Open main menu

CDOT Wiki β

Changes

User:Prathapan

176 bytes added, 15:28, 23 April 2011
no edit summary
To manually sign the certificate
<pre>'''#puppetca –sign <certificate CN>'''</pre>
note: it is done in puppet master. To list the requsete certificate, issu the commad
<pre>'''#puppetca –list'''</pre>
5)Puppet receives the signed certificate. Once the puppet receives the certificate, it will start configuration run immediately.
On server, In this case it will be Hongkong.proximity.on.ca
<pre>
'''#yum install puppet-server'''
</pre>
it will install puppetmaster and puppet on the server which is to be as puppetmaster.
<pre>
'''#yum install mysql-server ruby-mysql'''
</pre>
<pre>
'''#yum install ruby-RRDtool'''
</pre>
it will install ruby library.
On client, in this case it will be Ireland.proximity.on.ca
<pre>
'''#yum install puppet'''
</pre>
it will install puppet client on the client system.
On the server, Hongkong
<pre>
#ls /etc/puppet
</pre>
shoul should have auto.conf , fileserver.conf, manifest puppet.conf
a) carete sudo.pp, vi /etc/puppet/manifests/class/sudo.pp
<pre>
# /etc/puppet/manifests/classes/sudo.pp
class sudo {
mode => 440, }
}
</pre>
 
b) create site.pp, vi /etc/puppet/manifests/site.pp
<pre>
# /etc/puppet/manifests/site.pp
import "classes/*"
include sudo
}
</pre>
c) start the puppet master.
<pre>
'''#puppetmasterd –mkusers'''
</pre>
this option will create the puppet user that is needed.
Once the puppetmaster daemon is stated, it will create the necessary files and folders under /var/lib/puppet.
<pre>
'''#ls /var/lib/puppet'''
</pre>
should have bucket, clientsbucket, facts, reports, ssl, yaml, class.txt, client_yaml, l ib, rrd, state
all the details information about these files and folder will be included in the next blog.
<pre>
'''#'''service puppetmaster start'''
</pre>
d) start the puppet client.
On the client, Ireland
<pre>
'''#puppetd –verbose'''
</pre>
when the puppet client daemon starts, it creates the necessary certificate and waits for the certificate to be signed by the puppetmaster.
On the server
<pre>
'''#puppetca –list'''
</pre>
this will list the all the requested certificate that are to be signed by puppetmaster.
<pre>
'''#puppetca –-sign ireland.proximity.on.ca'''
</pre>
1
edit