C# / .NETDevOpsMisc
DevOps
Setting up Puppet Master and Foreman
Alexandru Puiu
Alexandru Puiu
December 05, 2019
1 min

Table Of Contents

01
Installing Server
02
Installing agents - Windows
03
Installing agents - CentOS
04
Sign new certificates / accept clients

Installing Server

Add FQDN hostname and IP address

echo '10.10.10.10 vmpuppet1.domain.local puppet' >> /etc/hosts

Set FQDN as hostname

sudo hostnamectl set-hostname vmpuppet1.domain.local

Add RPM repos

sudo rpm -ivh https://yum.puppetlabs.com/puppet5/puppet5-release-el-7.noarch.rpm
sudo rpm -ivh http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
sudo rpm -ivh https://yum.theforeman.org/releases/1.20/el7/x86_64/foreman-release.rpm

Install Foreman stack with the forman-installer

sudo yum -y install foreman-installer
sudo foreman-installer

Open necessary ports using iptables or firewalld

sudo iptables -A INPUT -p tcp --dport 53,80,3000,8140,8443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 53,80,3000,8140,8443 -m conntrack --ctstate ESTABLISHED -j ACCEPT

or

firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --permanent --add-port=53/tcp
firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --permanent --add-port=3000/tcp
firewall-cmd --permanent --add-port=8140/tcp
firewall-cmd --permanent --add-port=8443/tcp
firewall-cmd --reload

Installing agents - Windows

Install chocolatey

Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))

Install Puppet Agent and point to Puppet Master

choco install puppet-agent -y -installArgs '"PUPPET_MASTER_SERVER=vmpuppet1.domain.local"'

Installing agents - CentOS

Add Puppet repository

sudo rpm -Uvh https://yum.puppet.com/puppet5/puppet5-release-el-7.noarch.rpm

Install Puppet agent

sudo yum install -y puppet-agent

Make puppet agent start automatically

sudo /opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true

Add agent and server info to puppet config /etc/puppetlabs/puppet/puppet.conf

sudo su
echo "[agent]" >> /etc/puppetlabs/puppet/puppet.conf
echo " server = ny1sv-vmpuppet1.tpnyc.local" >> /etc/puppetlabs/puppet/puppet.conf
echo " certname = $HOSTNAME" >> /etc/puppetlabs/puppet/puppet.conf
echo " runinterval = 180" >> /etc/puppetlabs/puppet/puppet.conf
echo " environment = production" >> /etc/puppetlabs/puppet/puppet.conf
echo " listen = false" >> /etc/puppetlabs/puppet/puppet.conf
echo " pluginsync = true" >> /etc/puppetlabs/puppet/puppet.conf
echo " report = true" >> /etc/puppetlabs/puppet/puppet.conf

Add Puppet server hosts record

echo "'10.10.10.10 vmpuppet1.domain.local puppet" >> /etc/hosts
exit

Sign new certificates / accept clients

Create environments


Tags

securitydevops
Alexandru Puiu

Alexandru Puiu

Engineer / Security Architect

Systems Engineering advocate, Software Engineer, Security Architect / Researcher, SQL/NoSQL DBA, and Certified Scrum Master with a passion for Distributed Systems, AI and IoT..

Expertise

.NET
RavenDB
Kubernetes

Social Media

githubtwitterwebsite

Related Posts

Signing Commits
Signing Git Commits Using YubiKey on Windows
February 11, 2020
5 min

Subscribe To My Newsletter

I'll only send worthwhile content I think you'll want, less than once a month, and promise to never spam or sell your information!
© 2022, All Rights Reserved.

Quick Links

Get In TouchAbout Me

Social Media