J'aime pas les piles

My lost place

Starting to Play With Puppet Enterprise

| Comments

Why Puppet Enterprise?

@work we are using puppet to manage our servers, currently we are using Puppet Open Source edition with great satisfaction.

Being curious I always wanted to try the Puppet Enterprise edition, wich is no more free, following my server migration (moving from a FreeBSD-based OVH dedicated server to a less expensive kimsufi) I have to setup a new way of managing my VMs, after some quick and opiniated reading, I dropped the idead to use Chief and after a bit of additional readings I skipped Ansible too as I like some puppet concepts like exported/collected resources allowint to setup a dynamic environment.

As Puppet Enterprise is free for managing up to 10 nodes (I don’t plan to have more than 10 nodes for my personnal use ;) ) it turns out it is the perfect occasion to git it a try, so let’s jump in!

Installing Puppet Enterprise

Downloading Puppet Enterprise only requires to register with an email, a mail with the download information for the different OS will be sent.

1
2
3
wget https://s3.amazonaws.com/pe-builds/released/3.1.3/puppet-enterprise-3.1.3-debian-7-amd64.tar.gz
tar xf puppet-enterprise-3.1.3-debian-7-amd64.tar.gz
cd puppet-enterprise-3.1.3-debian-7-amd64/
Archive content
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
% tree
.
├── answers
│   ├── agent_no_cloud.answer.sample
│   ├── agent_with_cloud.answer.sample
│   ├── console_only.answer.sample
│   ├── full_suite.answer.sample
│   ├── full_suite_existing_postgres.sample
│   ├── full_suite_existing_remote_postgres.sample
│   └── master_only.answer.sample
├── db_import_export.rake
├── erb
│   ├── auth.conf.erb
│   ├── autosign.conf.erb
│   ├── cas_client_config.yml.erb
│   ├── config.ru.erb
│   ├── console_auth_config.yml.erb
│   ├── console_auth_db_config.yml.erb
│   ├── console_auth_log_config.yml
│   ├── databases.erb
│   ├── database.yml.erb
│   ├── event_inspector_config.yml.erb
│   ├── external_node.erb
│   ├── license_status_config.yml.erb
│   ├── puppet.conf.erb
│   ├── puppetdashboard.conf.erb
│   ├── puppetdb_master.pp.erb
│   ├── puppetdb.pp.erb
│   ├── puppetmaster.conf.erb
│   ├── read_console_auth_db_config.erb
│   ├── rewrite_rubycas_config.yml.erb
│   ├── rubycas_config_upgrade_comments.txt
│   ├── rubycas_config.yml.erb
│   ├── settings.yml.erb
│   └── site.pp.erb
├── gpg
│   └── GPG-KEY-puppetlabs
├── LICENSE.txt
├── modules
│   ├── cprice404-inifile-0.10.3.tar.gz
│   ├── install_modules.txt
│   ├── puppetlabs-apt-1.1.0.tar.gz
│   ├── puppetlabs-auth_conf-0.1.7.tar.gz
│   ├── puppetlabs-firewall-0.3.0.tar.gz
│   ├── puppetlabs-java_ks-1.1.0.tar.gz
│   ├── puppetlabs-pe_accounts-2.0.1.tar.gz
│   ├── puppetlabs-pe_common-0.1.0.tar.gz
│   ├── puppetlabs-pe_mcollective-0.1.14.tar.gz
│   ├── puppetlabs-pe_postgresql-0.0.5.tar.gz
│   ├── puppetlabs-pe_puppetdb-0.0.11.tar.gz
│   ├── puppetlabs-postgresql-2.5.0.tar.gz
│   ├── puppetlabs-puppetdb-1.5.1.tar.gz
│   ├── puppetlabs-puppet_enterprise-3.1.0.tar.gz
│   ├── puppetlabs-reboot-0.1.2.tar.gz
│   ├── puppetlabs-request_manager-0.0.10.tar.gz
│   ├── puppetlabs-stdlib-3.2.0.tar.gz
│   └── ripienaar-concat-0.2.0.tar.gz
├── noask
│   └── solaris-noask
├── packages
│   ├── debian-7-amd64
│   │   ├── Packages
│   │   ├── Packages.gz
│   │   ├── pe-activemq_5.8.0-1puppet5_all.deb
│   │   ├── pe-activerecord_2.3.17-1puppet2_all.deb
│   │   ├── pe-activesupport_2.3.17-1puppet2_all.deb
│   │   ├── pe-augeas_1.1.0-1puppet1_amd64.deb
│   │   ├── pe-bundler_1.3.5-1puppet2_all.deb
│   │   ├── pe-certificate-manager_0.4.7-1puppet1_all.deb
│   │   ├── pe-certificate-manager-test_0.4.7-1puppet1_all.deb
│   │   ├── pe-cloud-provisioner_1.1.4-puppet1_all.deb
│   │   ├── pe-cloud-provisioner-libs_0.3.2-1puppet1_amd64.deb
│   │   ├── pe-console_0.3.10-1puppet1_all.deb
│   │   ├── pe-console-auth_1.2.21-1puppet1_all.deb
│   │   ├── pe-console-test_0.3.10-1puppet1_all.deb
│   │   ├── pe-event-inspector_0.1.0-1puppet1_all.deb
│   │   ├── pe-facter_1.7.3.1-1puppet1_amd64.deb
│   │   ├── pe-hiera_1.2.2.1-1puppet1_all.deb
│   │   ├── pe-httpd_2.2.25-1puppet4_amd64.deb
│   │   ├── pe-httpd-bin_2.2.25-1puppet4_amd64.deb
│   │   ├── pe-httpd-common_2.2.25-1puppet4_amd64.deb
│   │   ├── pe-httpd-doc_2.2.25-1puppet4_all.deb
│   │   ├── pe-httpd-mpm-worker_2.2.25-1puppet4_amd64.deb
│   │   ├── pe-httpd-prefork-dev_2.2.25-1puppet4_amd64.deb
│   │   ├── pe-httpd-utils_2.2.25-1puppet4_amd64.deb
│   │   ├── pe-java_1.7.0.19-1puppet1_amd64.deb
│   │   ├── pe-libevent_2.0.13-1puppet3_amd64.deb
│   │   ├── pe-libevent-devel_2.0.13-1puppet3_amd64.deb
│   │   ├── pe-libyaml_0.1.4-1puppet3_amd64.deb
│   │   ├── pe-license_0.1.1-1puppet1_all.deb
│   │   ├── pe-license-status_0.1.5-1puppet1_all.deb
│   │   ├── pe-license-status-test_0.1.5.1-1puppet1_all.deb
│   │   ├── pe-live-management_1.2.16-1puppet1_all.deb
│   │   ├── pe-mcollective_2.2.4-1puppet2_all.deb
│   │   ├── pe-mcollective-client_2.2.4-1puppet2_all.deb
│   │   ├── pe-mcollective-common_2.2.4-1puppet2_all.deb
│   │   ├── pe-memcached_1.4.7-1puppet4_amd64.deb
│   │   ├── pe-memcached-devel_1.4.7-1puppet4_amd64.deb
│   │   ├── pe-passenger_4.0.18-1puppet3_amd64.deb
│   │   ├── pe-postgresql_9.2.4-2puppet5_amd64.deb
│   │   ├── pe-postgresql-contrib_9.2.4-2puppet5_amd64.deb
│   │   ├── pe-postgresql-devel_9.2.4-2puppet5_amd64.deb
│   │   ├── pe-postgresql-server_9.2.4-2puppet5_amd64.deb
│   │   ├── pe-puppet_3.3.3.2-1puppet1_all.deb
│   │   ├── pe-puppet-dashboard_2.0.14-1puppet1_amd64.deb
│   │   ├── pe-puppetdb_1.5.1.pe-1puppetlabs1_all.deb
│   │   ├── pe-puppetdb-terminus_1.5.1.pe-1puppetlabs1_all.deb
│   │   ├── pe-puppet-enterprise-release_3.1.3-1puppet1_all.deb
│   │   ├── pe-puppet-license-cli_0.1.6-1puppet1_all.deb
│   │   ├── pe-puppet-server_3.3.3.2-1puppet1_all.deb
│   │   ├── pe-ruby_1.9.3.448-1puppet5_amd64.deb
│   │   ├── pe-ruby-augeas_0.5.0-1puppet2_amd64.deb
│   │   ├── pe-rubycas-server_1.1.15-1puppet1_all.deb
│   │   ├── pe-rubygem-deep-merge_1.0.0-1puppet1_all.deb
│   │   ├── pe-rubygem-net-ssh_2.1.4-1puppet2_all.deb
│   │   ├── pe-rubygem-rack_1.4.5-1puppet2_all.deb
│   │   ├── pe-rubygem-sequel_3.47.0-1puppet1_all.deb
│   │   ├── pe-rubygem-stomp_1.2.9-1puppet1_all.deb
│   │   ├── pe-ruby-ldap_0.9.12-1puppet2_amd64.deb
│   │   ├── pe-ruby-mysql_2.8.2-1puppet2_amd64.deb
│   │   ├── pe-ruby-rgen_0.6.5-1puppet1_all.deb
│   │   ├── pe-ruby-shadow_2.2.0-1puppet3_amd64.deb
│   │   ├── pe-ruby-stomp_1.2.9-1puppet2_all.deb
│   │   ├── pe-tanukiwrapper_3.5.9-1puppet5_amd64.deb
│   │   ├── Release
│   │   └── Release.gpg
│   └── debian-7-amd64-package-versions.json
├── puppet-enterprise-installer
├── puppet-enterprise-uninstaller
├── README.markdown
├── support
├── supported_platforms
├── util
│   └── pe-man
├── utilities
└── VERSION

8 directories, 126 files

$ du -schx ../puppet-enterprise-3.1.3-debian-7-amd64
254M    ../puppet-enterprise-3.1.3-debian-7-amd64

Yep, that’s huge!

In order to install the agent on my workstation (running Archlinux) I downloaded the non packaged *nix flavour, which is 3.6GB fat!

I will see later if thre is an alternate way.

Installation steps

According to Puppet Enterprise documentation it is required to follow the following deployment order:

  • Puppet Master
  • Database Support/PuppetDB
  • Console
  • Agents

The puppet master will be installed on the same node as the puppetdb and web console.

Other nodes will only be agents.

Creating the PostgreSQL databases

The node already runs a postgresql database, so I won’t use puppet’s embedded one.

PostregreSQL database creation
1
2
3
4
5
6
7
8
9
10
11
12
13
14
sudo su - postgres
postgres@misc:~$ createuser -P -D -R -S pe-puppetdb
Enter password for new role:
Enter it again:
postgres@misc:~$ createdb -O pe-puppetdb -E UTF8 pe-puppetdb
postgres@misc:~$ createuser -P -D -R -S console
Enter password for new role:
Enter it again:
postgres@misc:~$ createdb -O console -E UTF8 console
postgres@misc:~$ createuser -P -D -R -S console_auth
Enter password for new role:
Enter it again:
postgres@misc:~$ createdb -O console_auth -E UTF8 console_auth
postgres@misc:~$

Launching the installation of the puppet master

The installation script asks for configrations settings and is really straight-forward, just be sure to set y to ask for master and puppetdb installation.

The script can also be called using a response file (see —help output). A response file will be generated using the interactive choices.

1
./puppet-enterprise-installer

Once the installation is over rembember to open the following 3000, 8140, 61613 TCP ports.

The web Console is now reachable at: https://host.tld.domain:3000

Following is the answer file generated by the installer, it can be provided to the installer like this:

using an answer file
1
./puppet-enterprise-installer -a answerfile
answer file for the puppetmaster
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
q_all_in_one_install=y
q_backup_and_purge_old_configuration=n
q_database_host=localhost
q_database_install=n
q_database_port=5432
q_install=y
q_pe_database=n
q_puppet_cloud_install=n
q_puppet_enterpriseconsole_auth_database_name=console_auth
q_puppet_enterpriseconsole_auth_database_password=XXXXXXXXXX
q_puppet_enterpriseconsole_auth_database_user=console_auth
q_puppet_enterpriseconsole_auth_password='XXXXXXXXXXXXXXXXX'
q_puppet_enterpriseconsole_auth_user_email=baptiste@bapt.name
q_puppet_enterpriseconsole_database_name=console
q_puppet_enterpriseconsole_database_password=XXXXXXXXXX
q_puppet_enterpriseconsole_database_user=console
q_puppet_enterpriseconsole_httpd_port=3000
q_puppet_enterpriseconsole_install=y
q_puppet_enterpriseconsole_master_hostname=puppet.tld.domain
q_puppet_enterpriseconsole_smtp_host=localhost
q_puppet_enterpriseconsole_smtp_password=
q_puppet_enterpriseconsole_smtp_port=25
q_puppet_enterpriseconsole_smtp_use_tls=n
q_puppet_enterpriseconsole_smtp_user_auth=n
q_puppet_enterpriseconsole_smtp_username=
q_puppet_symlinks_install=y
q_puppetagent_certname=puppet.bapt.name
q_puppetagent_install=y
q_puppetagent_server=puppet.bapt.name
q_puppetdb_database_name=pe-puppetdb
q_puppetdb_database_password=XXXXXXXXXX
q_puppetdb_database_user=pe-puppetdb
q_puppetdb_hostname=puppet.bapt.name
q_puppetdb_install=y
q_puppetdb_port=8081
q_puppetmaster_certname=puppet.tld.domain
q_puppetmaster_dnsaltnames=puppet,puppet.tld.domain
q_puppetmaster_enterpriseconsole_hostname=localhost
q_puppetmaster_enterpriseconsole_port=3000
q_puppetmaster_install=y
q_run_updtvpkg=n
q_vendor_packages_install=y

Launching the installation of a node

On agent nodes you too have to download and extract the archive.

1
2
3
4
wget https://s3.amazonaws.com/pe-builds/released/3.1.3/puppet-enterprise-3.1.3-debian-7-amd64.tar.gz
tar xf puppet-enterprise-3.1.3-debian-7-amd64.tar.gz
cd puppet-enterprise-3.1.3-debian-7-amd64/
./puppet-enterprise-installer

Then the installation can be launched in the same way as for the master, but this time all the defaults should be OK, I just put the complete FQDN for the puppet server.

1
./puppet-enterprise-installer

Following is the answer file generated by the installer.

answer file
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
q_all_in_one_install=n
q_database_install=n
q_fail_on_unsuccessful_master_lookup=y
q_install=y
q_puppet_cloud_install=n
q_puppet_enterpriseconsole_install=n
q_puppet_symlinks_install=y
q_puppetagent_certname=host.domain.tld
q_puppetagent_install=y
q_puppetagent_server=puppet.domain.tld
q_puppetca_install=n
q_puppetdb_install=n
q_puppetmaster_install=n
q_run_updtvpkg=n
q_vendor_packages_install=y

Cleaning Puppet Enterprise installation

uninstalling
1
./puppet-enterprise-uninstaller -d -p -y

First steps

Puppetlabs provides an helpful quick start guide.

Comments