4.8. Installing and Configurating the Puppetmaster
This chapter is about setting up a single puppet master using the mongrel server type as described in the Chapter 2, Configuration Management Standard .
In order for your environment to be able to scale properly, you will need to go with the mongrel server type. The default webrick server type does not scale beyond ~30 managed clients, because it is a single threaded webserver whereas the mongrel server type is multithreaded. Having a multi-threaded server type is a MUST.
To install the puppetmaster, issue the command:
# yum install puppet-server rubygem-mongrel httpd
which will give you the puppetmaster, the mongrel servertype and httpd which is to be configured as a proxy load balancer.
You will then need to edit or supply the following files:
/etc/puppet/puppet.conf
Holds the [puppetmasterd] (puppetmaster configuration) and [puppetd] (puppet client configuration) sections.
Example configuration at http://git.puppetmanaged.org/?p=modules/puppet/.git
/etc/puppet/manifests/site.pp
Holds the manifest the puppetmaster starts up with.
See also: Section 4.2, “Initial Manifest”
Example configuration at http://git.puppetmanaged.org/?p=modules/puppet/.git
/etc/puppet/fileserver.conf
Example configuration at http://git.puppetmanaged.org/?p=modules/puppet/.git
/etc/puppet/tagmail.conf
Example configuration at http://git.puppetmanaged.org/?p=modules/puppet/.git
/etc/sysconfig/puppetmaster
Example configuration at http://git.puppetmanaged.org/?p=modules/puppet/.git
/etc/sysconfig/puppet
Example configuration at http://git.puppetmanaged.org/?p=modules/puppet/.git
These files can all conform to a standard, and be managed bySection 4.8.3, “Configuring Puppet” for example files.
Enable the mongrel server type by adding to /etc/sysconfig/puppetmaster's PUPPETMASTER_EXTRA_OPTS setting:
--servertype=mongrel --masterport=8141
Make sure the PUPPETMASTER_MANIFEST in /etc/sysconfig/puppetmaster is set to /etc/puppet/manifests/site.pp
You should set the following DNS aliases to resolve to the host or group of hosts running the puppetmaster service, and be listed as a certdnsalias :
puppet
This means that no matter what the search domain or DNS suffixes of your clients are, a so-called "IN A" DNS request for the hostname puppet should resolve to the puppetmaster.
puppet.$domain
Although this seems doubling the aforementioned puppet "IN A" DNS alias requirement, adding the puppet host to /etc/hosts is not enough. The full FQDN of puppet.$domain, where $domain is the search domain(s) or DNS suffix(es) of any client.
$fqdn
Stating the obvious, the hostname of the server running the puppetmaster service must resolve, and must also be listed as a certdnsalias .