The puppetlabs/puppetdb
module does a great job of installing PuppetDB and getting you running quickly. Unfortunately, it also obscures a lot of the configuration details. In the enterprise, you'll need to know how all the parts fit together. We will now install PuppetDB manually using the following five steps:
To manually install PuppetDB, start with a fresh machine and install the puppetlabs-pc1
repository, as in previous examples. We'll call this new server puppetdb-manual.example.com
to differentiate it from our automatically installed PuppetDB instance (puppetdb.example.com
).
Install Puppet, do a Puppet agent run using the following command to generate certificates, and sign them on the master as we did when we used the puppetlabs/puppetdb
module. Alternatively, use puppet certificate generate
as we did in previous chapters:
[root@puppetdb-manual ~]# yum -y install http://yum.puppetlabs.com/puppetlabs-release-pc1-el-6.noarch.rpm [root@puppetdb-manual ~]# yum install puppet-agent [root@puppetdb-manual ~]# puppet agent -t
Sign the certificate on the master as follows:
[root@stand ~]# puppet cert list "puppetdb-manual.example.com" (SHA256) 90:5E:9B:D5:28:50:E0:43:82:F4:F5:D9:21:0D:C3:82:1B:7F:4D:BB:DC:C0:E5:ED:A1:EB:24:85:3C:01:F4:AC [root@stand ~]# puppet cert sign puppetdb-manual.example.com Notice: Signed certificate request for puppetdb-manual.example.com Notice: Removing file Puppet::SSL::CertificateRequestpuppetdb-manual.example.com at '/etc/puppetlabs/puppet/ssl/ca/requests/puppetdb-manual.example.com.pem'
Back on puppetdb-manual
, install puppetdb
as follows:
[root@puppetdb-manual ~]# yum -q -y install puppetdb
If you already have an enterprise PostgreSQL server configured, you can simply point PuppetDB at that instance. PuppetDB 3.2 only supports PostgreSQL versions 9.4 and higher. To install PostgreSQL, install the postgresql-server
package and initialize the database as follows:
[root@puppetdb-manual ~]# yum install http://yum.postgresql.org/9.4/redhat/rhel-7-x86_64/pgdg-redhat94-9.4-2.noarch.rpm -q -y [root@puppetdb-manual ~]# yum -q -y install postgresql94-server [root@puppetdb-manual ~]# postgresql-setup initdb Initializing database ... OK [root@puppetdb-manual ~]# systemctl start postgresql-9.4
Next create the puppetdb
database (allowing the puppetdb
user to access that database) as follows:
[root@puppetdb-manual ~]# sudo -iu postgres $ createuser -DRSP puppetdb Enter password for new role: PacktPub Enter it again: PacktPub $ createdb -E UTF8 -O puppetdb puppetdb
Allow PuppetDB to connect to the PostgreSQL server using md5 on the localhost since we'll keep PuppetDB and the PostgreSQL server on the same machine (puppetdb-manual.example.com
).
Edit /var/lib/pgsql/9.4/data/pg_hba.conf
and add the following:
local puppetdb puppetdb md5 host puppetdb puppetdb 127.0.0.1/32 md5 host puppetdb puppetdb ::1/128 md5
Restart PostgreSQL and test connectivity as follows:
[root@puppetdb-manual ~]# systemctl restart postgresql-9.4 [root@puppetdb-manual ~]# psql -h localhost puppetdb puppetdb Password for user puppetdb: PacktPub psql (9.4.5) Type "help" for help. puppetdb=> d No relations found. puppetdb=> q
Now that we've verified that PostgreSQL is working, we need to configure PuppetDB to use PostgreSQL.
Locate the database.ini
file in /etc/puppetlabs/puppetdb/conf.d
and replace it with the following code snippet:
[database] classname = org.postgresql.Driver subprotocol = postgresql subname = //localhost:5432/puppetdb username = puppetdb password = PacktPub
If it's not present in your file, configure automatic tasks of PuppetDB such as garbage collection (gc-interval
), as shown in the following code. PuppetDB will remove stale nodes every 60 minutes. For more information on the other settings, refer to the Puppet Labs documentation at http://docs.puppetlabs.com/puppetdb/latest/configure.html:
gc-interval = 60 log-slow-statements = 10 report-ttl = 14d syntax_pgs = true conn-keep-alive = 45 node-ttl = 0s conn-lifetime = 0 node-purge-ttl = 0s conn-max-age = 60
Start PuppetDB using the following command:
[root@puppetdb_manual ~]# systemctl start puppetdb
Perform the following steps to configure Puppet to use PuppetDB.
To use PuppetDB, the worker will need the puppetdb
node terminus package; we'll install that first by using the following command:
# yum -y install puppetdb-termini
Create /etc/puppetlabs/puppet/puppetdb.conf
and point PuppetDB at puppetdb-manual.example.com
:
[main] server_urls = https://puppetdb-manual.example.com:8081/ soft_write_failure = false
Tell Puppet to use PuppetDB for storeconfigs by adding the following in the [master]
section of /etc/puppetlabs/puppet/puppet.conf
:
[master] storeconfigs = true storeconfigs_backend = puppetdb
Next, create a routes.yaml
file in the /etc/puppetlabs/puppet
directory that will make Puppet use PuppetDB for inventory purposes:
--- master: facts: terminus: puppetdb cache: yaml
Restart puppetserver
and verify that PuppetDB is working by running puppet agent
again on puppetdb-manual.example.com
. After the second puppet agent
runs, you can inspect the PostgreSQL database for a new catalog as follows:
[root@puppetdb-manual ~]# psql -h localhostpuppetdbpuppetdb Password for user puppetdb: psql (9.4.5) Type "help" for help. puppetdb=> x Expanded display is on. puppetdb=> SELECT * from catalogs; -[ RECORD 1 ]------+------------------------------------------- id| 1 hash | x13980e07b72cf8e02ea247c3954efdc2cdabbbe0 transaction_uuid | 9ce673db-6af2-49c7-b4c1-6eb83980ac57 certname | puppetdb-manual.example.com producer_timestamp | 2015-12-04 01:27:19.211-05 api_version | 1 timestamp | 2015-12-04 01:27:19.613-05 catalog_version | 1449210436 environment_id | 1 code_id |