This is possible, and it is not documented well. Different parts of getting
it to work are in different sections of the online documentation. I got
this working recently with these conditions:
- One puppet server is the CA master as well as a normal compile master
- Puppet masters exist at other data centers and are compile masters for
agents at their sites, with all other masters/agents using the CA master
for SSL
- Each puppet master has a cron to regularly do a 'git pull' of the
puppet environment git repos to /etc/puppetlabs/code/environments so all
agents use the same code. Recommendation: GitLab CE (free) is amazing.
- A separate server hosts puppetdb, and all masters send agent reports
to it. To make this work, all agents/masters need to use the same CA
On the first puppetmaster that will also be the CA master:
- Install puppetserver
- In its /etc/puppetlabs/puppet/puppet.conf [main] section:
- server = <its FQDN>
- ca_server = <its FQDN>
- Startup puppetserver on it
- Put your code into /etc/puppetlabs/code/environments
- Configure it to be an agent to itself and ensure it successfully runs
before proceeding
On other masters:
- Install puppetserver
- Setup the git repos into /etc/puppetlabs/code/environments as you did
for the CA master
- Modify /etc/puppetlabs/puppetserver/bootstrap.cfg and follow the
comment's instruction on disabling the CA service
- Modify /etc/puppetlabs/puppetserver/conf.d/webserver.conf per
https://docs.puppet.com/puppetserver/2.2/external_ca_configuration.html
- In its /etc/puppetlabs/puppet/puppet.conf [main] section:
- server = <its FQDN>
- ca_server = <FQDN of CA master>
- In its [agent] section, make its 'server' be the CA master and set the
correct environment
- Run the agent successfully (against the CA master), then make 'server'
be its own FQDN, then run it successfully again
Configure all masters to send reports to puppetdb:
- Under [master], add:
-
storeconfigs = true
storeconfigs_backend = puppetdb
reports = puppetdb
On agents:
- In the [main] section, have 'ca_server = <FQDN of CA master>'
- In the [agent] section, have 'server = <FQDN of the master for its
site>'
- Send agent reports, in the [agent] section, add: report = true
On the separate PuppetDB server:
- Configure it as an agent and successfully run the puppet agent
- Install the excellent puppetlabs-puppetdb module from puppetforge into
your environment(s)
- In your site.pp node section, configure your masters and puppetdb
server as such with the module:
-
# Puppet masters send reports to puppetdb server
if $::hostname =~ /(camaster|master1|master2|master3)/ {
class { 'puppetdb::master::config':
puppetdb_server => 'puppetdbserver.example.com',
}
}
# This is the puppetdb server
if $::hostname == 'puppetdbserver' {
class { 'puppetdb':
listen_address => '0.0.0.0',
open_listen_port => true,
open_ssl_listen_port => true,
java_args => { '-Xmx' => '2g', },
}
}
- I highly recommend using puppetboard with
puppetdb: https://github.com/voxpupuli/puppetboard
On Wednesday, April 20, 2016 at 7:59:00 AM UTC-5, Geoff Galitz wrote:
>
>
> Hi...
>
> Is it possible to get compile master, master of master and code manager
> (file sync) working in the open source versions? Specifically:
>
> puppetserver-2.3.1-1.el7.noarch
> puppetlabs-release-pc1-1.0.0-1.el7.noarch
>
> Or are there pointers to get similar functionality via the open source
> packages?
>
> -G
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/592c18b2-b20a-44a2-90c8-86365a1ee542%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
