keith/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

K feverishly edits markdown... there is no Guarantees

Browse source
This commit is contained in:
Keith 2017-01-11 00:02:15 +01:00
parent 838c1e1fa9
commit 9433a8f42a
1 changed files with 40 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

55
README.md Normal file → Executable file
View file

@ -1,44 +1,67 @@
# Rhizomatica Puppet repository # Rhizomatica Puppet repository
Here you will find all the modules which we are currently using in the Rhizomatica infrastructure. Here you will find the puppet recipe that we use to configure and maintain all our nodes in the Oaxaca Network run by TIC A.C.
Some of them are directly pulled from [PuppetForge](https://forge.puppetlabs.com) or [github](https://github.com). A bunch are included as submodules, others are directly imported in the repository.
To have a working repo, you should also include all the submodules: We use one internal puppet master server for our cluster of nodes, but one can alternatively install on a single machine by configuring and running the puppet master and then letting the puppet agent set everything up for you, all on the same machine. If you are using one machine, simply ignore the instructions below where you are directed to change from client to puppet server.
To do this, you need to:
**1** - Choose an Operating System. Historically, we began with Ubuntu 12.04 LTS. Support for Ubuntu 12.04 ends in April 2017.
Install `Ubuntu 12.04 or 14.04, 64-bit version`. There is a preseed file included in this git repo which can make it easier and faster `:)` Not tested on 14.04.
**2** - Create a new user, called `rhizomatica`. This is not needed if you have used the preseed file to do the install.
**3** - Install `openvpn`, `openssh-server` and `puppet`:
sudo apt-get install openvpn openssh-server puppet
**4** - Clone this repo into /etc/puppet/environments/[ENVIRONMENT_NAME]
The default environment name in puppet is 'production'. It is suggested to use it, therefore *on the Puppet server*, do:
cd /etc/puppet/environments
git clone https://github.com/Rhizomatica/puppet.git production
This repo contains all the modules which we are currently using in the Rhizomatica infrastructure. Some of them are directly pulled from [PuppetForge](https://forge.puppetlabs.com) or [github](https://github.com). A bunch are included as submodules, others are directly imported in the repository.
To have a working repo, you must also include all the submodules, so do:
git submodule init git submodule init
git submodule update git submodule update
To have a fully configured system from scratch, these are the steps: To have a fully configured system from scratch, these are the steps:
1 - Install `Ubuntu 12.04, 64-bit version`. There is a preseed file included in this git repo which can make it easier and faster `:)` At the time of writing Ubuntu 12.04 LTS is the version supported here by the master branch, but only for existing installs. New installs will fail because of upstream changes. If you wish to install on Ubuntu 12.04, you will need to
2 - Create a new user, called `rhizomatica`. This is not needed if you have used the preseed file to do the install. cd /etc/puppet/environments/[ENVIRONMENT_NAME]
git checkout whyteks/ubuntu12
3 - Install `openvpn`, `openssh-server` and `puppet`:
sudo apt-get install openvpn openssh-server puppet **5** - Edit `/etc/puppet/puppet.conf` and add the puppet server. The default puppet server is 'puppet' so if you are running puppet master and puppet agent on the same same, you can alternatively point 'puppet' to 127.0.0.1 in /etc/hosts:
4 - Configure the VPN - normally just a matter of unpacking the config and keys in `/etc/openvpn` and restarting `openvpn` 127.0.0.1 puppet
5 - Edit `/etc/puppet/puppet.conf` and add the proper puppet server **6** - *On the Puppet server* Personalize the hiera file which is going to describe your installation by copying over the template file `hieradata/site_template.yaml` to `<hostname>.yaml` in `/etc/puppet/hieradata`, where `hostname` is the name for the host you are currently configuring.
6 - Run puppet for the first time:
**7** - Run puppet for the first time:
puppet agent --test puppet agent --test
This will generate the key and certificate This will generate the key and certificate
7 - Connect to the VPN/Puppet server, check the certificates: **8** - *Connect to the Puppet server*, check the certificates:
puppet ca list puppet ca list
And sign the one you just generated in the step above: And sign the one you just generated in the step above:
puppet ca sign <hostname> puppet ca sign <hostname>
8 - *On the VPN/Puppet server* Personalize the hiera file which is going to describe your installation by copying over the template file to something like `<hostname>.yaml` in `/etc/puppet/hieradata`, where `hostname` is the name for the host you are currently configuring.
9 - Run puppet again: **9** - Run puppet again on the client:
puppet agent --test puppet agent --test
10 - Profit! `:D` **10** - Wait and observe, or not, as you wish. :) Depending on the speed of your internet connection some things might take some time. The puppet recipe is still not perfect and may fail due to dependencies on this second run. If this happens, goto step 9 until the puppet run completes cleanly.