Reification

When starting a brand-new puppet environment, this is the procedure I usually follow to get a client/server bootstrap. First get puppet installed on two boxes, one will be a master and one (or both) will be clients.

(Note: You need some kind of name-resolution infrastructure, either via DNS or /etc/hosts. Puppet clients by default try to contact your master via the short name puppet then the long name puppet.domain.name.)

To start, do the following (I’m assuming Puppet 2.6 commands. For 0.25 use puppetd for puppet agent and puppetmasterd for puppet master):

• On the master: touch /etc/puppet/manifests/site.pp and puppet master --no-daemonize --verbose to watch for connections.
• On the client: puppet agent --test You should see it generate and submit a cert to the master to be signed.
• On the master: puppet cert --list to get the list, then puppet cert --sign <certname> to sign it.
• On the client: puppet agent --test and it should get it’s signed cert, then a catalog from the master if you have a node definition for it.

If that messes up and you want to start over:

• On the master: puppet cert --clean <certname> to clean the client’s cert.
• On the agent: puppet agent --configprint ssldir then rm -rf that dir to remove its cert.

Once server<->client is working fine fine, ^C the puppet master and run:

• On the master: service puppetmaster start
• On the agent: service puppet start

Now you should be able to put modules in /etc/puppet/modules and node definitions in /etc/puppet/manifests/site.pp and the master will stat these every 2 seconds for changes. You can wait for the client to automatically contact the master for its catalog, or run puppet agent --test to see immediate results.