Ask Your Question
0

Need updated mcollective instructions

asked 2016-03-03 13:05:18 -0500

I have been wrestling with getting collective installed for the bast week or so, and its just not working. My biggest problems are the fact that...

1) All the instructions and modules seem to be referencing the paths from puppet3. I can't find 1 tutorial that uses mcollectve that is part of puppet-agent.

2) I can't get a good handle on the correct configurations for the server,m the notes, and the individual users and which certs to use in which configuration file.

Here is my layout. I have a host, puppetmaster, that is running puppet server, activemq, and should be the collective admin host (collective client). I have 2 hosts that will be administered by puppet (collective servers), and I have tried to make myself the admin.

Here is my client config on puppetmaster:

# /etc/puppetlabs/mcollective/client.cfg

# ActiveMQ connector settings:
connector = activemq
direct_addressing = 1
plugin.activemq.pool.size = 1
plugin.activemq.pool.1.host = puppetmaster.myco.com
plugin.activemq.pool.1.port = 61614
plugin.activemq.pool.1.user = mcollective
plugin.activemq.pool.1.password = collective
plugin.activemq.pool.1.ssl = 1
plugin.activemq.pool.1.ssl.ca = /etc/puppetlabs/puppet/ssl/certs/ca.pem
plugin.activemq.pool.1.ssl.cert = /etc/puppetlabs/puppet/ssl/certs/puppetmaster.myco.com.pem
plugin.activemq.pool.1.ssl.key = /etc/puppetlabs/puppet/ssl/private_keys/puppetmaster.myco.com.pem
plugin.activemq.pool.1.ssl.fallback = 0

# SSL security plugin settings:
securityprovider = ssl
plugin.ssl_server_public = /etc/puppetlabs/mcollective/server_public.pem
plugin.ssl_client_private = /etc/puppetlabs/puppet/ssl/private_keys/puppetmaster.myco.com.pem
plugin.ssl_client_public = /etc/puppetlabs/puppet/ssl/certs/puppetmaster.myco.com.pem

# Interface settings:
default_discovery_method = mc
direct_addressing_threshold = 10
ttl = 60
color = 1
rpclimitmethod = first

# No additional subcollectives:
collectives = mcollective
main_collective = mcollective

# Platform defaults:
# These settings differ based on platform; the default config file created
# by the package should include correct values or omit the setting if the
# default value is fine.
libdir = /opt/puppetlabs/mcollective/plugins/

# Logging:
logger_type = console
loglevel = warn

On my hosts, it-lnx-01, for example, the server.cfg is:

# /etc/puppetlabs/mcollective/server.cfg

# ActiveMQ connector settings:
connector = activemq
direct_addressing = 1
plugin.activemq.pool.size = 1
plugin.activemq.pool.1.host = puppetmaster.myco.com
plugin.activemq.pool.1.port = 61614
plugin.activemq.pool.1.user = mcollective
plugin.activemq.pool.1.password = mcollective
plugin.activemq.pool.1.ssl = 1
plugin.activemq.pool.1.ssl.ca = /etc/puppetlabs/puppet/ssl/certs/ca.pem
plugin.activemq.pool.1.ssl.cert = /etc/puppetlabs/puppet/ssl/certs/it-lnx-01.myco.com.pem
plugin.activemq.pool.1.ssl.key = /etc/puppetlabs/puppet/ssl/private_keys/it-lnx-01.myco.com.pem
plugin.activemq.pool.1.ssl.fallback = 0

# SSL security plugin settings:
securityprovider = ssl
plugin.ssl_client_cert_dir = /etc/puppetlabs/mcollective/clients
plugin.ssl_server_private = /etc/puppetlabs/mcollective/server_private.pem
plugin.ssl_server_public = /etc/puppetlabs/mcollective/server_public.pem

# Facts, identity, and classes:
identity = it-lnx-01.myco.com
factsource = yaml
plugin.yaml = /etc/puppetlabs/mcollective/facts.yaml
classesfile = /opt/puppetlabs/puppet/cache/state/classes.txt

# No additional subcollectives:
collectives = mcollective
main_collective = mcollective

# Registration:
# We don ...
(more)
edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2016-03-04 11:29:32 -0500

OK, to looks like once I copied my .mcollective.d directory structure and .mcollective file to one of the manages systems, I was able to ping all of the system as myself. So, this may be a decent example of a working set of config files for collective on puppet4.

Now I need to look into how to add the collective modules because, again, all the instructions and modules seem to be for pre-puppet4.

Thanks, James "Zeke" Dehnert

-- mailto:zdehnert@gmail.com James "Zeke" Dehnert -= Eschew Obfuscation =- "Life is racing. Everything else is just waiting"

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2016-03-03 13:05:18 -0500

Seen: 36 times

Last updated: Mar 04 '16