Friday, February 13, 2015

Running a Script in Client Server's using Puppet Master.

Running a Script in Client Server's using Puppet.

Enable the puppet File Server
Add Following entries to /etc/puppet/fileserver.conf
path /var/lib/puppet/bucket
allow *

The File is stored in the mentioned path
[root@master ~]# ll /var/lib/puppet/bucket/
total 4
-rw-r--r--. 1 root root 39 Feb 10 16:45

In the below codes first the scripts is fetched from the master and saved in the local file. and then execute
[root@master ~]# cat /etc/puppet/manifests/site.pp
node "client" {
file { '/tmp/':
          owner => 'root',
          group => 'root',
          mode => '700',
          source => 'puppet:///extra_files/',
exec    {'run_startup':
        command => '/tmp/',
[root@master ~]#

Tuesday, February 10, 2015

Puppet Master-Client Setup/Usage

Puppet is a system for automating system administration tasks. It has a master server in which we will be mentioning the client configurations and in the client we will be running an agent which will fetch the configuration form the master server and implement it.

Master and Client Runs on Centos7

Open the port 8140 in firewall and set SELINUX to permissive mode.

Intalling the packages.
rpm -ivh
yum install -y puppet-server

Start the service
systemctl start  puppetmaster.service
puppet resource service puppetmaster ensure=running enable=true
Notice: /Service[puppetmaster]/enable: enable changed 'false' to 'true'
service { 'puppetmaster':
  ensure => 'running',
  enable => 'true',
[root@master ~]#

Now the Certificate and keys would have been created.
[root@master ~]# ll /var/lib/puppet/ssl/certs
total 8
-rw-r--r--. 1 puppet puppet 2013 Feb  9 14:48 ca.pem
-rw-r--r--. 1 puppet puppet 2098 Feb  9 14:48
[root@master ~]#
[root@master ~]# ll /var/lib/puppet/ssl/private_keys/
total 4
-rw-r--r--. 1 puppet puppet 3243 Feb  9 14:48
[root@master ~]#

Add the Following entries to the Following File. # You will find the cert name in /var/lib/puppet/ssl/certs
vim /etc/puppet/puppet.conf
certname =
autosign = true

Restart the Service
systemctl restart  puppetmaster.service

[root@master ~]# netstat -plan |grep 8140
tcp6       0      0 :::8140                 :::*                    LISTEN      5870/ruby
[root@master ~]#

Client Configuration 

Install the Packages
rpm -ivh
yum install -y puppet

Configure the Client
 vim /etc/puppet/puppet.conf
# In the [agent] section
    server =
    report = true
    pluginsync = true

Now the Following Command will add the certificate to Server 
puppet agent -t --debug --verbose

From Server we need to sign the client certificate If its not signed Automatically
puppet cert sign --all

Now from Client again run
puppet agent -t --debug --verbose
to get synced.

Now in Server Create the Configuration file 
cat /etc/puppet/manifests/site.pp
node "" {
file { '/root/example_file.txt':
    ensure => "file",
    owner  => "root",
    group  => "root",
    mode   => "700",
    content => "Congratulations!
Puppet has created this file.

Once the above file in created in Server we need to run agent in the client
puppet agent -t --debug --verbose

we can see that file is created

Info: Applying configuration version '1423504520'
Notice: /Stage[main]/Main/Node[]/File[/root/example_file.txt]/ensure: defined content as '{md5}8a2d86dd40aa579c3fabac1453fcffa5'
Debug: /Stage[main]/Main/Node[]/File[/root/example_file.txt]: The container Node[] will propagate my refresh event
Debug: Node[]: The container Class[Main] will propagate my refresh event
Debug: Class[Main]: The container Stage[main] will propagate my refresh event
Debug: Finishing transaction 23483900
Debug: Storing state
Debug: Stored state in 0.01 seconds
Notice: Finished catalog run in 0.03 seconds
Debug: Using cached connection for
Debug: Caching connection for
Debug: Closing connection for
[root@client ~]# ll /root/
total 4
-rwx------. 1 root root 47 Feb  9 17:55 example_file.txt
[root@client ~]#

Tuesday, February 3, 2015

Configuring http proxy in the linux Server

Open the .bash_profile file for editing.

(example: vi ~/.bash_profile)
Add the following lines to the end of the file:
export no_proxy=localhost,,
export http_proxy
http_proxy should be the ip address or hostname, plus the port of your proxy server
no_proxy should be any exclusions you want to make – addresses that you don’t want to send via the proxy.
NOTE: This must be done for each individual user, including root.
If you don’t want to log out of your shell session, you can reload the bash profile with the following:
source .bash_profile

Configuring YUM to use proxy
To configure “yum” to use the HTTP / HTTPS proxy you will need to edit the /etc/yum.conf configuration file. Open /etc/yum.conf in your favorite editor and add the following line.

Save and close the file, then clear the cache used by yum with the following command:
yum clean all