Add existing machine to puppet with foreman
Preconditions
There is fully running installation of a puppet server with or without foreman. My installation has a foreman up and running. The system that should be added to puppet is in my case a ubuntu 16.04.3 server installation.
Add the puppet repository to apt sources
First we ensure that the required package ca-certificates is installed. Most of the time this is the case.
apt-get -y install ca-certificates
As next step, we get the puppet5 configuration package from the puppetlabs webpage and install it. This enables the puppet repository so that the newest puppet version can be used.
wget https://apt.puppetlabs.com/puppet5-release-xenial.deb
dpkg -i puppet5-release-xenial.deb
Install the puppet package
This is a rather simple task. Just update the apt package lists and install puppet-agent. As we installed the puppet5 release package, the puppet agent of version 5 will be used to configure this host.
apt update
apt install puppet-agent
Configure the puppet installation
To have puppet working, it needs to know where to get the configuration information from. To do this we have to edit the configuration file.
nano /etc/puppetlabs/puppet/puppet.conf
The most important parts are the server url in the main section that tells puppet the target puppet server address. The second information is the certname in the agent section. This should be the hostname of the host that gets added. Quite usefull is the option show_diff that tells puppet to output the differentials of the applied configuration. This way you are able to see what changed. And of course, don’t forget to set the environment this host belongs to.
[main]
server = foreman.example.com
show_diff = true
[agent]
certname = hostToAdd.example.com
environment = production
runinterval = 30m
Now you are ready to run puppet and start the configuration. In this first communication the puppet server creates a certificate for the host. If there is a autosign rule on the server, this will also apply the defaults and gather the facts. If there is no rule to automatically sign new hosts, you have to sign the host on the puppet server or by using the foreman web UI and run this command again.
/opt/puppetlabs/bin/puppet agent -t -v
The final step after a successful setup is a small symbolic link for easier usage of puppet. This link is not generated by the puppet installer.
ln -s /opt/puppetlabs/bin/puppet /usr/bin/puppet
enable puppet service
Puppet must be started as an agent if the host should be kept up to date. This is done by using puppet itself to configure the puppet agent to start on system startup.
/opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true