How to Add Puppet Nodes to Foreman – CentOS 7 / Ubuntu 14.04

ADVERTISEMENT

Add Nodes To Foreman
Add Nodes To Foreman

This tutorial is the continuation of installing Foreman, here, we will be going through the steps to add Puppet nodes to Foreman. This post covers the installation and configuration of Puppet agents on CentOS 7 / Ubuntu 14.04 to work with Foreman (Puppet Master).

Puppet Agent Node details are:

Operating system : Ubuntu 14.04.03 LTS server
IP Address : 192.168.12.30
FQDN : ubuntu.itzgeek.local

ADVERTISEMENT
Article will continue after the ad

Operating system : CentOS 7 Minimal
IP Address : 192.168.12.20
FQDN : centos.itzgeek.local

Prerequsites:

Configure EPEL repository only on RHEL 7.

Make sure your system (both puppet server and client) is able to resolve the hostname each other, either use /etc/hosts file or DNS server.

vi /etc/hosts

Like below.

192.168.12.10     server.itzgeek.local     server    # Foreman
192.168.12.20     centos.itzgeek.local     centos    # CentOS 7 Agent
192.168.12.30      ubuntu.itzgeek.local     ubuntu    # Ubuntu 14.04 Agent

Let’s install the Puppet agents on both CentOS and Ubuntu machine.

Install Puppet Agent on CentOS 7:

Install Puppetlabs repository in order to get a puppet agent packages from official source.

rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm

Install puppet agent using below command.

yum -y install puppet

Install Puppet Agent on Ubuntu 14.04:

To install Puppet agent, we have to configure Puppetlabs repository on Ubuntu 14.04.

wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb
sudo dpkg -i puppetlabs-release-trusty.deb

Update the repository.

sudo apt-get update

Install puppet agent using below command.

sudo apt-get install puppet

Configure puppet agent on CentOS 7 / Ubuntu 14.04:

Once the installation is done, we will need to update the “/etc/puppet/puppet.conf” file.
There are two section on the agent node’s puppet config file, a [main] and [master] section. Add the following settings to your [main] settings.

vi /etc/puppet/puppet.conf

Comment or Delete “templatedir=$confdir/templates” line and enter your details Foreman (Puppet Master) in “server = hostname” line

[main]
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
#templatedir=$confdir/templates
### Add Below Lines ###
server = server.itzgeek.local
report = true
pluginsync = true

Edit /etc/default/puppet to enable puppet service.

vi /etc/default/puppet

Setting this to “yes” allows the puppet agent service to run.

START=yes

Run following command to enable and run puppet agent service.

puppet resource service puppet ensure=running enable=true

Sign Puppet Agent certificate:

Now, you will have to sign the certificates of puppet agents in order to work with Foreman, you can do this either by using command line or Foreman web console. Command Line: In Foreman (Puppet Master) server, issue the following command to list down the unsigned certificates.

Command Line:

[root@server ~]# puppet cert list
"ubuntu.itzgeek.local" (SHA256) 30:D1:B5:70:52:1C:1C:AC:1B:DD:3C:2E:B0:28:D7:15:52:95:32:95:1F:37:29:2E:5F:E7:4C:F5:DB:94:A0:A1

In the above output, “ubuntu.itzgeek.local” is the puppet agent. To sign the certificate, use following command.

[root@server ~]# puppet cert sign ubuntu.itzgeek.local
Notice: Signed certificate request for ubuntu.itzgeek.local
Notice: Removing file Puppet::SSL::CertificateRequest ubuntu.itzgeek.local at '/var/lib/puppet/ssl/ca/requests/ubuntu.itzgeek.local.pem'

Console Mode:

Open up your Foreman web console, go to Infrastructure –> Smart proxies. Click Certificates button.

Add Puppet Nodes to Foreman - Smart Proxies
Add Puppet Nodes to Foreman – Smart Proxies

As you see below, agent certificate (ubuntu.itzgeek.local) is pending to be signed. To sign, click Sign button.

Add Puppet Nodes to Foreman - Agent Certificates
Add Puppet Nodes to Foreman – Agent Certificates

Now, agent (ubuntu.itzgeek.local) is signed successfully.

Add Puppet Nodes to Foreman - Signed
Add Puppet Nodes to Foreman – Signed

Verify Node:

Now, go to Hosts –> All Hosts. Verify that the new node (ubuntu.itzgeek.local) has been added to Foreman.

Add Puppet Nodes to Foreman - All Hosts
Add Puppet Nodes to Foreman – All Hosts

Extras:

In case if you want to remove the puppet agent from the Puppet master, run.

[root@server ~]# puppet cert clean ubuntu.itzgeek.local
Notice: Revoked certificate with serial 3
Notice: Removing file Puppet::SSL::Certificate ubuntu.itzgeek.local at '/var/lib/puppet/ssl/ca/signed/ubuntu.itzgeek.local.pem'
Notice: Removing file Puppet::SSL::Certificate ubuntu.itzgeek.local at '/var/lib/puppet/ssl/certs/ubuntu.itzgeek.local.pem'

In case, if you want to re-register the puppet agent that you just deleted in previous step. Follow the below procedure.

Stop the puppet service.

service puppet stop

Delete the puppet agent ssl directory.

rm -rf /var/lib/puppet/ssl/certs

Start the puppet service.

service puppet start

Now, you can go and run the “puppet cert list” command on Foreman (puppet master) server to see the signing request, approve it incase you required.

That’s All. Feel free to post comment here, incase if you have faced any issue.

ADVERTISEMENT

POSTS YOU MAY LIKE -:)

Share This Post

Shares