PuppetDB 1 » Installing PuppetDB
Notes:
- After following these instructions, you should connect your puppet master(s) to PuppetDB. (If you use a standalone Puppet deployment, you will need to connect every node to PuppetDB.)
- These instructions are for platforms with official PuppetDB packages. To install on other systems, you should instead follow the instructions for installing from source.
- If this is a production deployment, review the scaling recommendations before installing. You should ensure your PuppetDB server will be able to comfortably handle your site’s load.
Step 1: Install and Configure Puppet
If Puppet isn’t fully installed and configured yet on your PuppetDB server, install it and request/sign/retrieve a certificate for the node:
Your PuppetDB server should be running puppet agent and have a signed certificate from your puppet master server. If you run puppet agent --test, it should successfully complete a run, ending with “notice: Finished catalog run in X.XX seconds.”
Note: If Puppet doesn’t have a valid certificate when PuppetDB is installed, you will have to run the SSL config script and edit the config file, or manually configure PuppetDB’s SSL credentials before the puppet master will be able to connect to PuppetDB.
Step 2: Enable the Puppet Labs Package Repository
If you didn’t already use it to install Puppet, you will need to enable the Puppet Labs package repository for your system. Follow the instructions linked below, then continue with step 3 of this guide:
Step 3: Install PuppetDB
Use Puppet to install PuppetDB.
For PE Users
$ sudo puppet resource package pe-puppetdb ensure=latest
For Open Source Users
$ sudo puppet resource package puppetdb ensure=latest
Step 4: Configure Database
If this is a production deployment, you should confirm and configure your database settings:
- Deployments of 100 nodes or fewer can continue to use the default built-in database backend, but should increase PuppetDB’s maximum heap size to at least 1 GB.
- Large deployments over 100 nodes should set up a PostgreSQL server and configure PuppetDB to use it. You may also need to adjust the maximum heap size.
You can change PuppetDB’s database at any time, but note that changing the database does not migrate PuppetDB’s data, so the new database will be empty. However, as this data is automatically generated many times a day, PuppetDB should recover in a relatively short period of time.
Step 5: Start the PuppetDB Service
Use Puppet to start the PuppetDB service and enable it on startup.
For PE Users
$ sudo puppet resource service pe-puppetdb ensure=running enable=true
For Open Source Users
$ sudo puppet resource service puppetdb ensure=running enable=true
You must also configure your PuppetDB server’s firewall to accept incoming connections on port 8081.
PuppetDB is now fully functional and ready to receive catalogs and facts from any number of puppet master servers.
Finish: Connect Puppet to PuppetDB
You should now configure your puppet master(s) to connect to PuppetDB.
If you use a standalone Puppet site, you should configure every node to connect to PuppetDB.
Troubleshooting Installation Problems
- Check the log file, and see whether PuppetDB knows what the problem is. This file will be either
/var/log/puppetdb/puppetdb.logor/var/log/pe-puppetdb/pe-puppetdb.log. - If PuppetDB is running but the puppet master can’t reach it, check PuppetDB’s jetty configuration to see which port(s) it is listening on, then attempt to reach it by telnet (
telnet <host> <port>) from the puppet master server. If you can’t connect, the firewall may be blocking connections. If you can, Puppet may be attempting to use the wrong port, or PuppetDB’s keystore may be misconfigured (see below). - Check whether any other service is using PuppetDB’s port and interfering with traffic.
- Check PuppetDB’s jetty configuration and the
/etc/puppetdb/ssl(or/etc/pe-puppetdb/ssl) directory, and make sure it has a truststore and keystore configured. If it didn’t create these during installation, you will need to run the SSL config script and edit the config file or manually configure a truststore and keystore before a puppet master can contact PuppetDB.