Re: [Puppet Users] First boot with Puppet
Steven VanDevender wrote: > I'm not our local Cobbler/Kickstart expert, but the guy who created > our Cobbler installation even figured out how to script a new host's > initial registration with the puppetmaster (I believe the key idea > is that there is a command-locked ssh identity key that allows the > host to get in to the puppetmaster and issue the right "puppetca" > command). I'd have to do some digging to look up the specifics. I handle this in my environment by generate the new host key on the puppetmaster and packaging that into an rpm, which gets installed in the kickstart along with puppet. That way an initial puppet run can happen during install. Doesn't exactly scale, unless you automate the key generation though, like you mentioned doing. -- ToddOpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ There are severe limits to the good that the government can do for the economy, but there are almost no limits to the harm it can do. -- Milton Friedman. Nobel laureate pgpjSQTb3suHT.pgp Description: PGP signature
Re: [Puppet Users] First boot with Puppet
On Thursday 14 Oct 2010 23:49:11 Michal Ludvig wrote: > On 10/15/2010 08:36 AM, Arnau Bria wrote: > > On Thu, 14 Oct 2010 23:47:16 +1300 > > Michal Ludvig wrote > > > >> 1) kickstart installs the system, including puppet from our local repo > >> 2) after reboot I have to login and set the hostname and IP > > > > kickstart is able to configure your network / hostname. Why don't you > > use that feature? > > Because we've got a common kickstart for all installs, not a per-host > kickstart. It only installs the very core system and the rest is brought > in and configured by puppet. > > > We're moving to cobbler, > > Looks like cobbler is the prefered method here. I'll give it a try. > > Thanks for all the responses! You can also use Cobbler for ext-lookups and therefore assign classes and modules to systems from the cobbler web interface. It works really well! :) Matt. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] First boot with Puppet
On 10/14/2010 03:49 PM, Michal Ludvig wrote:
On 10/15/2010 08:36 AM, Arnau Bria wrote:
On Thu, 14 Oct 2010 23:47:16 +1300
Michal Ludvig wrote
1) kickstart installs the system, including puppet from our local repo
2) after reboot I have to login and set the hostname and IP
kickstart is able to configure your network / hostname. Why don't you
use that feature?
Because we've got a common kickstart for all installs, not a per-host
kickstart. It only installs the very core system and the rest is brought
in and configured by puppet.
We're moving to cobbler,
Looks like cobbler is the prefered method here. I'll give it a try.
You can pass in arguments to the kernel via the bootloader which the
kickstart pre-script then read in.
Example.
while read key value; do
eval "karg_${key}='${value:-1}'"
done <<- EOF
$(< /proc/cmdline sed 's/ /\n/g' | sed 's/=/\t/1')
EOF
Which are then used later in the script to set kickstart parameters or
wherever needed.
Then at the syslinux boot prompt, I do:
install-centos-5 ip=10.0.0.1/24 hostname=host.domain foo
which will install variables like so:
karg_ip=10.0.0.0/24
karg_hostname=host.domain
karg_foo=1
--
Russell A Jackson
Network Analyst
California State University, Bakersfield
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] First boot with Puppet
On 10/15/2010 08:36 AM, Arnau Bria wrote: On Thu, 14 Oct 2010 23:47:16 +1300 Michal Ludvig wrote 1) kickstart installs the system, including puppet from our local repo 2) after reboot I have to login and set the hostname and IP kickstart is able to configure your network / hostname. Why don't you use that feature? Because we've got a common kickstart for all installs, not a per-host kickstart. It only installs the very core system and the rest is brought in and configured by puppet. We're moving to cobbler, Looks like cobbler is the prefered method here. I'll give it a try. Thanks for all the responses! M. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] First boot with Puppet
On Thu, 14 Oct 2010 23:47:16 +1300 Michal Ludvig wrote: > Hi guys, Hi Michal, > Here's my situation: > 1) kickstart installs the system, including puppet from our local repo > 2) after reboot I have to login and set the hostname and IP kickstart is able to configure your network / hostname. Why don't you use that feature? We're moving to cobbler, but we've been using our local sytem for last year with great success: We use a local script that generates our kickstart files. That script collects hostname and adds postinstall part, which looks like: [...] %post wget htpp://server./script.sh chmod +x script.sh script.sh hostname devide_type ip mask gw then, our script.sh runs puppet like: /usr/bin/ruby /usr/sbin/puppetd --server=server --logdest=/var/log/puppet/puppet.log --test --fqdn $1 *notice --fqdn and $1 is node hostname. So, with our conf, before first boot we have our host fully configured (puppet service is confgiured itself) The important thing is that we have autosign enabled for many hosts, so ca stuff is not needed (well, you have to previously puppetca --clean $hostname if you're reinstalling the node). It works really fine. HTH, Arnau -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] First boot with Puppet
On Thu, Oct 14, 2010 at 6:47 AM, Michal Ludvig > 1) kickstart installs the system, including puppet from our local repo In our case, kickstart sets the hostname and the ip/netmask/gateway/dns Why dont you set hostname and the ip/netmask/gateway/dns... in the kickstart file? Mohamed. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] First boot with Puppet
Excerpts from Michal Ludvig's message of Thu Oct 14 06:47:16 -0400 2010: > I'm installing Puppet on RHEL5 systems using KickStart but struggle with > the first boot. > > Here's my situation: > 1) kickstart installs the system, including puppet from our local repo > 2) after reboot I have to login and set the hostname and IP > 3) then run puppet, register it with the server and bring in the config > 4) configure puppet for automatic start > > I have to configure the hostname before running puppet for the first > time, otherwise it makes its certificate with a wrong name (either > 'localhost' or something supplied by dhcp). I'm aware this is not really > a Puppet question but how do you guys do this? How do you > (semi-)automatically configure the hostname before running puppet for > the first time? > Another option is to set the certname option in puppet.conf when installing with kickstart. The certname option defaults to the hostname - however it can be set in puppet.conf: [main] certname=YOUR_UNIQUE_CERTNAME -- Mathias Gug Ubuntu Developer http://www.ubuntu.com -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] First boot with Puppet
you can always use http://theforeman.org to do the provisioning for you. Ohad On Thu, Oct 14, 2010 at 12:47 PM, Michal Ludvig wrote: > Hi guys, > > I'm installing Puppet on RHEL5 systems using KickStart but struggle with > the first boot. > > Here's my situation: > 1) kickstart installs the system, including puppet from our local repo > 2) after reboot I have to login and set the hostname and IP > 3) then run puppet, register it with the server and bring in the config > 4) configure puppet for automatic start > > I have to configure the hostname before running puppet for the first time, > otherwise it makes its certificate with a wrong name (either 'localhost' or > something supplied by dhcp). I'm aware this is not really a Puppet question > but how do you guys do this? How do you (semi-)automatically configure the > hostname before running puppet for the first time? > > Thanks > > M. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] First boot with Puppet
On 10/14/2010 3:47 AM, Michal Ludvig wrote: > Hi guys, > > I'm installing Puppet on RHEL5 systems using KickStart but struggle > with the first boot. > > Here's my situation: > 1) kickstart installs the system, including puppet from our local repo > 2) after reboot I have to login and set the hostname and IP > 3) then run puppet, register it with the server and bring in the config > 4) configure puppet for automatic start > > I have to configure the hostname before running puppet for the first > time, otherwise it makes its certificate with a wrong name (either > 'localhost' or something supplied by dhcp). I'm aware this is not > really a Puppet question but how do you guys do this? How do you > (semi-)automatically configure the hostname before running puppet for > the first time? At Powerset we generated the hostname from LLDP information. All of our hosts were named "switch-port" which was set during installation: custom installer basically partitioned and formatted, mounted disks, copied down a tarball of the current "gold master" image, then mucked around in /mnt/etc setting the hostname and other bits. Upon reboot, puppet was run for the first time out of /etc/rc.local doing the rest. Cheers, Ryan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] First boot with Puppet
On Thu, 2010-10-14 at 23:47 +1300, Michal Ludvig wrote:
> Hi guys,
>
> I'm installing Puppet on RHEL5 systems using KickStart but struggle with
> the first boot.
As Stephen says, use cobbler (we do as well!) and put it into your
kickstart.
Here's ours:
== sample.ks =
#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth --useshadow --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
# Use text mode install
text
# Firewall configuration - switch this off as we will apply it using
# puppet
firewall --disabled
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard uk
# System language
lang en_GB
# Use network installation
url --url=$tree
# If any cobbler repo definitions were referenced in the kickstart
# profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot
#Root password
rootpw --iscrypted $default_password_crypted
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone Europe/London
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# setup the default patitioning
part /boot --fstype=ext3 --size=256
part swap --size=2048
part pv.01 --size=1 --grow
volgroup vg_root pv.01
logvol / --vgname=vg_root --size=8192 --name=lv_root
logvol /var --vgname=vg_root --size=10240 --name=lv_var
logvol /tmp --vgname=vg_root --size=10240 --name=lv_tmp
logvol /home --vgname=vg_root --size=10240 --name=lv_home
%pre
$SNIPPET('log_ks_pre')
$kickstart_start
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%packages
$SNIPPET('func_install_if_enabled')
@Base
vim-enhanced
puppet
acpid
-sendmail
%post --nochroot
# THIS IS THE PUPPET STUFF! #
# It registers the puppet client with the server and then it will
# run on firstboot
# Copy netinfo, which has our FQDN from DHCP, into the chroot
test -f /tmp/netinfo && cp /tmp/netinfo /mnt/sysimage/tmp/
%post
/sbin/chkconfig --level 345 puppet on
# Figure out the FQDN
if [ -f /tmp/netinfo ] ; then
FQDN=`(source /tmp/netinfo; [ -n "$DOMAIN" ] && echo
$HOSTNAME.$DOMAIN || echo $HOSTNAME)`
# Run puppet, just to get the certs; the actual config update happens
# on the next reboot
hostname $FQDN
/usr/sbin/puppetd -o -v --tag no_such_tag --waitforcert 60
fi
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$kickstart_done
# End final steps
== END Sample.ks =
All the $SNIPPET stuff is cobbler specific, but the Puppet config stuff
should work as part of any kickstart.
HTH,
Matt.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] First boot with Puppet
We done it 2 different ways: *) Pull and run a shellscript that sets puppet to run when the computer first boots up. Or instead of running the shell script, run something like this: get private_keys/bootstrap.pem (Pseudocode) get signed/bootstrap.pem (Pseudocode) get public_keys/ca.pem (Pseudocode) #Then run puppetd --no-daemonize --verbose --debug --hostprivkey=/var/lib/puppet/ssl/private_keys/bootstrap.pem --hostcert=/var/lib/puppet/ssl/certs/bootstrap.pem --onetime --certname=bootstrap > /target/root/puppet.log #Now, when the computer reboots, the real run will happen with the computer's real name On Oct 14, 2010, at 3:47 AM, Michal Ludvig wrote: > Hi guys, > > I'm installing Puppet on RHEL5 systems using KickStart but struggle with the > first boot. > > Here's my situation: > 1) kickstart installs the system, including puppet from our local repo > 2) after reboot I have to login and set the hostname and IP > 3) then run puppet, register it with the server and bring in the config > 4) configure puppet for automatic start > > I have to configure the hostname before running puppet for the first time, > otherwise it makes its certificate with a wrong name (either 'localhost' or > something supplied by dhcp). I'm aware this is not really a Puppet question > but how do you guys do this? How do you (semi-)automatically configure the > hostname before running puppet for the first time? > > Thanks > > M. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] First boot with Puppet
Michal Ludvig writes: > Hi guys, > > I'm installing Puppet on RHEL5 systems using KickStart but struggle with > the first boot. > > Here's my situation: > 1) kickstart installs the system, including puppet from our local repo > 2) after reboot I have to login and set the hostname and IP > 3) then run puppet, register it with the server and bring in the config > 4) configure puppet for automatic start > > I have to configure the hostname before running puppet for the first > time, otherwise it makes its certificate with a wrong name (either > 'localhost' or something supplied by dhcp). I'm aware this is not really > a Puppet question but how do you guys do this? How do you > (semi-)automatically configure the hostname before running puppet for > the first time? We're using Cobbler (which uses Kickstart to do the basic system installation) and it easily allows us to create per-host kickstart profiles that set the hostname and configure network interfaces. That information is actually something you can put directly into a Kickstart profile but it means you'd have to create per-host profiles rather than use one master profile for everything. I'm not our local Cobbler/Kickstart expert, but the guy who created our Cobbler installation even figured out how to script a new host's initial registration with the puppetmaster (I believe the key idea is that there is a command-locked ssh identity key that allows the host to get in to the puppetmaster and issue the right "puppetca" command). I'd have to do some digging to look up the specifics. > Thanks > > M. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] First boot with Puppet
Hi guys, I'm installing Puppet on RHEL5 systems using KickStart but struggle with the first boot. Here's my situation: 1) kickstart installs the system, including puppet from our local repo 2) after reboot I have to login and set the hostname and IP 3) then run puppet, register it with the server and bring in the config 4) configure puppet for automatic start I have to configure the hostname before running puppet for the first time, otherwise it makes its certificate with a wrong name (either 'localhost' or something supplied by dhcp). I'm aware this is not really a Puppet question but how do you guys do this? How do you (semi-)automatically configure the hostname before running puppet for the first time? Thanks M. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
