Puppet; a tool that supports to automate application deployment. Puppet enable
you to practice continuous delivery. In this post I provide an an overview of Puppet Open Source continuous delivery
tool, and outline it's necessary configurations and installations instructions
specific to a Linux CentOS
environment with recommended best practices. At the end of this post I have
mentioned how to deploy a war file to
JBoss Wildfly via it’s command
line tool.
Puppet is an automation software for IT system
administrators and consultants. It allows you to automate repetitive tasks such
as the installation of applications and services, patch management, and
deployments. Configuration for all resources are stored in so called
"manifests", that can be applied to multiple machines or just a
single server.
Puppet Open Source Tool have two major components; Puppet Master and Puppet Agent. Those are intended to host in two separate locations
where Puppet Master keeps all
manifest scripts related to deployment automation while puppet agent's are
intended to frequently (in every 30mins of time) communicate with Puppet Masters to detect any updates to
configurations and deployment artifacts, and pull them to agent's environment
to finish the deployment.
Puppet Master is responsible for keeping agent specific
deployment scripts while Puppet Agent is responsible for accessing Puppet
Master and automate the deployment. First of all, Puppet Master's 8140 port must be enable to access via Puppet Agent and also both Puppet Master and Puppet Agent hosted servers needs to have their FQDNs registered
with a DNS.
Master Configuration
On CentOS/RHEL 6, where iptables is used as
firewall, add following line into section ":OUTPUT ACCEPT" of
/etc/sysconfig/iptables.
#vim
/etc/sysconfig/iptables
Add
the following line to iptables to open
port 8140.
-A INPUT -m state --state NEW -m tcp -p
tcp --dport 8140 -j ACCEPT
Close
the file after saving it.
Restart
the iptables service.
# service iptables restart
Open
hosts file to add FQDN of Puppet
Master.
Add
FQDNs to the file.
10.101.15.190 nexus-jenkins.abc.lk
10.101.15.197 dev-179.abc.lk
Close
the file after saving it.
Agent Configuration
Puppet client nodes have to know where the Puppet master
server is located. The best practice for this is to use a DNS server, where
Puppet domain name can be configured. If a DNS server is not available,
/etc/hosts file can be modified as follows.
Add FQDN of Puppet Master
to the file.
10.101.15.197 nexus-jenkins.abc.lk
Close the file after saving it.
Installing Puppet
Master
Since Puppet is not in basic CentOS or RHEL distribution
repositories, add a custom repository provided by Puppet Labs
# rpm -ivh https://yum.puppetlabs.com/el/6.5/products/x86_64/puppetlabs-release-6-10.noarch.rpm
Install the "puppet-server" module in master
server.
# yum install puppet-server
When the installation is done, set the Puppet server to
automatically start on boot and turn it on.
# chkconfig puppetmaster on
# service puppetmaster start
Installing Puppet
Client
Since Puppet is not in basic CentOS or RHEL distribution
repositories, add a custom repository provided by Puppet Labs
# rpm -ivh
https://yum.puppetlabs.com/el/6.5/products/x86_64/puppetlabs-release-6-10.noarch.rpm
Install the puppet agent service in agent server.
When the installation is done, set the Puppet server to
automatically start on boot and turn it on.
# yum chkconfig puppet on
Specify the Puppet master servers FQDN in
/etc/sysconfig/puppet file.
# vim /etc/sysconfig/puppet
Add the following line to specify the FQDN of the puppet
master.
PUPPET_SERVER=nexus-jenkins.abc.lk
The master server name also has to be defined in the section
of agent's puppet configuration file.
# vim
/etc/puppet/puppet.conf
Add the following line to specify the master server.
server=nexus-jenkins.abc.lk
Start the puppet client.
Certificate
Verification
Execute the below command in puppet agent to generate a
certificate request.
Following error message will be appear in the terminal.
Exiting; no certificate
found and waitforcert is disabled
Go back to puppet master server and list all certificate
requests by executing the following command.
Sign the certificate by executing the following command in
puppet master's terminal.
# puppet cert sign dev-86.abc.lk
Note: puppet agent's FQDN
Deployment
Orchestration
For deployment automations, make sure site.pp file exist in
/etc/puppet/manifests directory.
Following instructions
are targeted to be placed in Puppet-Master node.
Create the following directory structure using mkdir command.
/etc/puppet/modules/[project_name]/files/
Example:
/etc/puppet/modules/xyz/files/
Open the /etc/puppet/manifests/site.pp file to configure the
deployment plan.
# vim /etc/ puppet/manifests/site.pp
Add the following content to the file.
node 'pqr.abc.lk'
{
file { "/tmp/xyz/portal.war":
ensure => 'present',
mode => 0755,
owner => abc,
group => abc,
source =>
"puppet:///modules/xyz/portal.war"
}
exec { "deploy_portal":
command =>
"/home/abc/wildfly/bin/jboss-cli.sh --connect --command=\"deploy
--force /tmp/xyz/portal.war\" "
}
}
References: