Chapter 4. Client and Server Settings for Configuration Management
An important part of Red Hat Satellite 6’s configuration process is making sure the Puppet clients (called Puppet agents) can communicate with the Puppet Server (called Puppet master) on either the internal Satellite Capsule or an external Satellite Capsule. This chapter examines how Red Hat Satellite 6 configures both the Puppet master and the Puppet agent.
4.1. Configuring Puppet on the Red Hat Satellite Server
Red Hat Satellite 6 controls the main configuration for the Puppet master on all Satellite Capsules. No additional configuration is required and it is recommended to avoid manually modify these configuration files. For example, the main /etc/puppet/puppet.conf configuration file contains the following [master]
section:
[master] autosign = $confdir/autosign.conf { mode = 664 } reports = foreman external_nodes = /etc/puppet/node.rb node_terminus = exec ca = true ssldir = /var/lib/puppet/ssl certname = sat6.example.com strict_variables = false manifest = /etc/puppet/environments/$environment/manifests/site.pp modulepath = /etc/puppet/environments/$environment/modules config_version =
This section contains variables (such as $environment
) that Satellite 6 uses to create configuration for different environments.
Some Puppet configuration options appear in the Satellite 6 web UI. Navigate to Administer > Settings and choose the Puppet subtab. This page lists a set of Puppet configuration options and a description of each.
4.2. Configuring Puppet agent on Provisioned Systems
As part of the provisioning process, Satellite 6 installs Puppet to the system. This process also installs the /etc/puppet/puppet.conf file that configures Puppet as an agent of the Puppet master on a chosen Capsule. This configuration file is stored as a provisioning template snippet in Satellite 6. Navigate to Hosts > Provisioning templates and click the puppet.conf
snippet to view it.
The default puppet.conf
snippet contains the following agent configuration:
[agent] pluginsync = true report = true ignoreschedules = true daemon = false ca_server = <%= @host.puppet_ca_server %> certname = <%= @host.certname %> environment = <%= @host.environment %> server = <%= @host.puppetmaster %>
This snippet contains some template variables, which are:
- @host.puppet_ca_server and @host.certname — The certificate and certificate authority for securing Puppet communication.
- @host.environment — The Puppet environment on the Satellite 6 Server to use for configuration.
- @host.puppetmaster — The host containing the Puppet master. This is either the Satellite 6 Server’s internal Capsule or an external Satellite Capsule.