My first goal is simply to get puppet onto all of these servers. Of the ~100 servers I need to manage, about 30 of them are dev/qa/test boxes. I now have puppet installed on all of them. There were a few bumps along the way.
Impediments
1. The right repository--I'm sure for the yum guru's out there, this will seem trivial, but it was a problem for me. A repository I was initially using had an older version of puppet (which I did not realize immediately). It wasn't until one of the boxes I was installing puppet on already had a repository configured with a new version of puppet did I realize I had a problem. And it wasn't until I tried connecting it to the puppet-server that I realized I had a problem because I got this somewhat unhelpful error: Error 400 on SERVER: No support for http method POST
Thanks to http://bitcube.co.uk/content/puppet-errors-explained for the explanation.
So, I updated the puppet-master and I fixed the repository I was using and now I'm getting the latest and greatest.
2. Yum dependencies--Occasionally I ran into dependency issues when running yum install. It wasn't terribly clear to me why I got these errors, but generally, it happened when there was a longer list of dependencies. I was able to work around this typically, by simply doing a yum install of one of the dependent packages first, and then trying the yum install puppet again and it worked.
3. Old OSes without the required packages--In some cases I could not work around the the dependencies because the OS version was so old--Fedora 8, 7 and 5. These OSes were looking for libselinux-util which wasn't made available until Fedora 10! Note to self: put these systems on the top of the list to retire.
4. puppetmaster directory details: Also worth mentioning, it took me some time to sort out which directories and where they need to be located on the puppetmaster. I'm not sure if this is a poor documentation problem, or a user problem, but it took some trial and error to get it right.
I needed to have:
/etc/puppet/manifests/site.pp
/etc/puppet/modules
and as an example under /etc/puppet/modules I needed:
/etc/puppet/modules/sudo/manifests/init.pp
Resources
- AWESOME very helpful and engaged channel: puppet IRC. IRC server irc.freenode.net, room: #puppet
- List of common puppet errors with pointers to fix: http://bitcube.co.uk/content/puppet-errors-explained
- Of course the puppet docs, particularly for installing puppet on solaris: http://projects.puppetlabs.com/projects/1/wiki/Puppet_Solaris
- RPM search: http://rpm.pbone.net/
(updated to clean-up layout, edit fonts, etc)
I'll add one other gotcha along the way... After I had already installed clients on about a half-dozen nodes, I realized that I needed to move my puppetmaster in order for it to be accessible by more of my hosts.
ReplyDeleteThis was actually pretty straight forward. After changing the CNAME of my puppet server, to the new server (and DEFINITELY use a CNAME--otherwise if you ever change the name of your puppetmaster, you need to resign all of your agent's certificates), I copied the certificates in the /var/lib/puppet/ssl directory to the new server. Everything came back perfectly.