Friday, May 18, 2018

Puppet Master on Solaris 11.3 SRU 23

Puppet Master on Solaris 11.3 SRU 23

I wasn't really happy with Puppet on Solaris 11.3. But SRU 23 had the following highlight.

Puppet has been updated to 3.8.6 (Bug 22264785). Along with the Puppet update, Facter has been updated to 2.4.6 (Bug 22308383).

Let's give Puppet another try. We'll start with configuring the Puppet master.

# pkg install --no-backup-be system/management/puppet
           Packages to install:        14
...
root@master # svccfg -s puppet:master setprop config/server=$(uname -n).mycompany.com
root@master # svccfg -s puppet:master setprop config/bindaddress=0.0.0.0
root@master # svccfg -s puppet:master refresh
root@master # svcadm enable puppet:master
root@master # tail /var/log/puppet/puppet-master.log
2017-10-19 09:05:16 +0200 Puppet (notice): Starting Puppet master version 3.8.6

We'll configure a client as well.

# pkg install --no-backup-be system/management/puppet
...
# svccfg -s puppet:agent setprop config/server=master.mycompany.com
# svccfg -s puppet:agent refresh

# puppet agent --test --server master.mycompany.com
...
Notice: Finished catalog run in 0.10 seconds

Let's sign the client certificate on the master.

root@master # puppet cert list
  "agent.mycompany.com" (SHA256) XX:XX:XX:XX:...

root@master # puppet cert sign agent.mycompany.com
Signing Certificate Request for:
  "agent.mycompany.com" (SHA256) XX:XX:XX:XX:...
Notice: Signed certificate request for agent.mycompany.com
Notice: Removing file Puppet::SSL::CertificateRequest agent.mycompany.com at '/etc/puppet/ssl/certificate_requests/agent.mycompany.com.pem'

The puppet agent should now be able to communicate with our puppet master.

# puppet agent --test
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Info: Caching catalog for agent.mycompany.com
Info: Applying configuration version '1526560515'
Notice: Applied catalog in 0.20 seconds

# svcadm enable puppet:agent

And now our Puppet master is pulling the strings.

Read the next part at Puppetizing ntpd on Solaris 11.4.

Links

at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

389 Directory Server 1.3.x LDAP client authentication

389 Directory Server 1.3.x LDAP client authentication Last time we did a multi-master replication setup, see 389 Directory Server 1.3.x Repl...