This week I had to set up puppet with mongrel and apache for the balancing. To be honest... I never heard aboutthe puppet tool at all before (sorry puppet-developers ). As far as I understood, the puppetmaster is not really doing well with handling multiple concurrent requests and we need to provision about 128 compute nodes from a HPC cluster ...
On how I set up all the stuff in the test environment/production environment.
First I identified the right RPMs from EPEL, because I had no connection to the Internet:
augeas-0.5.3-1.el5.x86_64.rpm
augeas-libs-0.5.3-1.el5.x86_64.rpm
facter-1.5.7-1.el5.noarch.rpm
puppet-0.24.8-4.el5.noarch.rpm
puppet-server-0.24.8-4.el5.noarch.rpm
ruby-augeas-0.3.0-1.el5.x86_64.rpm
rubygem-daemons-1.0.7-2.el5.noarch.rpm
rubygem-fastthread-1.0.1-1.el5.x86_64.rpm
rubygem-gem_plugin-0.2.2-2.el5.noarch.rpm
rubygem-mongrel-1.0.1-6.el5.x86_64.rpm
rubygem-rake-0.8.3-1.el5.noarch.rpm
rubygems-1.3.1-1.el5.noarch.rpm
ruby-shadow-1.4.1-7.el5.x86_64.rpm
You can install them with 'yum --nogpgcheck localinstall *.rpm'.
You must als make sure that apache with mod_ssl is installed as well (yum install httpd mod_ssl).
Configuring Apache for load-balancing
As mentioned before, apache and puppet master must be installed.
First I copied and modified the /etc/init.d/httpd script to use it for puppet loadbalancing. Find my copy of the script on:
http://www.xs4all.nl/~paderijk/blog/puppet-balancer
So you can do:
# cd /etc/init.d/
# wget http://www.xs4all.nl/~paderijk/blog/puppet-balancer
# chmod 755 ./puppet-balancer
Now we have to create the some additional directories:
# mkdir -p /var/log/puppet-balancer
# mkdir -p /etc/puppet-balancer/{conf,conf.d}
I used the configuration file initially set up by from Jeff McCune and modified it for RHEL5. This file can be found on:
http://www.xs4all.nl/~paderijk/blog/puppet-balancer.conf
So you can put it into place like this:
# cd /etc/puppet-balancer/conf
# wget http://www.xs4all.nl/~paderijk/blog/puppet-balancer.conf
And finally we need to create a symlink name /usr/sbin/puppet-balancer which links to /usr/sbin/httpd
# ln -s /usr/sbin/httpd /usr/sbin/puppet-balancer
I've done this, because somehow the init-scripts are having some inconstancy.
And we also need a /etc/sysconfig/puppet-balancer file
# cd /etc/sysconfig
# wget http://www.xs4all.nl/~paderijk/blog/sysconfig-puppetbalancer
# mv sysconfig-puppetbalancer puppet-balancer
For so far the apache configuration, still we don't start the puppet-balancer 'service'. First we need to configure and start the puppet master.
Configuration puppetmaster
The configuration of the puppetmaster was actually very easy.
*UPDATE* A colleague pointed me on the fact that the CA wasn't set up properly going into mongrel mode. So first start puppetmaster normally:
# service puppetmaster start ; sleep 5 ; service puppetmaster stop
Make sure the following line is 'enabled' to /etc/sysconfig/puppetmaster:
PUPPETMASTER_PORTS=( 18140 18141 18142 18143 )
This will enable puppetmaster with mongrel and starts on the ports 18140 to 18143
I also noticed that the RPM for puppetmaster didn't set up all the required directories, so I need to add them manual:
# mkdir -p /var/lib/puppet/yaml/{facts,nodes}
# chown puppet:puppet /var/lib/puppet/yaml/{facts,nodes}
Start the puppetmaster and Apache (puppet-balancer)
Now we can start the puppetmaster:
# service puppetmaster start
But we want to survive reboots as well, so we do also:
# chkconfig puppetmaster on
Now the Puppet CA is also set up. So now we can start the puppet-balancer (apache) as well. But first we need to symlink the key-file and the certificate file:
# ln -s /var/lib/puppet/ssl/private_keys/{$(hostname -f).pem,puppet-balancer.pem}
# ln -s /var/lib/puppet/ssl/certs/{$(hostname -f).pem,puppet-balancer.pem}
And now we can start the puppet-balancer:
# service puppet-balancer start
And get it also up and running after a reboot:
# chkconfig puppet-balancer on
More details on how to do further configuration/setting up manifest files et cetera can be found on the Puppet wiki:
http://reductivelabs.com/trac/puppet/