Server Management & Source Control dengan Puppet

Seminggu lalu aku mulai menekuni Puppet, dan ingin menjadi Puppet Master. Puppet adalah pahlawan bagi system admin, friendly tools, and my best friend. Puppet merupakan software open source yang dapat berjalan pada cross platform baik unix,linux,windows,mac,sun solaris. Puppet merupakan open source data center automation and configuration management framework. Jika saya mempunyai ratusan server di data centre atau ratusan pc desktop, kita cukup mengontrol semuanya dengan puppet. Anda bisa mengatur perubahan system,konfigurasi,troubleshoot,maintain,deploy dari satu titik menggunakan puppet. Puppet digunakan juga oleh Twiter, Sun Microsystems, Google Office,dsb.  Pada Sun Microsystems mereka menggunakan puppet untuk 650 Sun servers di seluruh U.S. data centers yaitu Menlo Park, CA, San Francisco, CA dan Las Vegas, NV.  dan bertanggung jawab juga untuk konfigurasi  software dan operating system server termasuk Internet domains pada sun.com, java.com, mysql.com, openoffice.org

Saya memakai puppet untuk konfigurasi beberapa server di data centre IIX, dan sebelum ke server produksi saya habiskan berjam-jam untuk mencoba pada test server saya. Berikut instalasi dan konfigurasi basic saya dalam memulai berkenalan dengan puppet :

Test Server :

Fedora 13 : puppet-master.gtoms.lab (192.168.1.75)
Ubuntu 10.4 : puppet-client.gtoms.lab (192.168.1.71)

INSTALL PUPPET MASTER :

[root@gtoms gtoms]# uname -a
Linux gtoms.lab 2.6.33.5-124.fc13.i686 #1 SMP Fri Jun 11 09:48:40 UTC 2010 i686 i686 i386 GNU/Linux

127.0.0.1       gtoms.lab       localhost.localdomain   localhost
192.168.1.75    puppet-master.gtoms.lab  puppet-master
192.168.1.75    puppet.gtoms.lab  puppet
::1             localhost6.localdomain6 localhost6

[root@gtoms gtoms]# yum install puppet-server
Loaded plugins: presto, refresh-packagekit
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package puppet-server.noarch 0:0.25.5-1.fc13 set to be updated
–> Processing Dependency: puppet = 0.25.5-1.fc13 for package: puppet-server-0.25.5-1.fc13.noarch
–> Processing Dependency: /usr/bin/ruby for package: puppet-server-0.25.5-1.fc13.noarch
–> Running transaction check
—> Package puppet.noarch 0:0.25.5-1.fc13 set to be updated
–> Processing Dependency: ruby(abi) = 1.8 for package: puppet-0.25.5-1.fc13.noarch
–> Processing Dependency: facter >= 1.5 for package: puppet-0.25.5-1.fc13.noarch
–> Processing Dependency: ruby-shadow for package: puppet-0.25.5-1.fc13.noarch
–> Processing Dependency: ruby-augeas for package: puppet-0.25.5-1.fc13.noarch
–> Processing Dependency: ruby(selinux) for package: puppet-0.25.5-1.fc13.noarch
—> Package ruby.i686 0:1.8.6.399-5.fc13 set to be updated
–> Running transaction check
—> Package facter.noarch 0:1.5.7-1.fc12 set to be updated
—> Package libselinux-ruby.i686 0:2.0.90-5.fc13 set to be updated
—> Package ruby-augeas.i686 0:0.3.0-1.fc12 set to be updated
–> Processing Dependency: augeas-libs >= 0.5.1 for package: ruby-augeas-0.3.0-1.fc12.i686
–> Processing Dependency: libaugeas.so.0(AUGEAS_0.8.0) for package: ruby-augeas-0.3.0-1.fc12.i686
–> Processing Dependency: libaugeas.so.0(AUGEAS_0.1.0) for package: ruby-augeas-0.3.0-1.fc12.i686
–> Processing Dependency: libaugeas.so.0 for package: ruby-augeas-0.3.0-1.fc12.i686
—> Package ruby-libs.i686 0:1.8.6.399-5.fc13 set to be updated
–> Processing Dependency: libreadline.so.5 for package: ruby-libs-1.8.6.399-5.fc13.i686
—> Package ruby-shadow.i686 0:1.4.1-13.fc12 set to be updated
–> Running transaction check
—> Package augeas-libs.i686 0:0.7.1-1.fc13 set to be updated
—> Package compat-readline5.i686 0:5.2-17.fc12 set to be updated
–> Finished Dependency Resolution

Dependencies Resolved

========================================================================
Package                                   Arch                            Version                                    Repository                        Size
========================================================================
Installing:
puppet-server                             noarch                          0.25.5-1.fc13                              updates                           22 k
Installing for dependencies:
augeas-libs                               i686                            0.7.1-1.fc13                               updates                          249 k
compat-readline5                          i686                            5.2-17.fc12                                fedora                           121 k
facter                                    noarch                          1.5.7-1.fc12                               fedora                            49 k
libselinux-ruby                           i686                            2.0.90-5.fc13                              fedora                            95 k
puppet                                    noarch                          0.25.5-1.fc13                              updates                          758 k
ruby                                      i686                            1.8.6.399-5.fc13                           updates                          488 k
ruby-augeas                               i686                            0.3.0-1.fc12                               fedora                            19 k
ruby-libs                                 i686                            1.8.6.399-5.fc13                           updates                          1.6 M
ruby-shadow                               i686                            1.4.1-13.fc12                              fedora                            11 k

Transaction Summary
========================================================================
Install      10 Package(s)
Upgrade       0 Package(s)

Total download size: 3.3 M
Installed size: 11 M
Is this ok [y/N]: y
Downloading Packages:
Setting up and reading Presto delta metadata
Processing delta metadata
Package(s) data still to download: 3.3 M
(1/10): augeas-libs-0.7.1-1.fc13.i686.rpm                                                                                             | 249 kB     00:10
(2/10): compat-readline5-5.2-17.fc12.i686.rpm                                                                                         | 121 kB     00:04
(3/10): facter-1.5.7-1.fc12.noarch.rpm                                                                                                |  49 kB     00:00
(4/10): libselinux-ruby-2.0.90-5.fc13.i686.rpm                                                                                        |  95 kB     00:01
(5/10): puppet-0.25.5-1.fc13.noarch.rpm                                                                                               | 758 kB     00:10
(6/10): puppet-server-0.25.5-1.fc13.noarch.rpm                                                                                        |  22 kB     00:00
(7/10): ruby-1.8.6.399-5.fc13.i686.rpm                                                                                                | 488 kB     00:05
(8/10): ruby-augeas-0.3.0-1.fc12.i686.rpm                                                                                             |  19 kB     00:00
(9/10): ruby-libs-1.8.6.399-5.fc13.i686.rpm                                                                                           | 1.6 MB     00:19
(10/10): ruby-shadow-1.4.1-13.fc12.i686.rpm                                                                                           |  11 kB     00:00
————————————————————————————————————————————————–
Total                                                                                                                         58 kB/s | 3.3 MB     00:59
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing     : augeas-libs-0.7.1-1.fc13.i686                                                                                                        1/10
Installing     : compat-readline5-5.2-17.fc12.i686                                                                                                    2/10
Installing     : ruby-libs-1.8.6.399-5.fc13.i686                                                                                                      3/10
Installing     : ruby-1.8.6.399-5.fc13.i686                                                                                                           4/10
Installing     : ruby-shadow-1.4.1-13.fc12.i686                                                                                                       5/10
Installing     : ruby-augeas-0.3.0-1.fc12.i686                                                                                                        6/10
Installing     : libselinux-ruby-2.0.90-5.fc13.i686                                                                                                   7/10
Installing     : facter-1.5.7-1.fc12.noarch                                                                                                           8/10
Installing     : puppet-0.25.5-1.fc13.noarch                                                                                                          9/10
Installing     : puppet-server-0.25.5-1.fc13.noarch                                                                                                  10/10

Installed:
puppet-server.noarch 0:0.25.5-1.fc13

Dependency Installed:
augeas-libs.i686 0:0.7.1-1.fc13      compat-readline5.i686 0:5.2-17.fc12     facter.noarch 0:1.5.7-1.fc12        libselinux-ruby.i686 0:2.0.90-5.fc13
puppet.noarch 0:0.25.5-1.fc13        ruby.i686 0:1.8.6.399-5.fc13            ruby-augeas.i686 0:0.3.0-1.fc12     ruby-libs.i686 0:1.8.6.399-5.fc13
ruby-shadow.i686 0:1.4.1-13.fc12

Complete!
[root@gtoms gtoms]#

[root@gtoms puppet]# yum install ruby-rdoc
Loaded plugins: presto, refresh-packagekit
adobe-linux-i386                                                                                                                      |  951 B     00:00
livna                                                                                                                                 | 3.2 kB     00:00
rpmfusion-free-updates                                                                                                                | 2.8 kB     00:00
updates/metalink                                                                                                                      | 9.2 kB     00:00
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package ruby-rdoc.i686 0:1.8.6.399-5.fc13 set to be updated
–> Processing Dependency: ruby-irb = 1.8.6.399-5.fc13 for package: ruby-rdoc-1.8.6.399-5.fc13.i686
–> Running transaction check
—> Package ruby-irb.i686 0:1.8.6.399-5.fc13 set to be updated
–> Finished Dependency Resolution

Dependencies Resolved

====================================================================
Package                              Arch                            Version                                       Repository                          Size
======================================================================
Installing:
ruby-rdoc                            i686                            1.8.6.399-5.fc13                              updates                            336 k
Installing for dependencies:
ruby-irb                             i686                            1.8.6.399-5.fc13                              updates                            272 k

Transaction Summary
=====================================================================
Install       2 Package(s)
Upgrade       0 Package(s)

Total download size: 608 k
Installed size: 2.1 M
Is this ok [y/N]: y
Downloading Packages:
Setting up and reading Presto delta metadata
Processing delta metadata
Package(s) data still to download: 608 k
(1/2): ruby-irb-1.8.6.399-5.fc13.i686.rpm                                                                                        | 272 kB     00:02
(2/2): ruby-rdoc-1.8.6.399-5.fc13.i686.rpm                                                                                     | 336 kB     00:02
———————————————————————————————————————————————————
Total                                                                                                                        102 kB/s | 608 kB     00:05
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing     : ruby-irb-1.8.6.399-5.fc13.i686                                                                                            1/2
Installing     : ruby-rdoc-1.8.6.399-5.fc13.i686                                                                                         2/2

Installed:
ruby-rdoc.i686 0:1.8.6.399-5.fc13

Dependency Installed:
ruby-irb.i686 0:1.8.6.399-5.fc13

Complete!
[root@gtoms puppet]#

[root@gtoms gtoms]# cd /etc/puppet/

[root@gtoms puppet]# ll
total 16
-rw-r–r– 1 root root 2346 May  8 19:31 auth.conf
-rw-r–r– 1 root root  381 Apr 17 17:05 fileserver.conf
drwxr-xr-x 2 root root 4096 May 20 20:50 manifests
-rw-r–r– 1 root root  855 May 17 11:10 puppet.conf
[root@gtoms puppet]#

[root@gtoms puppet]# nano fileserver.conf
[files]
path /var/lib/puppet/files
allow *.gtoms.lab
allow 192.168.1.0/24

[root@gtoms puppet]# cd manifests/

[root@gtoms manifests]# nano site.pp

#tampilkan pesan banner motd
file { “/etc/motd”:
source => “puppet:///files/motd/banner”,
}

# atur permissions pada sudo
class sudo {
file { “/etc/sudoers”:
owner => root,
group => root,
mode => 440,
}
}

node default {
include sudo
}

[root@gtoms manifests]# nano /var/lib/puppet/files/motd/banner
NOTICE TO USERS

This is a GTOMS LAB computer (and/or it is directly connected to a GTOMS local network system) that is the property of GTOMS.COM. It is for authorized use o$

Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to authorized$
system, the user consents to such interception, monitoring, recording, copying, auditing, inspection, and disclosure at the discretion of authorized
site or GTOMS security personnel.

Unauthorized or improper use of this system may result in administrative disciplinary action and civil and criminal penalties. By continuing to use this sys$
you do not agree to the conditions stated in this warning.

[root@gtoms puppet]# nano puppet.conf

[main]
# The Puppet log directory.
# The default value is ‘$vardir/log’.
logdir = /var/log/puppet

# Where Puppet PID files are kept.
# The default value is ‘$vardir/run’.
rundir = /var/run/puppet

# Where SSL certificates are kept.
# The default value is ‘$confdir/ssl’.
ssldir = $vardir/ssl

[puppetd]
server = puppet-master.gtoms.lab
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion.  Can be loaded in
# the separate “puppet“ executable using the “–loadclasses“
# option.
# The default value is ‘$confdir/classes.txt’.
classfile = $vardir/classes.txt

# Where puppetd caches the local configuration.  An
# extension indicating the cache format is added automatically.
# The default value is ‘$confdir/localconfig’.
localconfig = $vardir/localconfig

[root@gtoms puppet]# service puppetmaster start
Starting puppetmaster:                                     [  OK  ]

[root@gtoms puppet]# chkconfig puppetmaster on

[root@gtoms puppet]# ps axf |grep puppet
10702 pts/0    S+     0:00                      \_ grep puppet
10691 ?        Ss     0:00 /usr/bin/ruby /usr/sbin/puppetmasterd

[root@gtoms puppet]# puppetca –list
puppet-client.gtoms.lab
[root@gtoms puppet]#

[root@gtoms puppet]# puppetca –list –all
+ gtoms.lab
+ puppet-client.gtoms.lab
[root@gtoms puppet]# puppetca –version
0.25.5
[root@gtoms puppet]#

[root@gtoms puppet]# /etc/init.d/puppetmaster restart
Stopping puppetmaster:                                     [  OK  ]
Starting puppetmaster: ^[[A                                [  OK  ]
[root@gtoms puppet]# tail -f /var/log/messages
Jun 27 23:52:04 gtoms puppetd[13173]: Could not retrieve catalog from remote server: Connection refused – connect(2)
Jun 27 23:52:04 gtoms puppetd[13173]: Using cached catalog
Jun 27 23:52:04 gtoms puppetd[13173]: Could not retrieve catalog; skipping run
Jun 27 23:52:53 gtoms puppetmasterd[13351]: Reopening log files
Jun 27 23:52:53 gtoms puppetmasterd[13351]: Starting Puppet server version 0.25.5
Jun 27 23:53:12 gtoms puppetd[13173]: Caught TERM; calling stop
Jun 27 23:54:37 gtoms puppetmasterd[13351]: Reparsing /etc/puppet/puppet.conf
Jun 27 23:54:49 gtoms puppetmasterd[13351]: Caught TERM; calling stop
Jun 27 23:54:49 gtoms puppetmasterd[13525]: Reopening log files
Jun 27 23:54:49 gtoms puppetmasterd[13525]: Starting Puppet server version 0.25.5
Jun 27 23:54:52 gtoms puppetmasterd[13525]: puppet-client.gtoms.lab has a waiting certificate request
^C
[root@gtoms puppet]# puppetca –sign puppet-client.gtoms.lab
puppet-client.gtoms.lab
notice: Signed certificate request for puppet-client.gtoms.lab
notice: Removing file Puppet::SSL::CertificateRequest puppet-client.gtoms.lab at ‘/var/lib/puppet/ssl/ca/requests/puppet-client.gtoms.lab.pem’

INSTALL PUPPET CLIENT :

root@puppet-client:/home/gtoms# uname -a
Linux puppet-client 2.6.32-21-generic #32-Ubuntu SMP Fri Apr 16 08:10:02 UTC 2010 i686 GNU/Linux
root@puppet-client:/home/gtoms#

root@puppet-client:/home/gtoms# nano /etc/hosts
127.0.0.1      localhost
127.0.1.1      puppet-client.gtoms.lab   puppet-client
192.168.1.71   puppet-client.gtoms.lab   puppet-client
192.168.1.75   puppet.gtoms.lab    puppet

root@puppet-client:/home/gtoms# apt-get install puppet
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following extra packages will be installed:
augeas-lenses facter irb1.8 libaugeas-ruby1.8 libaugeas0 libopenssl-ruby libopenssl-ruby1.8 libreadline-ruby1.8 libreadline5 libruby libruby1.8
libshadow-ruby1.8 libxmlrpc-ruby puppet-common rdoc rdoc1.8 ruby ruby1.8
Suggested packages:
augeas-tools puppet-el vim-puppet etckeeper graphviz ruby1.8-examples ri1.8
The following NEW packages will be installed:
augeas-lenses facter irb1.8 libaugeas-ruby1.8 libaugeas0 libopenssl-ruby libopenssl-ruby1.8 libreadline-ruby1.8 libreadline5 libruby libruby1.8
libshadow-ruby1.8 libxmlrpc-ruby puppet puppet-common rdoc rdoc1.8 ruby ruby1.8
0 upgraded, 19 newly installed, 0 to remove and 2 not upgraded.
Need to get 3,164kB of archives.
After this operation, 14.5MB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://id.archive.ubuntu.com/ubuntu/ lucid/main augeas-lenses 0.7.0-1ubuntu1 [102kB]
Get:2 http://id.archive.ubuntu.com/ubuntu/ lucid/main libruby1.8 1.8.7.249-2 [1,452kB]
Get:3 http://id.archive.ubuntu.com/ubuntu/ lucid/main ruby1.8 1.8.7.249-2 [24.1kB]
Get:4 http://id.archive.ubuntu.com/ubuntu/ lucid/main ruby 4.2 [20.7kB]
Get:5 http://id.archive.ubuntu.com/ubuntu/ lucid/main libopenssl-ruby1.8 1.8.7.249-2 [122kB]
Get:6 http://id.archive.ubuntu.com/ubuntu/ lucid/main facter 1.5.6-2ubuntu2 [33.8kB]
Get:7 http://id.archive.ubuntu.com/ubuntu/ lucid/main libreadline5 5.2-7build1 [132kB]
Get:8 http://id.archive.ubuntu.com/ubuntu/ lucid/main libreadline-ruby1.8 1.8.7.249-2 [10.4kB]
Get:9 http://id.archive.ubuntu.com/ubuntu/ lucid/main irb1.8 1.8.7.249-2 [80.3kB]
Get:10 http://id.archive.ubuntu.com/ubuntu/ lucid/main libaugeas0 0.7.0-1ubuntu1 [155kB]
Get:11 http://id.archive.ubuntu.com/ubuntu/ lucid/main libaugeas-ruby1.8 0.2.0-2ubuntu3 [6,564B]
Get:12 http://id.archive.ubuntu.com/ubuntu/ lucid/main libopenssl-ruby 4.2 [5,008B]
Get:13 http://id.archive.ubuntu.com/ubuntu/ lucid/main libruby 4.2 [5,280B]
Get:14 http://id.archive.ubuntu.com/ubuntu/ lucid/main libshadow-ruby1.8 1.4.1-8build1 [8,828B]
Get:15 http://id.archive.ubuntu.com/ubuntu/ lucid/main libxmlrpc-ruby 4.2 [2,344B]
Get:16 http://id.archive.ubuntu.com/ubuntu/ lucid/main puppet-common 0.25.4-2ubuntu6 [679kB]
Get:17 http://id.archive.ubuntu.com/ubuntu/ lucid/main puppet 0.25.4-2ubuntu6 [194kB]
Get:18 http://id.archive.ubuntu.com/ubuntu/ lucid/main rdoc1.8 1.8.7.249-2 [125kB]
Get:19 http://id.archive.ubuntu.com/ubuntu/ lucid/main rdoc 4.2 [5,326B]
Fetched 3,164kB in 31s (100kB/s)
Selecting previously deselected package augeas-lenses.
(Reading database … 24132 files and directories currently installed.)
Unpacking augeas-lenses (from …/augeas-lenses_0.7.0-1ubuntu1_all.deb) …
Selecting previously deselected package libruby1.8.
Unpacking libruby1.8 (from …/libruby1.8_1.8.7.249-2_i386.deb) …
Selecting previously deselected package ruby1.8.
Unpacking ruby1.8 (from …/ruby1.8_1.8.7.249-2_i386.deb) …
Selecting previously deselected package ruby.
Unpacking ruby (from …/apt/archives/ruby_4.2_all.deb) …
Selecting previously deselected package libopenssl-ruby1.8.
Unpacking libopenssl-ruby1.8 (from …/libopenssl-ruby1.8_1.8.7.249-2_i386.deb) …
Selecting previously deselected package facter.
Unpacking facter (from …/facter_1.5.6-2ubuntu2_all.deb) …
Selecting previously deselected package libreadline5.
Unpacking libreadline5 (from …/libreadline5_5.2-7build1_i386.deb) …
Selecting previously deselected package libreadline-ruby1.8.
Unpacking libreadline-ruby1.8 (from …/libreadline-ruby1.8_1.8.7.249-2_i386.deb) …
Selecting previously deselected package irb1.8.
Unpacking irb1.8 (from …/irb1.8_1.8.7.249-2_all.deb) …
Selecting previously deselected package libaugeas0.
Unpacking libaugeas0 (from …/libaugeas0_0.7.0-1ubuntu1_i386.deb) …
Selecting previously deselected package libaugeas-ruby1.8.
Unpacking libaugeas-ruby1.8 (from …/libaugeas-ruby1.8_0.2.0-2ubuntu3_i386.deb) …
Selecting previously deselected package libopenssl-ruby.
Unpacking libopenssl-ruby (from …/libopenssl-ruby_4.2_all.deb) …
Selecting previously deselected package libruby.
Unpacking libruby (from …/archives/libruby_4.2_all.deb) …
Selecting previously deselected package libshadow-ruby1.8.
Unpacking libshadow-ruby1.8 (from …/libshadow-ruby1.8_1.4.1-8build1_i386.deb) …
Selecting previously deselected package libxmlrpc-ruby.
Unpacking libxmlrpc-ruby (from …/libxmlrpc-ruby_4.2_all.deb) …
Selecting previously deselected package puppet-common.
Unpacking puppet-common (from …/puppet-common_0.25.4-2ubuntu6_all.deb) …
Selecting previously deselected package puppet.
Unpacking puppet (from …/puppet_0.25.4-2ubuntu6_all.deb) …
Selecting previously deselected package rdoc1.8.
Unpacking rdoc1.8 (from …/rdoc1.8_1.8.7.249-2_all.deb) …
Selecting previously deselected package rdoc.
Unpacking rdoc (from …/apt/archives/rdoc_4.2_all.deb) …
Processing triggers for man-db …
Processing triggers for ureadahead …
Setting up augeas-lenses (0.7.0-1ubuntu1) …
Setting up libruby1.8 (1.8.7.249-2) …

Setting up ruby1.8 (1.8.7.249-2) …
Setting up ruby (4.2) …
Setting up libopenssl-ruby1.8 (1.8.7.249-2) …
Setting up facter (1.5.6-2ubuntu2) …
Setting up libreadline5 (5.2-7build1) …

Setting up libreadline-ruby1.8 (1.8.7.249-2) …
Setting up irb1.8 (1.8.7.249-2) …

Setting up libaugeas0 (0.7.0-1ubuntu1) …

Setting up libaugeas-ruby1.8 (0.2.0-2ubuntu3) …
Setting up libopenssl-ruby (4.2) …
Setting up libruby (4.2) …
Setting up libshadow-ruby1.8 (1.4.1-8build1) …
Setting up libxmlrpc-ruby (4.2) …
Setting up puppet-common (0.25.4-2ubuntu6) …
adduser: Warning: The home directory `/var/lib/puppet’ does not belong to the user you are currently creating.

Setting up puppet (0.25.4-2ubuntu6) …
* Starting puppet configuration management tool
puppet not configured to start, please edit /etc/default/puppet to enable
[ OK ]

Setting up rdoc1.8 (1.8.7.249-2) …
Setting up rdoc (4.2) …
Processing triggers for libc-bin …
ldconfig deferred processing now taking place
root@puppet-client:/home/gtoms#

root@puppet-client:/home/gtoms# cd /etc/puppet
root@puppet-client:/etc/puppet# ll
total 28
drwxr-xr-x  4 root root 4096 2010-06-27 21:19 ./
drwxr-xr-x 81 root root 4096 2010-06-27 21:19 ../
-rwxr-xr-x  1 root root  245 2010-04-14 05:43 etckeeper-commit-post*
-rwxr-xr-x  1 root root  256 2010-04-14 05:43 etckeeper-commit-pre*
drwxr-xr-x  2 root root 4096 2010-04-14 05:44 manifests/
-rw-r–r–  1 root root  276 2010-04-14 05:43 puppet.conf
drwxr-xr-x  2 root root 4096 2010-04-14 05:44 templates/
root@puppet-client:/etc/puppet#

root@puppet-client:/etc/puppet# nano puppet.conf
[main]
server = puppet-master.gtoms.lab
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
pluginsync=true
templatedir=$confdir/templates
prerun_command=/etc/puppet/etckeeper-commit-pre
postrun_command=/etc/puppet/etckeeper-commit-post

root@puppet-client:/etc/puppet# nano  /etc/default/puppet
# Defaults for puppet – sourced by /etc/init.d/puppet

# Start puppet on boot?
START=yes

# Startup options
DAEMON_OPTS=””

root@puppet-client:/etc/puppet# /etc/init.d/puppet restart
* Restarting puppet configuration management tool                                                                                                    [ OK ]
root@puppet-client:/etc/puppet#

root@puppet-client:/etc/puppet# ps axf |grep puppet
2420 pts/0    S+     0:00                  \_ grep –color=auto puppet
2411 ?        Ss     0:00 /usr/bin/ruby1.8 /usr/sbin/puppetd
root@puppet-client:/etc/puppet#

root@puppet-client:/home/gtoms# tail -f /var/log/syslog
Jun 27 23:54:29 puppet-client puppetd[1203]: Retrieved certificate does not match private key
Jun 27 23:54:29 puppet-client puppetd[1203]: Creating a new SSL certificate request for puppet-client.gtoms.lab
Jun 27 23:54:29 puppet-client puppetd[1203]: Caching certificate for puppet-client.gtoms.lab
Jun 27 23:54:29 puppet-client puppetd[1203]: Expiring the certificate cache of puppet-client.gtoms.lab
Jun 27 23:54:29 puppet-client puppetd[1203]: Removing file Puppet::SSL::Certificate puppet-client.gtoms.lab at ‘/etc/puppet/ssl/certs/puppet-client.gtoms.lab.pem’
Jun 27 23:54:29 puppet-client puppetd[1203]: Retrieved certificate does not match private key
Jun 27 23:54:29 puppet-client puppetd[1203]: Caching certificate for puppet-client.gtoms.lab
Jun 27 23:54:29 puppet-client puppetd[1203]: Expiring the certificate cache of puppet-client.gtoms.lab
Jun 27 23:54:29 puppet-client puppetd[1203]: Removing file Puppet::SSL::Certificate puppet-client.gtoms.lab at ‘/etc/puppet/ssl/certs/puppet-client.gtoms.lab.pem’
Jun 27 23:54:29 puppet-client puppetd[1203]: Retrieved certificate does not match private key
Jun 27 23:56:29 puppet-client puppetd[1203]: Caching certificate for puppet-client.gtoms.lab
Jun 27 23:56:29 puppet-client puppetd[1203]: Starting Puppet client version 0.25.4
Jun 27 23:56:30 puppet-client puppetd[1203]: Caching certificate_revocation_list for ca
Jun 27 23:56:30 puppet-client puppetd[1203]: Caching catalog for puppet-client.gtoms.lab
Jun 27 23:56:30 puppet-client puppetd[1203]: Applying configuration version ‘1277657813’
Jun 27 23:56:30 puppet-client puppetd[1203]: (Filebucket[/var/puppet/clientbucket]) Adding /etc/motd(eca1e821e3c6b4583c84e05cef7c658c)
Jun 27 23:56:30 puppet-client puppetd[1203]: (//File[/etc/motd]) Filebucketed /etc/motd to puppet with sum eca1e821e3c6b4583c84e05cef7c658c
Jun 27 23:56:30 puppet-client puppetd[1203]: (//File[/etc/motd]/ensure) content changed ‘{md5}eb870248555b856cf502b74eed595458’ to ‘{md5}eb870248555b856cf502b74eed595458’
Jun 27 23:56:30 puppet-client puppetd[1203]: Creating state file /var/puppet/state/state.yaml
Jun 27 23:56:30 puppet-client puppetd[1203]: Finished catalog run in 0.24 seconds

root@puppet-client:/etc/puppet# /etc/init.d/puppet restart
* Restarting puppet configuration management tool
puppet not configured to start, please edit /etc/default/puppet to enable
[ OK ]
root@puppet-client:/etc/puppet# tail -f /var/log/syslog
Jun 27 23:56:29 puppet-client puppetd[1203]: Caching certificate for puppet-client.gtoms.lab
Jun 27 23:56:29 puppet-client puppetd[1203]: Starting Puppet client version 0.25.4
Jun 27 23:56:30 puppet-client puppetd[1203]: Caching certificate_revocation_list for ca
Jun 27 23:56:30 puppet-client puppetd[1203]: Caching catalog for puppet-client.gtoms.lab
Jun 27 23:56:30 puppet-client puppetd[1203]: Applying configuration version ‘1277657813’
Jun 27 23:56:30 puppet-client puppetd[1203]: (Filebucket[/var/puppet/clientbucket]) Adding /etc/motd(eca1e821e3c6b4583c84e05cef7c658c)
Jun 27 23:56:30 puppet-client puppetd[1203]: (//File[/etc/motd]) Filebucketed /etc/motd to puppet with sum eca1e821e3c6b4583c84e05cef7c658c
Jun 27 23:56:30 puppet-client puppetd[1203]: (//File[/etc/motd]/ensure) content changed ‘{md5}eb870248555b856cf502b74eed595458’ to ‘{md5}eb870248555b856cf502b74eed595458’
Jun 27 23:56:30 puppet-client puppetd[1203]: Creating state file /var/puppet/state/state.yaml
Jun 27 23:56:30 puppet-client puppetd[1203]: Finished catalog run in 0.24 seconds

Testing ssh ke puppet-client.gtoms.lab

login as: gtoms
gtoms@192.168.1.71’s password:
NOTICE TO USERS

This is a GTOMS LAB computer (and/or it is directly connected to a GTOMS local network system) that is the property of GTOMS.COM. It is for authorized use o$

Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to authorized$
system, the user consents to such interception, monitoring, recording, copying, auditing, inspection, and disclosure at the discretion of authorized
site or GTOMS security personnel.

Unauthorized or improper use of this system may result in administrative disciplinary action and civil and criminal penalties. By continuing to use this sys$
you do not agree to the conditions stated in this warning.

Last login: Sun Jun 27 23:13:03 2010 from 192.168.1.70
gtoms@puppet-client:~$

Untuk module Puppet lain bisa kita tulis sendiri sesuai keinginan kita, dan puppet support untuk module :Web Servers, Applications, Package Management,Operating Systems, Programming Languages,Networking, Utilities, Monitoring and Trending, Security,Virtualization.

Untuk module-module tersebut bisa didapat di http://example42.com/ atau http://forge.puppetlabs.com/

4 thoughts on “Server Management & Source Control dengan Puppet

  1. Henry Gultom

    @Falcon,
    puppet itu untuk managing banyak server…
    kalau untuk melihat log ada banyak software lain seperti splunk, kiwi..

    tapi kalau mau memfungsikan puppet logging dilempar ke syslog bisa dgn code berikut :

    require puppet
    Puppet.parse_config
    Puppet::Util::Log.level = :info
    Puppet::Util::Log.newdestination(:syslog)
    Puppet.warning(‘jakarta!!!’)
    Puppet.warning(‘lagos!!)’

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.