This is possible, and it is not documented well. Different parts of getting
it to work are in different sections of the online documentation. I got
this working recently with these conditions:
- One puppet server is the CA master as well as a normal compile master
- Puppet masters exist at other data centers and are compile masters for
agents at their sites, with all other masters/agents using the CA master
for SSL
- Each puppet master has a cron to regularly do a 'git pull' of the
puppet environment git repos to /etc/puppetlabs/code/environments so all
agents use the same code. Recommendation: GitLab CE (free) is amazing.
- A separate server hosts puppetdb, and all masters send agent reports
to it. To make this work, all agents/masters need to use the same CA
On the first puppetmaster that will also be the CA master:
- Install puppetserver
- In its /etc/puppetlabs/puppet/puppet.conf [main] section:
- server = <its FQDN>
- ca_server = <its FQDN>
- Startup puppetserver on it
- Put your code into /etc/puppetlabs/code/environments
- Configure it to be an agent to itself and ensure it successfully runs
before proceeding
On other masters:
- Install puppetserver
- Setup the git repos into /etc/puppetlabs/code/environments as you did
for the CA master
- Modify /etc/puppetlabs/puppetserver/bootstrap.cfg and follow the
comment's instruction on disabling the CA service
- Modify /etc/puppetlabs/puppetserver/conf.d/webserver.conf per
https://docs.puppet.com/puppetserver/2.2/external_ca_configuration.html
- In its /etc/puppetlabs/puppet/puppet.conf [main] section:
- server = <its FQDN>
- ca_server = <FQDN of CA master>
- In its [agent] section, make its 'server' be the CA master and set the
correct environment
- Run the agent successfully (against the CA master), then make 'server'
be its own FQDN, then run it successfully again
Configure all masters to send reports to puppetdb:
- Under [master], add:
-
storeconfigs = true
storeconfigs_backend = puppetdb
reports = puppetdb
On agents:
- In the [main] section, have 'ca_server = <FQDN of CA master>'
- In the [agent] section, have 'server = <FQDN of the master for its
site>'
- Send agent reports, in the [agent] section, add: report = true
On the separate PuppetDB server:
- Configure it as an agent and successfully run the puppet agent
- Install the excellent puppetlabs-puppetdb module from puppetforge into
your environment(s)
- In your site.pp node section, configure your masters and puppetdb
server as such with the module:
-
# Puppet masters send reports to puppetdb server
if $::hostname =~ /(camaster|master1|master2|master3)/ {
class { 'puppetdb::master::config':
puppetdb_server => 'puppetdbserver.example.com',
}
}
# This is the puppetdb server
if $::hostname == 'puppetdbserver' {
class { 'puppetdb':
listen_address => '0.0.0.0',
open_listen_port => true,
open_ssl_listen_port => true,
java_args => { '-Xmx' => '2g', },
}
}
- I highly recommend using puppetboard with
puppetdb: https://github.com/voxpupuli/puppetboard
On Wednesday, April 20, 2016 at 7:59:00 AM UTC-5, Geoff Galitz wrote:
>
>
> Hi...
>
> Is it possible to get compile master, master of master and code manager
> (file sync) working in the open source versions? Specifically:
>
> puppetserver-2.3.1-1.el7.noarch
> puppetlabs-release-pc1-1.0.0-1.el7.noarch
>
> Or are there pointers to get similar functionality via the open source
> packages?
>
> -G
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/592c18b2-b20a-44a2-90c8-86365a1ee542%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
