npwalker

Implement PuppetDB on Compile Masters

This procedure will implement a local PE PuppetDB on Compile Masters.

1. Install and Configure the PE PuppetDB service on Compile Masters

Note: Replace all instances of MASTER.EXAMPLE.COM with the certname of your Primary Master.

Note: Replace all instances of DATABASE.EXAMPLE.COM with the certname of your PE Database host, by default, your Primary Master.

npwalker

default_platform: &default_platform el-7-x86_64
default_image: &default_image centos_7_x86_64
default_user: &default_user centos
  
HOSTS:
  mom:
    roles:
      - master
      - database
      - dashboard

npwalker

-- report-ttl temp table implementation
SELECT id INTO TEMP TABLE report_ids_past_report_ttl
from reports r
where r.producer_timestamp < NOW() - INTERVAL '14 days';
ANALYZE report_ids_past_report_ttl;
DELETE from resource_events where report_id IN ( select id from report_ids_past_report_ttl );
UPDATE certnames SET latest_report_id = NULL where latest_report_id IN ( select id from report_ids_past_report_ttl );
DELETE FROM reports where id IN ( select id from report_ids_past_report_ttl );
DROP TABLE report_ids_past_report_ttl;

npwalker

1. On the master: puppet cert clean <agent_certname>
2. On the agent: mv /etc/puppetlabs/puppet/ssl/ /etc/puppetlabs/puppet/ssl_bak

• Never do this if you are trying to regenerate the cert for the agent on the master. Instead you would need to delete specific certs

3. On the agent: puppet agent -t
4. On the master: puppet cert sign <agent_certname>

npwalker

$runinterval = 30 #minutes

$first_run = fqdn_rand($runinterval)
$second_run = $first_run + $runinterval

cron { 'cron.puppet':
   command => "/opt/puppetlabs/bin/puppet agent -t > /dev/null",
   user => "root",
   minute => [ $first_run, $second_run ],
}