Pages

Showing posts with label automation. Show all posts
Showing posts with label automation. Show all posts

Thursday, December 28, 2023

Mastering Puppet: A Guide to Configuring the Puppet Master and Client

Puppet is a powerful configuration management tool that automates the process of managing your infrastructure. Setting up a Puppet Master and its clients can seem daunting, but with this guide, you'll be equipped to handle the initial configuration with ease. This blog will walk you through the steps needed to set up a Puppet Master and client, ensuring a smooth and secure connection between them.

Step 1: Initial Setup for Both Master and Client

Downloading and Installing Needed RPM
Before you begin, ensure that both the Master and the client machines have the necessary RPM installed. This can be done by running:

rpm -ivUh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

This command will install the EPEL (Extra Packages for Enterprise Linux) repository, providing additional packages for your setup.

Step 2: Installing the Puppet Server and Client


Master: Installing Puppet Server
On your Master machine, install the Puppet Server with Yum:

yum install puppet-server
Client: Installing Puppet
On the client machine, install the Puppet client software:

yum install puppet

Step 3: Configuring Hostnames and Network

Ensure that the Master and client can communicate with each other by setting up the hostnames correctly.

Edit the Hosts File
Add the following entries to the /etc/hosts file on both the Master and client:

xxx.xxx.xxx.xxx master.puppet.com
xxx.xxx.xxx.xxx client.puppet.com

Replace xxx.xxx.xxx.xxx with the appropriate IP addresses.

Test the Connection
Test the connectivity between the Master and client using the ping command:

ping -c 3 client.puppet.com
ping -c 3 master.puppet.com

Step 4: Setting Up Iptables

For secure communication, you need to ensure that the correct port is open on both the Master and client.

Modify Iptables Rules
You can either disable Iptables or open port 8140, which Puppet uses for communication:


iptables -A INPUT -p tcp --dport 8140 -m state --state NEW,ESTABLISHED -j ACCEPT

Step 5: Starting the Puppet Master Server

With the configurations set, it's time to start the Puppet Master.

Start the Server
On the Master machine, start the Puppet Master service:
/etc/init.d/puppetmaster restart

Step 6: Client Certificate Signing

Puppet uses a certificate-based authentication system. The client will request a certificate from the Master, which needs to be signed.
Check for Signed Certificates
From the client machine, initiate a certificate signing request:

puppetd --server=master.puppet.com --waitforcert 60 --test

Sign the Client's Certificate
On the Master, list all unsigned certificates:

puppetca --list

Sign the client's certificate:

puppetca --sign client.puppet.com

Step 7: Creating Configuration for Clients

With the infrastructure in place, you'll now need to define the desired state of your client systems in the Puppet Master.

Edit the Manifest File
Add configurations to /etc/puppet/manifests/site.pp on the Master. Here's a sample configuration:


# Create "/tmp/testfile" if it doesn't exist.
file { "/tmp/outside":
ensure => present,
mode => 644,
owner => root,
group => root
}
class test_class {
file { "/tmp/testfile":
ensure => present,
mode => 644,
owner => root,
group => root
}
}
package {
'httpd':
ensure => installed }
service {
'httpd':
ensure => true,
enable => true,
require => Package['httpd']
}
# tell puppet on which client to run the class
node client {
include test_class
}
Conclusion
Congratulations! If you've followed these steps without error, your Puppet Master and client are now configured and communicating securely. With your infrastructure now under Puppet's management, you're set to automate your configurations, ensuring consistency and reliability across your environment. Remember, Puppet is incredibly powerful and flexible. Continue exploring its capabilities to fully harness its potential in managing your infrastructure.

Friday, June 5, 2015

Jira
===
JIRA is a commercial software product that can be licensed for running on-premises or available as a hosted application. Pricing depends on the maximum number of users.

Installing Java
yum install java-1.7.0*

Installing Database
yum install -y mariadb-server
mysql -u root -p
CREATE DATABASE jiradb CHARACTER SET utf8 COLLATE utf8_bin;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER,INDEX on jiradb.* TO 'jira'@'localhost' IDENTIFIED BY 'jira_xuZEKE4N';
flush privileges;
SHOW GRANTS FOR 'jira'@'localhost';
exit;

Install Jira:
Download atlassian-jira-6.2.2-x64.bin (32/64 bit) from https://www.atlassian.com/software/jira/download. And install as below-
wget https://downloads.atlassian.com/software/jira/downloads/atlassian-jira-6.4.5-x64.bin
./atlassian-jira-6.4.5-x64.bin
===================================================================
[root@adancsvso002 opt]# sh atlassian-jira-6.4.5-x64.bin
Unpacking JRE ...
Starting Installer ...
May 26, 2015 6:28:39 PM java.util.prefs.FileSystemPreferences$1 run
INFO: Created user preferences directory.

This will install JIRA 6.4.5 on your computer.
OK [o, Enter], Cancel [c]

Choose the appropriate installation or upgrade option.
Please choose one of the following:
Express Install (use default settings) [1], Custom Install (recommended for advanced users) [2, Enter], Upgrade an existing JIRA installation [3]


Where should JIRA 6.4.5 be installed?
[/opt/atlassian/jira]

Default location for JIRA data
[/var/atlassian/application-data/jira]

Configure which ports JIRA will use.
JIRA requires two TCP ports that are not being used by any other
applications on this machine. The HTTP port is where you will access JIRA
through your browser. The Control port is used to Startup and Shutdown JIRA.
Use default ports (HTTP: 8080, Control: 8005) - Recommended [1, Enter], Set custom value for HTTP and Control ports [2]

JIRA can be run in the background.
You may choose to run JIRA as a service, which means it will start
automatically whenever the computer restarts.
Install JIRA as Service?
Yes [y, Enter], No [n]


Extracting files ...


Please wait a few moments while JIRA starts up.
Launching JIRA ...
Installation of JIRA 6.4.5 is complete
Your installation of JIRA 6.4.5 is now ready and can be accessed via your
browser.
JIRA 6.4.5 can be accessed at http://localhost:8080
Finishing installation ...
[root@adancsvso002 opt]#
===================================================================

firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --zone=public --add-port=8005/tcp --permanent
firewall-cmd --reload

wget http://cdn.mysql.com/Downloads/Connector-J/mysql-connector-java-5.1.35.tar.gz
tar zxvf mysql-connector-java-5.1.35.tar.gz
cp -rp mysql-connector-java-5.1.35/mysql-connector-java-5.1.35-bin.jar /opt/atlassian/jira/lib/

systemctl restart mariadb
systemctl status mariadb
service jira start

http://xxx.xxx.xxx.xxx:8080/

Wednesday, May 27, 2015

Jenkins Integration/Automation Tools

Integration/Automation tool
==================
Jenkins is an open source continuous integration tool written in Java. The project was forked from Hudson after a dispute with Oracle. Jenkinsprovides continuous integration services for software development. It is a server-based system running in a servlet container such as Apache Tomcat

Installing Jenkins Latest Version
=================================
sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo
sudo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key
sudo yum install jenkins

Installation of a stable version
===========================================================
sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat-stable/jenkins.repo
sudo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key
sudo yum install jenkins

Installation of Java
====================
yum install java-1.7.0-openjdk
yum install java-1.7.0*

Start/Stop The Jenkins Services
===============================
service jenkins start/stop/restart
chkconfig jenkins on
/etc/init.d/jenkins
Usage: /etc/init.d/jenkins {start|stop|status|try-restart|restart|force-reload|reload|probe}

Enable the firewall
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --zone=public --add-service=http --permanent
firewall-cmd --reload
firewall-cmd --list-all