To ssh to those instances, we need the following information:
Use the chmod command to make sure our private key file isn't publicly viewable:
$ chmod 400 bogo_puppet.pem
Use the ssh command to connect to the instance. We'll specify the private key (.pem) file and user_name@public_dns_name. For Amazon Linux, the user name is ec2-user. For RHEL5, the user name is either root o/r ec2-user. For Ubuntu, the user name is ubuntu. For Fedora, the user name is either fedora or ec2-user. For SUSE Linux, the user name is root.
In our case, user name is ubuntu.
puppet master :
$ ssh -i bogo_puppet.pem email@example.com Welcome to Ubuntu 14.10 (GNU/Linux 3.16.0-24-generic x86_64) * Documentation: https://help.ubuntu.com/ System information as of Sat Nov 1 23:29:52 UTC 2014 System load: 0.0 Processes: 67 Usage of /: 10.0% of 7.75GB Users logged in: 0 Memory usage: 12% IP address for eth0: 172.31.60.229 Swap usage: 0% Graph this data and manage this system at: https://landscape.canonical.com/ Get cloud support with Ubuntu Advantage Cloud Guest: http://www.ubuntu.com/business/services/cloud 0 packages can be updated. 0 updates are security updates. ubuntu@ip-172-31-60-229:~$
$ ssh -i bogo_puppet.pem firstname.lastname@example.org Welcome to Ubuntu 14.10 (GNU/Linux 3.16.0-24-generic x86_64) * Documentation: https://help.ubuntu.com/ System information as of Sun Nov 2 00:10:21 UTC 2014 System load: 0.0 Processes: 67 Usage of /: 10.0% of 7.75GB Users logged in: 0 Memory usage: 12% IP address for eth0: 172.31.60.228 Swap usage: 0% Graph this data and manage this system at: https://landscape.canonical.com/ Get cloud support with Ubuntu Advantage Cloud Guest: http://www.ubuntu.com/business/services/cloud 0 packages can be updated. 0 updates are security updates. The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. ubuntu@ip-172-31-60-228:~$
Now we have to terminals one for puppet master and one for puppet agent:
We give each one names:
Now we want to make a connection from the agent to the master. To do that, we need ip address of master:
ubuntu@ip-172-31-60-229:~$ ifconfig eth0 Link encap:Ethernet HWaddr 12:42:7a:c2:c7:48 inet addr:172.31.60.229 Bcast:172.31.63.255 Mask:255.255.240.0 inet6 addr: fe80::1042:7aff:fec2:c748/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1861 errors:0 dropped:0 overruns:0 frame:0 TX packets:1688 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:197014 (197.0 KB) TX bytes:332060 (332.0 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Then, on 'agent':
ubuntu@ip-172-31-60-228:~$ sudo su - root@puppetagent:~# echo 172.31.60.229 puppetmaster.example.org >> /etc/hosts root@puppetagent:~# root@puppetagent:~# apt-get update
Then, on 'master', update and then install puppetmaster:
ubuntu@ip-172-31-60-229:~$ sudo su - root@puppetmaster:~# echo 172.31.60.228 puppetagent.example.org >> /etc/hosts root@puppetmaster:~# apt-get update ... root@puppetmaster:~# apt-get install puppetmaster Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: augeas-lenses debconf-utils facter hiera libaugeas0 libjs-jquery libruby2.0 libruby2.1 puppet-common puppetmaster-common ruby ruby-augeas ruby-hiera ruby-json ruby-rgen ruby-safe-yaml ruby-selinux ruby-shadow ruby2.0 ruby2.1 rubygems-integration ...
We also need to install regular puppet on agent side:
root@puppetagent:~# apt-get install puppet
Puppet's configuration will be located under the /etc/puppet directory. Puppet's principal configuration file is called puppet.conf and is stored at /etc/puppet/puppet.conf on Unix/Linux operating systems.
On the "puppetagent", we need to add a line to /etc/puppet/puppet.conf file:
[main] logdir=/var/log/puppet vardir=/var/lib/puppet ssldir=/var/lib/puppet/ssl rundir=/var/run/puppet factpath=$vardir/lib/facter prerun_command=/etc/puppet/etckeeper-commit-pre postrun_command=/etc/puppet/etckeeper-commit-post server=puppetmaster.example.org [master] # These are needed when the puppetmaster is run by passenger # and can safely be removed if webrick is used. ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY
The puppet.conf configuration file is constructed much like an INI-style configuration file and divided into sections. Each section configures a particular element of Puppet. For example, the [agent] section configures the Puppet agent, and the [master] section configures the Puppet master binary. There is also a global configuration section called [main]. All components of Puppet set options specified in the [main] section.
At this stage, we just added one entry, server, to the puppet.conf file. The server option specifies the name of the Puppet master. We added the server value to the [main] section.