Puppet Enterprise – Error: Could not request certificate: getaddrinfo: No such host is known

Following error on Puppet windows agent

$ puppet agent -t
Running Puppet agent on demand ...
Error: Could not request certificate: getaddrinfo: No such host is known
Exiting; failed to retrieve certificate and waitforcert is disabled**

Run agent in debug mode puppet agent -t --debug

It will tell you what host:port it is trying to connect

Fix it accordingly in following config file and re run puppet agent

C:\ProgramData\PuppetLabs\puppet\etc\puppet.conf

All good 🙂

Install Puppet Enterprise

Install Puppet Enterprise Master

    1.  Download puppet enterprise package puppet-enterprise-2015.3.0-el-6-x86_64.tar.gz to your /tmp directory
    2. Extract package using command tar zxvf puppet-enterprise-2015.3.0-el-6-x86_64.tar.gz
    3. Install using answers file
      cd /tmp/puppet-enterprise-2015.3.0-el-6-x86_64
      ./puppet-enterprise-installer -a answers.txt

      Sample answers file is given below, substitute appropriate values as per your environment

      q_activity_database_name=pe-activity
      q_activity_database_password=HqVk2gI6rW9AEDoxJaOx
      q_activity_database_user=pe-activity
      q_all_in_one_install=y
      q_backup_and_purge_old_configuration=n
      q_backup_and_purge_old_database_directory=n
      q_classifier_database_name=pe-classifier
      q_classifier_database_password=Y2smINHrKS0fJXcWwWWg
      q_classifier_database_user=pe-classifier
      q_database_host=pe-master.localdomain
      q_database_install=y
      q_database_port=5432
      q_database_root_password=s4pwAT0iqoIv9PL6DB7x
      q_database_root_user=pe-postgres
      q_install=y
      q_pe_database=y
      q_puppet_cloud_install=n
      q_puppet_enterpriseconsole_auth_password=12345678
      q_puppet_enterpriseconsole_database_name=console
      q_puppet_enterpriseconsole_database_password=3Sky4FR5hUia5g3qMLGx
      q_puppet_enterpriseconsole_database_user=console
      q_puppet_enterpriseconsole_httpd_port=443
      q_puppet_enterpriseconsole_install=y
      q_puppet_enterpriseconsole_master_hostname=pe-master.localdomain
      q_puppetagent_certname=pe-master.localdomain
      q_puppetagent_install=y
      q_puppetagent_server=pe-master.localdomain
      q_puppetca_hostname=pe-master.localdomain
      q_puppetdb_database_name=pe-puppetdb
      q_puppetdb_database_password=qBDhK6rXvbDYyTbHqiuj
      q_puppetdb_database_user=pe-puppetdb
      q_puppetdb_hostname=pe-master.localdomain
      q_puppetdb_install=y
      q_puppetdb_plaintext_port=8080
      q_puppetdb_port=8081
      q_puppetmaster_certname=pe-master.localdomain
      q_puppetmaster_dnsaltnames=pe-master,pe-master.localdomain,puppet,puppet.localdomain
      q_puppetmaster_enterpriseconsole_certname=pe-master.localdomain
      q_puppetmaster_enterpriseconsole_hostname=pe-master.localdomain
      q_puppetmaster_install=y
      q_rbac_database_name=pe-rbac
      q_rbac_database_password=CqXv5sT3BPf0afkJG7wW
      q_rbac_database_user=pe-rbac
      q_run_updtvpkg=n
      q_vendor_packages_install=y
      q_enable_future_parser=y
    4. When installation is complete you’d see following messages on terminal
      --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
      
      STEP 5: DONE
      
      Thanks for installing Puppet Enterprise!
      
         To learn more and get started using Puppet Enterprise, refer to the Puppet Enterprise Quick Start Guide (http://docs.puppetlabs.com/pe/latest/quick_start.html) and the Puppet Enterprise Deployment Guide (http://docs.puppetlabs.com/guides/deployment_guide/index.html).
      
         The console can be reached at the following URI:
          *  https://puppetmaster
      
      ======================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================
      
      ## NOTES
      
         Puppet Enterprise has been installed to "/opt/puppetlabs," and its configuration files are located in "/etc/puppetlabs".
      
         Answers from this session saved to '/vagrant_data/puppet-enterprise-2015.3.0-el-6-x86_64/answers.lastrun.puppetmaster'
         In addition, auto-generated database users and passwords have been saved to '/etc/puppetlabs/installer/database_info.*'
         !!! WARNING: Do not discard these files! All auto-generated database users and passwords have been saved in them. You will need this information to configure the console role during installation.
      
         If you have a firewall running, please ensure the following TCP ports are open: 443, 4433, 8140, 61613
      
      --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
      
      [root@puppetmaster puppet-enterprise-2015.3.0-el-6-x86_64]#

       

    5. Run following test command
      [root@puppetmaster puppet-enterprise-2015.3.0-el-6-x86_64]# puppet agent -t
      Info: Using configured environment 'production'
      Info: Retrieving pluginfacts
      Info: Retrieving plugin
      Info: Loading facts
      Info: Caching catalog for pe-master.localdomain
      Info: Applying configuration version '1460937326'
      Notice: Applied catalog in 9.52 seconds
      [root@puppetmaster puppet-enterprise-2015.3.0-el-6-x86_64]#

      If your output looks like above, you are ready to GO!

    6. Access puppet master console on https://<puppetmaster-hostname>:443If you used above answers file, your login user is admin and password is 12345678

Install Puppet Agent

  1. SSH into agent server
  2. Run following command, it will install puppet agent and integrate with your puppet master
    curl -k https://<puppetmaster-hostname>:8140/packages/current/install.bash | sudo bash

    [root@peagent01 ~]# curl -k https://puppetmaster:8140/packages/current/install.bash | sudo bash
      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                     Dload  Upload   Total   Spent    Left  Speed
    100 14582  100 14582    0     0  76638      0 --:--:-- --:--:-- --:--:-- 2848k
    Loaded plugins: fastestmirror
    Cleaning repos: pe_repo
    Cleaning up Everything
    Cleaning up list of fastest mirrors
    Loaded plugins: fastestmirror
    Setting up Install Process
    Determining fastest mirrors
    pe_repo                                                                                                                                                                                         | 2.5 kB     00:00
    pe_repo/primary_db                                                                                                                                                                              |  23 kB     00:00
    Resolving Dependencies
    --> Running transaction check
    ---> Package puppet-agent.x86_64 0:1.3.2-1.el6 will be installed
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    
    =======================================================================================================================================================================================================================
     Package                                                Arch                                             Version                                               Repository                                         Size
    =======================================================================================================================================================================================================================
    Installing:
     puppet-agent                                           x86_64                                           1.3.2-1.el6                                           pe_repo                                            35 M
    
    Transaction Summary
    =======================================================================================================================================================================================================================
    Install       1 Package(s)
    
    Total download size: 35 M
    Installed size: 124 M
    Downloading Packages:
    puppet-agent-1.3.2-1.el6.x86_64.rpm                                                                                                                                                             |  35 MB     00:01
    warning: rpmts_HdrFromFdno: Header V4 RSA/SHA1 Signature, key ID 4bd6ec30: NOKEY
    Retrieving key from https://pe-master.localdomain:8140/packages/GPG-KEY-puppetlabs
    Importing GPG key 0x4BD6EC30:
     Userid: "Puppet Labs Release Key (Puppet Labs Release Key) "
     From  : https://pe-master.localdomain:8140/packages/GPG-KEY-puppetlabs
    Running rpm_check_debug
    Running Transaction Test
    Transaction Test Succeeded
    Running Transaction
      Installing : puppet-agent-1.3.2-1.el6.x86_64                                                                                                                                                                     1/1
      Verifying  : puppet-agent-1.3.2-1.el6.x86_64                                                                                                                                                                     1/1 
    
    Installed:
      puppet-agent.x86_64 0:1.3.2-1.el6                                                                                                                                                                                    
    
    Complete!
    service { 'puppet':
      ensure => 'stopped',
    }
    Notice: /Service[puppet]/ensure: ensure changed 'stopped' to 'running'
    service { 'puppet':
      ensure => 'running',
      enable => 'true',
    }
    service { 'puppet':
      ensure => 'running',
      enable => 'true',
    }
    Notice: /File[/usr/local/bin/facter]/ensure: created
    file { '/usr/local/bin/facter':
      ensure   => 'link',
      selrange => 's0',
      selrole  => 'object_r',
      seltype  => 'bin_t',
      seluser  => 'system_u',
      target   => '/opt/puppetlabs/puppet/bin/facter',
    }
    Notice: /File[/usr/local/bin/puppet]/ensure: created
    file { '/usr/local/bin/puppet':
      ensure   => 'link',
      selrange => 's0',
      selrole  => 'object_r',
      seltype  => 'bin_t',
      seluser  => 'system_u',
      target   => '/opt/puppetlabs/puppet/bin/puppet',
    }
    Notice: /File[/usr/local/bin/pe-man]/ensure: created
    file { '/usr/local/bin/pe-man':
      ensure   => 'link',
      selrange => 's0',
      selrole  => 'object_r',
      seltype  => 'bin_t',
      seluser  => 'system_u',
      target   => '/opt/puppetlabs/puppet/bin/pe-man',
    }
    Notice: /File[/usr/local/bin/hiera]/ensure: created
    file { '/usr/local/bin/hiera':
      ensure   => 'link',
      selrange => 's0',
      selrole  => 'object_r',
      seltype  => 'bin_t',
      seluser  => 'system_u',
      target   => '/opt/puppetlabs/puppet/bin/hiera',
    }
    [root@peagent01 ~]#
  3. Go back to puppet master and run command puppet cert listyou would see new agent appearing in agent sign request list
    [root@puppetmaster puppet-enterprise-2015.3.0-el-6-x86_64]# puppet cert list
      "peagent01.mel.global.thenational.com" (SHA256) 94:75:22:10:50:4E:99:70:07:7A:F1:BF:0E:E1:EF:05:9D:71:A3:23:D3:A5:E3:70:E5:A1:53:6D:B1:BC:D9:AA
    [root@puppetmaster puppet-enterprise-2015.3.0-el-6-x86_64]#
  4. Run command to approve agent sign request puppet cert sign or puppet cert sign --all
    [root@puppetmaster puppet-enterprise-2015.3.0-el-6-x86_64]# puppet cert sign "peagent01.mel.global.thenational.com"
    Notice: Signed certificate request for peagent01.mel.global.thenational.com
    Notice: Removing file Puppet::SSL::CertificateRequest peagent01.mel.global.thenational.com at '/etc/puppetlabs/puppet/ssl/ca/requests/peagent01.mel.global.thenational.com.pem'
  5. Go back to agent node and run puppet agent -t
    [root@peagent01 ~]# puppet agent -t
    Info: Using configured environment 'production'
    Info: Retrieving pluginfacts
    Info: Retrieving plugin
    Info: Loading facts
    Info: Caching catalog for peagent01.mel.global.thenational.com
    Info: Applying configuration version '1460943893'
    Notice: Applied catalog in 0.61 seconds
    [root@peagent01 ~]#

    If output looks like above, ALL GOOD. ENJOY!!!!

Array ( [marginTop] => 100 [pageid] => @techish1 [alignment] => left [width] => 292 [height] => 300 [color_scheme] => light [header] => header [footer] => footer [border] => true [scrollbar] => scrollbar [linkcolor] => #2EA2CC )