Node Configuration - ghomem/legacy_puppet_infrastructure GitHub Wiki

New Node Configuration

This procedure configures a new node. It supports Ubuntu 22.04, Ubuntu 24.04, RHEL8 and RHEL9.

Pre-Install

In order to connect a new node, login into the puppet master, switch to the deployment user

sudo su - deployment

and define a basic configuration for the new node at /home/deployment/nodes/PROJNAME/NODENAME.pp":

node 'NODENAME' {
  include puppet_infrastructure::node_base
  include passwd_common
}

Please login as root in the node machine

ssh [email protected]

and execute:

SCRIPT=https://raw.githubusercontent.com/ghomem/puppet_infrastructure/main/util/install-puppet-node.sh
curl -s $SCRIPT | bash -s $HOSTNAME example.com puppet.example.com 0

where example.com is your operations domain and puppet.example.com is your puppet master.

The configuration will start and at some point wait for the node certificate to be signed at the puppet master. That can be done with:

sudo puppet cert sign NODENAME

after which the configuration will automatically run until the end.

As a safety measure, you should then reboot the node machine and apply the configuration again, from the node machine, to ensure everything is working as expected:

ssh [email protected]
sudo puppet agent -t

Node definition on puppet master

It's necessary to import puppet_infrastructure repository on puppet master to /etc/puppetlabs/code/environments/production/modules folder. After that, it's crucial to properly position the node declaration for the machine within the /etc/puppetlabs/code/environments/production/manifests/nodes directory. It's strongly recommended to maintain a puppet file for each registered node that encapsulates its respective definition, even if no specific information is included, meaning the file could be left with an empty node declaration.

Config example.

/etc/puppetlabs/code/environments/production/manifests/nodes/server/ubuntuserver01.pp

# server node
node 'ubuntuserver01' {

  include puppet_infrastructure::node_base
  include passwd_common

}

/etc/puppetlabs/code/environments/production/manifests/nodes/desktop/ubuntudesktop01.pp

# desktop node
node 'ubuntudesktop01' {

  include puppet_infrastructure::node_base_desktop
  include passwd_common
  # necessary for CUPS broadcast to work
  firewall { "900 allow CUPS mDNS": proto => 'udp', dport => 5353,  action => 'accept', source => $::printserver }

}

User Management

User management is done with the /opt/puppet_infrastructure/bin/pp_auth.sh command on the puppet-master.

Remove node from puppet

Run the following command in the puppet master:

puppet cert clean <node_name>

Clean up node state

rm -rf /var/lib/puppet
⚠️ **GitHub.com Fallback** ⚠️