Configuring Puppet

puppet server ip addr:
  eth0 = 10.0.2.15           -> internet connection
  eth1 = 192.168.5.10     -> lan connection

puppet client ip addr:
 puppet1 = 192.168.5.11
 puppet2 = 192.168.5.12
 puppet3 = 192.168.5.13
 puppet4 = 192.168.5.14
 puppet5 = 192.168.5.15

Setup puppet server :

1. setup ipaddress puppet server
    root@puppetmaster~# vim /etc/network.interface
  
    setup static ip,write this
  
    auto eth0
    iface eth0 inet static
    address 10.0.2.15
    netmask 255.255.255.0
    gateway 10.0.2.2   ==> ip ADSL / gateway server

    auto eth1
    iface eth1 inet static
    address 192.168.5.10
    netmask 255.255.255.0

2. setup name server and host (for DNS and DHCP next step)
  
    root@puppetmaster~# vim /etc/resolv.conf
    
    nameserver 192.168.5.10
    nameserver 8.8.8.8
    domain latihan.com
    search latihan.com

    root@puppetmaster~# vim /etc/hosts

   192.168.5.10 puppetmaster.latihan.com puppetmaster

3. setup internet router, on puppet server

    edit sysctl
    root@puppetmaster~# vim /etc/sysctl.conf

    unmark/ write

    net.ipv4.ip-forward=1

    setup nat
    root@puppetmaster~# iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE

    save nat config
    root@puppetmaster~# iptables-save > /etc/iptables

    make firewall run when system start
    root@puppetmaster~# touch /etc/init.d/iptables
    root@puppetmaster~# vim /etc/init.d/iptables

    write this
    #!/bin/sh
    echo 1 > /proc/sys/net/ipv4/ip_forward
    iptables-restore < /etc/iptables.conf

    make the script executable
    root@puppetmaster~# chmod +x /etc/init.d/iptables

    make the script run, when boot
    root@puppetmaster~# update-rc.d iptables defaults

 4. setup DNS server

     root@puppetmaster~# apt-get install bind9
     root@puppetmaster~# vim /etc/bind/named.conf.local

    add this lines, be careful for the semicolon ";"

    zone "latihan.com" IN { type master; notify no; file "/etc/bind/latihan.com"; };  
    zone "5.168.192.in-addr.arpa" IN { type master; notify no; file "/etc/bind/rev-192.168.5"; };

    make latihan.com and rev-192.168.5 files
    root@puppetmaster~# touch /etc/bind/{latihan.com,rev-192.168.5}
  
    edit the file and write this
    root@puppetmaster~# vim /etc/bind/latihan.com

    $TTL 7200;
    @         IN     SOA    ns1.latihan.com.  root.latihan.com. (
                          20110127; serial
                          8H;
                          3H;
                          1W;
                          1D;
     )

                           NS    ns1.latihan.com.
                           NS    puppetmaster.latihan.com.
                           A      192.168.5.10
     ns1                 A      192.168.5.10
     puppetmaster  A      192.168.5.10
     puppet1          A      192.168.5.11
     puppet2          A      192.168.5.12
     puppet3          A      192.168.5.13
     puppet4          A      192.168.5.14
     puppet5          A      192.168.5.15
  


root@puppetmaster~# vim /etc/bind/rev-192.168.5

    $TTL 7200;
    @         IN     SOA    ns1.latihan.com.  root.latihan.com. ( 
                          20110127; serial
                          8H; 
                          3H;
                          1W;
                          1D;
     )

                           NS    ns1.latihan.com.
     10        IN      PTR    puppetmaster.latihan.com.
     10        IN      PTR    puppetmaster.latihan.com. 
     11        IN      PTR    puppet1.latihan.com.
     12        IN      PTR    puppet2.latihan.com.
     13        IN      PTR    puppet3.latihan.com.
     14        IN      PTR    puppet4.latihan.com.
     15        IN      PTR    puppet5.latihan.com.


 root@puppetmaster~# /etc/init.d/bind9 start
 root@puppetmaster~# dig @localhost puppetmaster.latihan.com

if got an error, you can check using
 root@puppetmaster~#  tail -n 50 /var/log/daemon.log
 or
 root@puppetmaster~#named-checkzone puppetmaster.latihan.com /etc/bind/latihan.com

5. setup DHCP server

install DHCP server
root@puppetmaster~# apt-get install dhcp3-server

edit dhcp config file at:
root@puppetmaster~# vim /etc/dhcp3/dhcpd.conf

ddns-update-style none;
option domain-name "latihan.com";
option domain-name-servers ns1.latihan.com;
default-lease-time 600;
max-lease-time 7200;

subnet 192.168.5.0 netmask 255.255.255.0 {
           range 192.168.5.12 192.168.5.15;
           option routers 192.168.5.10;
           option subnet-mask 255.255.255.0;
           default-lease-time 600;
           max-lease-time 7200;
}

# configuring ip client based on mac address

host puppet1 {
           hardware ethernet 08:00:27:81:6f:80;   <== based on your mac addr
           fixed-address 192.168.5.11;
}

root@puppetmaster~# /etc/init.d/dhcp3-server start

Ok,the DNS server is done now install the puppet master at the 192.168.5.10
and puppet client.

Installation:
1. you need epel repo for installing puppet

yum install puppet-server

2. configure puppet.conf

Comments

Popular posts from this blog

authentication failure using SSH pam_unix(sshd:auth): authentication failure;

Howto configure SPLUNK Universal Forwarder

openvpn howto make OCSP server using OpenSSL [Part2]