progetti:cloud-areapd:best_practices:config_puppetrun
Table of Contents
Configure Host "Puppet Run" on Foreman
Reference
Configuration Log
on client node
- modify puppet.conf
[root@cld-ganglia ~]# egrep -v '^ #|^#|^$' /etc/puppet/puppet.conf [main] vardir = /var/lib/puppet logdir = /var/log/puppet rundir = /var/run/puppet ssldir = $vardir/ssl listen = true <----------- new line [agent] pluginsync = true report = true ignoreschedules = true daemon = false ca_server = cld-foreman.cloud.pd.infn.it certname = cld-ganglia.cloud.pd.infn.it environment = production server = cld-foreman.cloud.pd.infn.it
- modify auth.conf:
[root@cld-ganglia ~]# tail -11 /etc/puppet/auth.conf # added to enable puppetrun path /run auth any method save allow cld-foreman.cloud.pd.infn.it # this one is not stricly necessary, but it has the merit # to show the default policy which is deny everything else path / auth any
on foreman node
- in foreman settings (More –> Settings –> "Puppet"tab), set puppetrun to "true".
- enable foreman-proxy in sudoers:
[root@cld-foreman ~]# grep foreman /etc/sudoers ## Allow foreman-proxy to do puppetrun Defaults:foreman-proxy !requiretty foreman-proxy ALL = NOPASSWD: /usr/bin/puppet kick *
progetti/cloud-areapd/best_practices/config_puppetrun.txt · Last modified: 2014/01/29 19:29 by aiftim@infn.it