Archive for the ‘puppet’ Category

Linux:How to force puppet client to download updates from puppet server

Friday, September 17th, 2010

By default puppetd (puppet server) applies the client configuration; in 1800 seconds. If you have some emergency updates which has to be apply to every puppet clients instanly , you can do followings :

(a) puppetrun (This commands run from the puppet server)

 SYNOPSIS
Trigger a puppetd run on a set of hosts.
 
USAGE
puppetrun [-a|--all] [-c|--class ] [-d|--debug] [-f|--fore-
ground]
[-h|--help] [--host ] [--no-fqdn] [--ignoreschedules]
[-t|--tag ] [--test] [-p|--ping]

If you dont have LDAP support then -a(–all) and -c(–class) is useless . In that case ,if you want to force update every hosts, you will have to define all your hosts with puppetrun command ,
Eample :

According to puppetrun man pages, then uses is :
EXAMPLE
sudo puppetrun -p 10 --host host1 --host host2 -t remotefile -t web-server
 
or
puppetrun --host host1 --host host2

(b) func
If you have loads of server then its not practical to add all the hosts with puppetrun command!!.
in that case we can use func command .
how to install and use func

After install func in master and all rest of the server.
we can execute the bellow command :
Note : Please dont run puppetd daemon in clients if you want to update by calling func .

http://docs.puppetlabs.com/guides/scaling.html#triggered_selective_updates

func "*" call command run "puppetd --onetime"

This command will execute puppetd command one time only and it will download all the updates from puppet server.

Last updates : 17th September 2010

How to install puppet in server and client

Monday, February 8th, 2010

Ref : http://docs.reductivelabs.com/guides/installation.html#open_firewall_ports_on_server_and_client

How to install puppet Client:

If yum can not find puppet software you can add bellow repo :

http://fosiul.com/index.php/2009/12/yum-repo-list-for-centos/

after adding repos

(a) yum install puppet( to install puppet client rpm)

(b) edit /etc/puppet/puppetd.conf and add references of puppet server

server = puppet-server.companydomain.com

Or Execute bellow command to connect to puppet server:
puppet agent –server fosiul.fosiul.lan –waitforcert 60 –test

(c) /usr/sbin/puppetd –verbose ( Start the client for the first time)

it will show below output

[root@pupet-client]# /usr/sbin/puppetd –verbose
warning: peer certificate won’t be verified in this SSL session
notice: Did not receive certificate

(d) Now go to Puppet Server , and type

[root@puppet-server]# puppetca –list
puppet-client.companydomain.com

(e) Now Again in the server execute bellow command, this command will sign the certificate fro the pupppet-client host.

puppetca –sign puppet-client.companydomain.com

Note :

(a) Make sure port 8140 (tcp/udp) open in puppet-server

and you have allow only puppet-client’s ip to connect puppet-server

Example :

-A RH-Firewall-1-INPUT -p tcp -m tcp -s ip-of-puppet-client –dport 8140 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp -s ip-of-puppet-client –dport 8140 -j ACCEPT