Mainly Linux

Install Puppet with Passenger on Centos 6 – Part Three

Today we will get Puppet Dashboard working. We'll configure this on the same server as Passenger.

So let's get started.

Getting stored configs working with MySQL

Install Rails:

[root@puppet]# gem install rails -v 2.2.2

Install MySQL server and the MySQL gem:

[root@puppet]# yum install mysql mysql-devel mysql-server

[root@puppet]# gem install mysql -- --with-mysql-config=/usr/bin/mysql_config

Create the puppet database:

[root@puppet]# mysql -u root -p

mysql> create database puppet;
mysql> grant all privileges on puppet.* to puppet@localhost
identified by 'password';

Add table index:

mysql> create index exported_restype_title on resources (exported,
restype, title(50));

Edit your puppet.conf:

storeconfigs = true
dbadapter = mysql
dbname = puppet
dbuser = puppet
dbpassword = password
dbserver = localhost
dbsocket = /var/lib/mysql/mysql.sock

To check it's working:

mysql -u puppet -p -D puppet -e 'select name,last_compile from hosts;'

This should output hosts and last compile time. You may need to run a Puppet agent against the server to see this updating.

Getting Puppet Dashboard working

Install the Puppet Dashboard rpm:

[root@puppet]# rpm -ivf http://downloads.puppetlabs.com/dashboard/puppet-dashboard-1.2.2-1.el6.noarch.rpm

Now, let's configure Dashboard:

[root@puppet]# cd /usr/share/puppet-dashboard/config

Configure settings.yml with your favourite text editor:

a_server: 'puppet.tomhayman.co.uk'

Then configure database.yml, keeping the database details the same as above:

production:
database: puppet
username: puppet
password: password
encoding: utf8
adapter: mysql

development:
database: puppet
username: puppet
password: password
encoding: utf8
adapter: mysql

test:
database: puppet
username: puppet
password: password
encoding: utf8
adapter: mysql

Create the Dashboard database schema, so go up a level to here (/usr/share/puppet-dashboard)

Then run:

[root@puppet]# rake db:migrate

Copy the Apache vhost config file from the example Puppet Dashboard gives you:

[root@puppet]# cp /usr/share/puppet-dashboard/ext/passenger/dashboard-vhost.conf /etc/httpd/conf.d/puppetdashboard.conf

You will need to alter a few things inside that conf file. Mine is like this but you may want to tune some parameters, depending on your needs.


PassengerHighPerformance on
PassengerMaxPoolSize 12
PassengerPoolIdleTime 1500
PassengerStatThrottleRate 120
RailsAutoDetect On
ServerName puppetdashboard.tomhayman.co.uk
DocumentRoot /usr/share/puppet-dashboard/public/
#SetEnv RAILS_ENV production
#RackBaseURI

Options None
AllowOverride AuthConfig
Order allow,deny
allow from all

ErrorLog /var/log/httpd/dashboard.example.com_error.log
LogLevel warn
CustomLog /var/log/httpd/dashboard.example.com_access.log combined

Check the Apache config reports no errors by checking the config:

[root@puppet]# apachectl -t -f /etc/httpd/conf.d/puppetdashboard.conf

Any problems you will obviously need to fix before you restart Apache.

Create logs for Dashboard:

[root@puppet]# touch /usr/share/ puppet-dashboard/log/production.log

[root@puppet]# chmod 0666 /usr/share/ puppet-dashboard/log/production.log

To enable inventory support, first check what you need to do at Puppetlabs.

In a nutshell, you need to change just a few settings. Go to settings.yml and change:

enable_inventory_service: true

Create the SSL certificates:

[root@puppet]# rake cert:create_key_pair RAILS_ENV=production

[root@puppet]# rake cert:request RAILS_ENV=production

Then sign it:

[root@puppet]# puppetca -s dashboard

A little mistake I ran into was the certificates need to be owned by the dashboard user. So, change the ownership of the certs directory so that the puppet-dashboard user can access them:

[root@puppet]# chown puppet-dashboard:puppet-dashboard -R certs/

Add this to /etc/puppet/auth.conf

path /facts
auth any
method find, search
allow *

Then, restart Apache:

[root@puppet]# apachectl restart

Start the Dashboard workers:

[root@puppet]# /etc/init.d/puppet-dashboard-workers start

You may need to run the puppet agent on a node first to see puppet Facts appear on the Puppet Dashboard.

That's it!