Re: "GET /production/certificate/puppet-client2.tcl-oob.net? HTTP/1.1" 500 11298 "-" "-"
37 views
Skip to first unread message
Message has been deleted
vioilly
Dec 12, 2012, 5:22:31 AM12/12/12
to puppet...@googlegroups.com
I reinstalled everything again and manage to get this working. Not sure what the problem was but this is how I install puppet master with passenger:
install puppet master with passenger
1 - install centos 6.3 minimal
2 - configure IP address and hostname - do not set a fqdn hostname.
vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROTO="static"
HWADDR="<mac>"
ONBOOT="yes"
TYPE="Ethernet"
UUID="<uuid>"
IPADDR="10.1.1.10"
NETMASK="255.255.255.0"
GATEWAY="10.1.1.1"
vi /etc/resolv.conf
nameserver 10.1.1.100
domain domain.net
search domain.net
3 - run yum update -y
4 - install vmware tools
rpm --import http://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-DSA-KEY.pub
rpm --import http://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub
cat <<EOT > /etc/yum.repos.d/vmware-tools.repo
[vmware-tools]
name=VMware Tools
#baseurl=http://packages.vmware.com/tools/esx/5.0u1/rhel5/\$basearch
baseurl=http://packages.vmware.com/tools/esx/5.0u1/rhel6/\$basearch
enabled=1
gpgcheck=1
EOT
yum -y install vmware-tools-esx-nox
5 - set iptables (modify where applicable)
iptables -I INPUT 5 -s 10.1.1.0/24 -m tcp -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 6 -s 10.1.1.0/24 -m tcp -p tcp --dport 8140 -j ACCEPT
service iptables save
iptables -L
6 - Install EPEL and puppet repos
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
rpm -ivh http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-6.noarch.rpm
7 - install required packages
yum -y install httpd httpd-devel ruby-devel rubygems mod_ssl make gcc gcc-c++ curl-devel openssl-devel zlib-devel make wget
8 - install ruby 1.9.3
cd /opt
wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p0.tar.gz
tar xzvf ruby-1.9.3-p0.tar.gz
cd ruby-1.9.3-p0
./configure --enable-shared --disable-pthread
make
make install
9 - install puppet master and puppet agent
yum install puppet-server puppet -y
10 - create a puppet ca cert
puppet master --no-daemonize --verbose
(note - ctrl+c to break out of puppet master deamon
11 - install rack using gem
gem install rack
12 - install passenger using gem
gem install passenger
13 - Set up passenger
passenger-install-apache2-module
14 - Config rack.conf
cp /usr/share/puppet/ext/rack/files/apache2.conf /etc/httpd/conf.d/rack.conf
update the rack.conf with the puppet 3.0.1 SSL directory path (var/llis/puppet/ssl) and change hostname for certs.
15 - create rack directories
mkdir -p /etc/puppet/rack/public/
16 - copy config.ru rack file to rack web directory
cp /usr/share/puppet/ext/rack/files/config.ru /etc/puppet/rack/
17 - change ownership of config.ru rack file to puppet
chown puppet:puppet /etc/puppet/rack/config.ru
18 - set httpd to start on boot and puppetmaster to not start
chkconfig httpd on
chkconfig puppetmaster off
19 - set certname in puppet master puppet.conf
vi /etc/puppet/puppet.conf
[master]
certname = puppet-server1.tcl-oob.net
20 Turn of selinux
setenforce 0
21 start apache
service httpd start
--
sign certificate on from puppet client
install puppet client
1 - rpm -ivh http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-6.noarch.rpm
2 - yum install puppet
3 - puppet agent --test
4 - puppet agent --waitforcert 30 --server puppet-server1.tcl-oob.net
sign cert on puppet server
1 - puppet cert --list
2 - puppet cert sign <puppet client>
install puppet master with passenger
1 - install centos 6.3 minimal
2 - configure IP address and hostname - do not set a fqdn hostname.
vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROTO="static"
HWADDR="<mac>"
ONBOOT="yes"
TYPE="Ethernet"
UUID="<uuid>"
IPADDR="10.1.1.10"
NETMASK="255.255.255.0"
GATEWAY="10.1.1.1"
vi /etc/resolv.conf
nameserver 10.1.1.100
domain domain.net
search domain.net
3 - run yum update -y
4 - install vmware tools
rpm --import http://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-DSA-KEY.pub
rpm --import http://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub
cat <<EOT > /etc/yum.repos.d/vmware-tools.repo
[vmware-tools]
name=VMware Tools
#baseurl=http://packages.vmware.com/tools/esx/5.0u1/rhel5/\$basearch
baseurl=http://packages.vmware.com/tools/esx/5.0u1/rhel6/\$basearch
enabled=1
gpgcheck=1
EOT
yum -y install vmware-tools-esx-nox
5 - set iptables (modify where applicable)
iptables -I INPUT 5 -s 10.1.1.0/24 -m tcp -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 6 -s 10.1.1.0/24 -m tcp -p tcp --dport 8140 -j ACCEPT
service iptables save
iptables -L
6 - Install EPEL and puppet repos
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
rpm -ivh http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-6.noarch.rpm
7 - install required packages
yum -y install httpd httpd-devel ruby-devel rubygems mod_ssl make gcc gcc-c++ curl-devel openssl-devel zlib-devel make wget
8 - install ruby 1.9.3
cd /opt
wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p0.tar.gz
tar xzvf ruby-1.9.3-p0.tar.gz
cd ruby-1.9.3-p0
./configure --enable-shared --disable-pthread
make
make install
9 - install puppet master and puppet agent
yum install puppet-server puppet -y
10 - create a puppet ca cert
puppet master --no-daemonize --verbose
(note - ctrl+c to break out of puppet master deamon
11 - install rack using gem
gem install rack
12 - install passenger using gem
gem install passenger
13 - Set up passenger
passenger-install-apache2-module
14 - Config rack.conf
cp /usr/share/puppet/ext/rack/files/apache2.conf /etc/httpd/conf.d/rack.conf
update the rack.conf with the puppet 3.0.1 SSL directory path (var/llis/puppet/ssl) and change hostname for certs.
15 - create rack directories
mkdir -p /etc/puppet/rack/public/
16 - copy config.ru rack file to rack web directory
cp /usr/share/puppet/ext/rack/files/config.ru /etc/puppet/rack/
17 - change ownership of config.ru rack file to puppet
chown puppet:puppet /etc/puppet/rack/config.ru
18 - set httpd to start on boot and puppetmaster to not start
chkconfig httpd on
chkconfig puppetmaster off
19 - set certname in puppet master puppet.conf
vi /etc/puppet/puppet.conf
[master]
certname = puppet-server1.tcl-oob.net
20 Turn of selinux
setenforce 0
21 start apache
service httpd start
--
sign certificate on from puppet client
install puppet client
1 - rpm -ivh http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-6.noarch.rpm
2 - yum install puppet
3 - puppet agent --test
4 - puppet agent --waitforcert 30 --server puppet-server1.tcl-oob.net
sign cert on puppet server
1 - puppet cert --list
2 - puppet cert sign <puppet client>
Reply all
Reply to author
Forward
0 new messages