I am trying to keep puppet master and client/agent on one machine. I have been trying this for last 2 days and I am almost close to finishing it.
1) started puppet master "service puppetmaster start". Its successful
2) started puppet agent "service puppet start. Its successful
3) When I try puppet agent --test. see the errors below
This is the error I am getting when I try "puppet agent --test". I tried setting different values for environment in puppet.conf file and also passing from command line args for environment but nothing seems to be working.
Warning: Local environment: "production" doesn't match server
specified environment "none", restarting agent run with environment
"none"
I googled and tried what people said, but no use. It might work if I try agent from one machine and master on the other. But I want to make it work on one machine.
If you want to make it work on one machine you don't use puppet agent -t. you should use puppet apply. here is a reference
https://docs.puppet.com/puppet/latest/reference/man/apply.html
you can write a small script which will be having puppet apply command with farther argument (of course) and you can name it whatever you want (e.g: Papply) and run it every time whenever you want to run puppet agent -t.
puppet agent -t is not preferred for stand alone Puppet Server & Clint environment.
https://docs.puppet.com/puppet/4.6/reference/architecture.html
Related
I am new to puppet and while going through puppet courses, I found one person using 'puppet agent -t' command to configure an agent node while in another course, the instructor using 'puppet apply' command.
What is the difference between these two commands?
These are:
puppet apply - applies or "executes" Puppet code on the local machine.
puppet agent -t also sometimes written puppet agent --test - calls the Puppet Agent to retrieve a catalog (compiled Puppet code) from a Puppet Master, and then applies it locally and immediately.
Note that -t is badly-named, and it may originally have been intended for "testing" but in fact it is not a "test" mode at all, but will make changes to your machine.
See also puppet agent --noop for the real "test" (dry-run) mode.
I have created the puppet master using aws opsworks. and I am able to add ami linux nodes automatically to the puppet master.
I am having issues when I tried to to add a windows 64 bit node to my puppet master by following this link https://puppet.com/docs/pe/2017.3/installing/installing_agents.html#install-windows-agents-with-the-msi-package
I copied the puppet-agent-x64.msi from the puppet master present in location to the windows node and /opt/puppetlabs/server/data/packages/public//windows-x86_64-/ and ran the installer to install the agent. the installation is successful and the Start Menu contains a Puppet folder with shortcuts for running the agent manually, running Facter, and opening a command prompt for use with Puppet tools.
But the windows node is not showing in puppet web ui and when i tried to run the puppet agent i get this error
"Running Puppet agent on demand ...
Error: Could not request certificate: Error 403 on SERVER: Forbidden request: /puppet-ca/v1/certificate/ca (method :get). Please see the server logs for details.
Exiting; failed to retrieve certificate and waitforcert is disabled
Press any key to continue . . ."
You'll need to set allow_unauthenticated_ca to true on your OpsWorks master and then run puppet on it to make the change. Afterwards, you should be able to install the agent even if you're not provisioning from AWS or choose not to use the userdata script.
Steps:
login to console.
click on classification
under PE infrastructure, select PE master.
Go to configuration tab
look for class puppet_enterprise::profile::master
under parameters, select allow_unauthenticated_ca and set it to true
Screenshot:
How can I check if my puppet set-up (one master, one agent on Ubuntu 14.04 ) is configured correctly? Is there some command to verify if everything is right?
If you want to know, whether the puppet agent can connect to the puppet master and pull the configs. You can try running the agent in dry-run mode:
puppet agent -t --noop
For more details: https://docs.puppet.com/puppet/latest/reference/man/agent.html
Note: You may need to sign the puppet agent cert on the master, if you don't have auto signing enabled.
What would be the best way to run commands in remote servers? I am thinking of using SSH, but is there a better way than that?
I used Red Hat Linux and I want to run the command in one of the servers, specify what other servers I want to have my command run, and it has to do the exact same thing in the servers specified. Puppet couldn't solely help, but I might be able to combine some other tool with Puppet to do the job for me.
It seems you are able to log on to the other servers without entering a password. I assume this is based on SSH keys, as described here: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s2-ssh-configuration-keypairs.html
You say another script is producing a list of servers. You can now use the following simple script to loop over the list:
for server in `./server-list-script`; do
echo $server:
ssh username#$server mkdir /etc/dir/test123
done >logfile 2>&1
The file "logfile" will collect the output. I'm pretty sure Puppet is able to do this as well.
Your solution will almost definitely end up involving ssh in some capacity.
You may want something to help manage the execution of commands on multiple servers; ansible is a great choice for something like this.
For example, if I want to install libvirt on a bunch of servers and make sure libvirtd is running, I might pass a configuration like this to ansible-playbook:
- hosts: all
tasks:
- yum:
name: libvirt
state: installed
- service:
name: libvirtd
state: running
enabled: true
This would ssh to all of the servers in my "inventory" (a file -- or command -- that provides ansible with a list of servers), install the libvirt package, start libvirtd, and then arrange for the service to start automatically at boot.
Alternatively, if I want to run puppet apply on a bunch of servers, I could just use the ansible command to run an ad-hoc command without requiring a configuration file:
ansible all -m command -a 'puppet apply'
We have several servers working with puppet as agents today, but I'm having a problem with a new server running CentOS 7. Normally I would update the /etc/sysconfig/puppet file with the puppet master name and then start the daemon and move to signing the certificate on the master. However, puppet agent doesn't appear to be reading the server = myhost.domain in my config file.
I get the following error in /var/log/messages:
puppet-agent[11133]: Could not request certificate: getaddrinfo: Name or service not known
I tried:
myserver:root$ puppet agent --configprint server
puppet
myserver:root$
but the /etc/sysconfig/puppet file has:
PUPPET_SERVER=myserver.domain.com
Can you please help me understand why puppet agent doesn't get the server from the config file?
The /etc/sysconfig/puppet file is not typically read by the Puppet agent. (I'm not very familiar with CentOS operations, but I suppose that this location might hold some settings that are external to the process, such as environment, command line switches etc.)
You will want to use the proper puppet configuration file:
/etc/puppet/puppet.conf for Puppet 3.x and earlier
/etc/puppetlabs/puppet.conf for Puppet 4.x
so ran the following:
"puppet agent --no-daemonize --verbose --onetime --server puppetmaster.xxx.com"
this started puppet properly, requested certificate and I was able to sign on master. Then added:
server = puppetmaster.xxx.com
to /etc/puppet/puppet.conf and "systemctl restart puppet"
and it worked. Thanks for posts here and other places.