Puppet with Amazon AWS II (ssh and puppet install )

Puppet

Continued from the previous chapter, Puppet with Amazon AWS I, now we want to login to our AWS accounts we set up for puppet.

To ssh to those instances, we need the following information:

Use the chmod command to make sure our private key file isn't publicly viewable:

$ chmod 400 bogo_puppet.pem

Use the ssh command to connect to the instance. We'll specify the private key (.pem) file and user_name@public_dns_name. For Amazon Linux, the user name is ec2-user. For RHEL5, the user name is either root o/r ec2-user. For Ubuntu, the user name is ubuntu. For Fedora, the user name is either fedora or ec2-user. For SUSE Linux, the user name is root.

In our case, user name is ubuntu.

puppet master :

$ ssh -i bogo_puppet.pem ubuntu@ec2-54-173-4-17.compute-1.amazonaws.com
Welcome to Ubuntu 14.10 (GNU/Linux 3.16.0-24-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  System information as of Sat Nov  1 23:29:52 UTC 2014

  System load:  0.0               Processes:           67
  Usage of /:   10.0% of 7.75GB   Users logged in:     0
  Memory usage: 12%               IP address for eth0: 172.31.60.229
  Swap usage:   0%

  Graph this data and manage this system at:
    https://landscape.canonical.com/

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.
ubuntu@ip-172-31-60-229:~$

puppet agent:

$ ssh -i bogo_puppet.pem ubuntu@ec2-54-172-250-239.compute-1.amazonaws.com
Welcome to Ubuntu 14.10 (GNU/Linux 3.16.0-24-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  System information as of Sun Nov  2 00:10:21 UTC 2014

  System load:  0.0               Processes:           67
  Usage of /:   10.0% of 7.75GB   Users logged in:     0
  Memory usage: 12%               IP address for eth0: 172.31.60.228
  Swap usage:   0%

  Graph this data and manage this system at:
    https://landscape.canonical.com/

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

ubuntu@ip-172-31-60-228:~$ 

Now we have to terminals one for puppet master and one for puppet agent:

We give each one names:

Now we want to make a connection from the agent to the master. To do that, we need ip address of master:

ubuntu@ip-172-31-60-229:~$ ifconfig
eth0      Link encap:Ethernet  HWaddr 12:42:7a:c2:c7:48  
          inet addr:172.31.60.229  Bcast:172.31.63.255  Mask:255.255.240.0
          inet6 addr: fe80::1042:7aff:fec2:c748/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1861 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1688 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:197014 (197.0 KB)  TX bytes:332060 (332.0 KB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

Then, on 'agent':

ubuntu@ip-172-31-60-228:~$ sudo su -
root@puppetagent:~# echo 172.31.60.229 puppetmaster.example.org >> /etc/hosts
root@puppetagent:~#
root@puppetagent:~# apt-get update

Then, on 'master', update and then install puppetmaster:

ubuntu@ip-172-31-60-229:~$ sudo su -
root@puppetmaster:~# echo 172.31.60.228 puppetagent.example.org >> /etc/hosts
root@puppetmaster:~# apt-get update
...
root@puppetmaster:~# apt-get install puppetmaster
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following extra packages will be installed:
  augeas-lenses debconf-utils facter hiera libaugeas0 libjs-jquery
  libruby2.0 libruby2.1 puppet-common puppetmaster-common ruby
  ruby-augeas ruby-hiera ruby-json ruby-rgen ruby-safe-yaml
  ruby-selinux ruby-shadow ruby2.0 ruby2.1 rubygems-integration
...

We also need to install regular puppet on agent side:

root@puppetagent:~# apt-get install puppet

Puppet's configuration will be located under the /etc/puppet directory. Puppet's principal configuration file is called puppet.conf and is stored at /etc/puppet/puppet.conf on Unix/Linux operating systems.

On the "puppetagent", we need to add a line to /etc/puppet/puppet.conf file:

[main]
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
prerun_command=/etc/puppet/etckeeper-commit-pre
postrun_command=/etc/puppet/etckeeper-commit-post
server=puppetmaster.example.org
[master]
# These are needed when the puppetmaster is run by passenger
# and can safely be removed if webrick is used.
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY

The puppet.conf configuration file is constructed much like an INI-style configuration file and divided into sections. Each section configures a particular element of Puppet. For example, the [agent] section configures the Puppet agent, and the [master] section configures the Puppet master binary. There is also a global configuration section called [main]. All components of Puppet set options specified in the [main] section.

At this stage, we just added one entry, server, to the puppet.conf file. The server option specifies the name of the Puppet master. We added the server value to the [main] section.

Puppet