Compiler: [main] server_urls = https://compiler.r13hcilrgv3uzliozghbrt20fb.bx.internal.cloudapp.net:8081/ soft_write_failure = false Master: [main] server_urls = https://puppet.r13hcilrgv3uzliozghbrt20fb.bx.internal.cloudapp.net:8081/ soft_write_failure = false

those hostnames don't match

the compiler needs to point to the master?

is there any reason to run 2 puppetdb instances when everything checks into one and you only have 1 db?

I have absolutely no clue, first time working with this

but honestly, check /etc/puppetlabs/puppetdb/conf.d/database.ini

and make sure the databases both go to the same place, and be aware you need to choose 1 puppetdb to be the upgrade master (upgrading puppetdb is a pain with multiple servers)

I have Bolt on my master, and am wanting to use the facts from the agents to leverage Bolt commands. I was told I needed Puppetdb for this.

should i remove pdb from my compiler and only have it on my master?

you do, but you should be able to point bolt at your puppetdb

should i remove the pdb from my compiler? I don't fully understand how the agents facts get into pdb on the master

My rough notes the last time I set it up on a RHEL 8 box. Some things may not be strictly necessary but it'll get you there (single PuppetDB install, no PostgreSQL replication).

Install PostgreSQL (latest stable)
<https://www.postgresql.org/download/linux/redhat/>

Install Puppet repo
<https://yum.puppetlabs.com/puppet/el/8/x86_64/puppet-release-1.0.0-15.el8.noarch.rpm>

Create psql user for Puppet
$ sudo -iu postgres
$ createuser -DRSP puppetdb
<ENTER PASSWORD YOU WILL REMEMBER>

Create the database
$ createdb -E UTF8 -O puppetdb puppetdb

Add pgsql-14/bin directory to $PATH
# vim /etc/profile.d/postgres.sh
if ! echo $PATH | grep -q /usr/pgsql-14/bin ; then
  export PATH=$PATH:/usr/pgsql-14/bin
fi

Log into PostgreSQL DB
$ sudo -iu postgres
$ psql postgres

postgres=# ALTER USER postgres WITH SUPERUSER;

Verify ALTER ROLE with
postgres=# \du

The postgres user should have Superuser in its list of role attributes

postgres=# \connect puppetdb
You are now connected to database "puppetdb" as user "postgres".
puppetdb=# CREATE EXTENSION pg_trgm;
CREATE EXTENSION
puppetdb=# \dx

Check for pg_trgm extension in output of \dx

Exit psql with \q

Edit the pg_hba.conf file
# vim /var/lib/pgsql/14/data/pg_hba.conf

Change the domain socket, IPv4, and IPv6 database and user from 'all' to 'puppetdb'

Restart postgresql-14 service

# dnf install puppetdb puppet-agent

Create the CSR for the Puppet Server to sign
# puppet agent -t

Sign and re-run `puppet agent -t` if necessary.

Edit the Puppet DB database.ini
# vim /etc/puppetlabs/puppetdb/conf.d/database.ini
Uncomment the subname, set the user name and password

Edit the Puppet DB jetty.ini
# vim /etc/puppetlabs/puppetdb/conf.d/jetty.ini
Set the 'host' parameter to 0.0.0.0 or the routable IP of the Puppet DB server
Add `client-auth = want` to the end of the file

Run `/opt/puppetlabs/bin/puppetdb ssl-setup` as root

Grant the Puppet DB JVM more memory to use
# vim /etc/sysconfig/puppetdb
Change JAVA_ARGS -Xmx value to something bigger (1G, for example).

Start/enable Puppet DB
# systemctl enable --now puppetdb
This will take a while

Edit the puppet.conf on the Puppet Server
# vim /etc/puppetlabs/puppet/puppet.conf

Under the `[master]` section, add
Grant the Puppet DB JVM more memory to use
# vim /etc/sysconfig/puppetdb
Change JAVA_ARGS -Xmx value to something bigger (1G, for example).

Start/enable Puppet DB
# systemctl enable --now puppetdb
This will take a while

Edit the puppet.conf on the Puppet Server
# vim /etc/puppetlabs/puppet/puppet.conf

Under the `[server]` section, add
storeconfigs = true
storeconfigs_backend = puppetdb

Create /etc/puppetlabs/puppet/puppetdb.conf
[main]
### Server name must match the signed certificate created with the `puppet agent` run
server_urls = <https://pdb.fqdn:8081/>

Create /etc/puppetlabs/puppet/routes.yaml
---
master:
  facts:
    terminus: puppetdb
    cache: yaml
...


Install 'puppetdb-termini' on the Puppet Server

Restart the Puppet server service

for a second there i read that as, "should I remove the PCB from my computer," and had to doublecheck what channel i was in

My rough notes the last time I set it up on a RHEL 8 box. Some things may not be strictly necessary but it'll get you there (single PuppetDB install, no PostgreSQL replication).

Install PostgreSQL (latest stable)
<https://www.postgresql.org/download/linux/redhat/>

Install Puppet repo
<https://yum.puppetlabs.com/puppet/el/8/x86_64/puppet-release-1.0.0-15.el8.noarch.rpm>

dnf install ./puppet-release-1.0.0-15.el8.noarch.rpm

# dnf install -y <https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm>

# dnf install postgresql14-server postgresql14-contrib puppetdb puppet-agent

Create psql user for Puppet
$ sudo -iu postgres
$ createuser -DRSP puppetdb
<ENTER PASSWORD YOU WILL REMEMBER>

Create the database
$ createdb -E UTF8 -O puppetdb puppetdb

Add pgsql-14/bin directory to $PATH
# vim /etc/profile.d/postgres.sh
if ! echo $PATH | grep -q /usr/pgsql-14/bin ; then
  export PATH=$PATH:/usr/pgsql-14/bin
fi

Log into PostgreSQL DB
$ sudo -iu postgres
$ psql postgres

postgres=# ALTER USER postgres WITH SUPERUSER;

Verify ALTER ROLE with
postgres=# \du

The postgres user should have Superuser in its list of role attributes

postgres=# \connect puppetdb
You are now connected to database "puppetdb" as user "postgres".
puppetdb=# CREATE EXTENSION pg_trgm;
CREATE EXTENSION
puppetdb=# \dx

Check for pg_trgm extension in output of \dx

Exit psql with \q

Edit the pg_hba.conf file
# vim /var/lib/pgsql/14/data/pg_hba.conf

Change the domain socket, IPv4, and IPv6 database and user from 'all' to 'puppetdb'

Restart postgresql-14 service

# dnf install puppetdb puppet-agent

Create the CSR for the Puppet Server to sign
# puppet agent -t

Sign and re-run `puppet agent -t` if necessary.

Edit the Puppet DB database.ini
# vim /etc/puppetlabs/puppetdb/conf.d/database.ini
Uncomment the subname, set the user name and password

Edit the Puppet DB jetty.ini
# vim /etc/puppetlabs/puppetdb/conf.d/jetty.ini
Set the 'host' parameter to 0.0.0.0 or the routable IP of the Puppet DB server
Add `client-auth = want` to the end of the file

Run `/opt/puppetlabs/bin/puppetdb ssl-setup` as root

Grant the Puppet DB JVM more memory to use
# vim /etc/sysconfig/puppetdb
Change JAVA_ARGS -Xmx value to something bigger (1G, for example).

Start/enable Puppet DB
# systemctl enable --now puppetdb
This will take a while

Edit the puppet.conf on the Puppet Server
# vim /etc/puppetlabs/puppet/puppet.conf

Under the `[master]` section, add
Grant the Puppet DB JVM more memory to use
# vim /etc/sysconfig/puppetdb
Change JAVA_ARGS -Xmx value to something bigger (1G, for example).

Start/enable Puppet DB
# systemctl enable --now puppetdb
This will take a while

Edit the puppet.conf on the Puppet Server
# vim /etc/puppetlabs/puppet/puppet.conf

Under the `[server]` section, add
storeconfigs = true
storeconfigs_backend = puppetdb

Create /etc/puppetlabs/puppet/puppetdb.conf
[main]
### Server name must match the signed certificate created with the `puppet agent` run
server_urls = <https://pdb.fqdn:8081/>

Create /etc/puppetlabs/puppet/routes.yaml
---
master:
  facts:
    terminus: puppetdb
    cache: yaml
...


Install 'puppetdb-termini' on the Puppet Server

Restart the Puppet server service

lol

so, the agents talk to the compiler, the compiler looks at the puppetdb.conf file to find the puppetdb instance to talk to

I believe puppetdb query also does, but I haven't checked that in long enough that I am unsure (I usually just curl the endpoint)

message has been deleted

My rough notes the last time I set it up on a RHEL 8 box. Some things may not be strictly necessary but it'll get you there (single PuppetDB install, no PostgreSQL replication).

Install PostgreSQL (latest stable)
<https://www.postgresql.org/download/linux/redhat/>

Install Puppet repo
<https://yum.puppetlabs.com/puppet/el/8/x86_64/puppet-release-1.0.0-15.el8.noarch.rpm>

dnf install ./puppet-release-1.0.0-15.el8.noarch.rpm

# dnf install -y <https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm>

# dnf install postgresql14-server postgresql14-contrib puppetdb puppet-agent

Create psql user for Puppet
$ sudo -iu postgres
$ createuser -DRSP puppetdb
<ENTER PASSWORD YOU WILL REMEMBER>

Create the database
$ createdb -E UTF8 -O puppetdb puppetdb

Add pgsql-14/bin directory to $PATH
# vim /etc/profile.d/postgres.sh
if ! echo $PATH | grep -q /usr/pgsql-14/bin ; then
  export PATH=$PATH:/usr/pgsql-14/bin
fi

Log into PostgreSQL DB
$ sudo -iu postgres
$ psql postgres

postgres=# ALTER USER postgres WITH SUPERUSER;

Verify ALTER ROLE with
postgres=# \du

The postgres user should have Superuser in its list of role attributes

postgres=# \connect puppetdb
You are now connected to database "puppetdb" as user "postgres".
puppetdb=# CREATE EXTENSION pg_trgm;
CREATE EXTENSION
puppetdb=# \dx

Check for pg_trgm extension in output of \dx

Exit psql with \q

Edit the pg_hba.conf file
# vim /var/lib/pgsql/14/data/pg_hba.conf

Change the domain socket, IPv4, and IPv6 database and user from 'all' to 'puppetdb'

Restart postgresql-14 service

Create the CSR for the Puppet Server to sign
# puppet agent -t

Sign and re-run `puppet agent -t` if auto signing isn't enabled.

Edit the Puppet DB database.ini
# vim /etc/puppetlabs/puppetdb/conf.d/database.ini
Uncomment the subname, set the user name and password

Edit the Puppet DB jetty.ini
# vim /etc/puppetlabs/puppetdb/conf.d/jetty.ini
Set the 'host' parameter to 0.0.0.0 or the routable IP of the Puppet DB server
Add `client-auth = want` to the end of the file

Run `/opt/puppetlabs/bin/puppetdb ssl-setup` as root

Grant the Puppet DB JVM more memory to use
# vim /etc/sysconfig/puppetdb
Change JAVA_ARGS -Xmx value to something bigger (1G, for example).

Start/enable Puppet DB
# systemctl enable --now puppetdb
This will take a while

Edit the puppet.conf on the Puppet Server
# vim /etc/puppetlabs/puppet/puppet.conf

Under the `[master]` section, add
Grant the Puppet DB JVM more memory to use
# vim /etc/sysconfig/puppetdb
Change JAVA_ARGS -Xmx value to something bigger (1G, for example).

Start/enable Puppet DB
# systemctl enable --now puppetdb
This will take a while

Edit the puppet.conf on the Puppet Server
# vim /etc/puppetlabs/puppet/puppet.conf

Under the `[server]` section, add
storeconfigs = true
storeconfigs_backend = puppetdb

Create /etc/puppetlabs/puppet/puppetdb.conf
[main]
### Server name must match the signed certificate created with the `puppet agent` run
server_urls = <https://pdb.fqdn:8081/>

Create /etc/puppetlabs/puppet/routes.yaml
---
master:
  facts:
    terminus: puppetdb
    cache: yaml
...


Install 'puppetdb-termini' on the Puppet Server

Restart the Puppet server service

hey, hey @Lumiere hey you. You.. you incredible person you

all 3 are showing up

you son of a gun

sweet!

you are amazing, thank you

btw, if your "master" is your ca and your compiler is your code node, make sure your master actually uses your compiler for puppet runs too 😄

ca_server and server are the config file options

ca_server and server are the config file options

This message was deleted.

This message was deleted.

is there any reason (I couldn't find one in any docs or tickets) that Puppet 7 for EL9 doesn't have it's release rpm in the root of the yum repo the same as every other release ? the release file is in the actual product directory on the repo, eg: https://yum.puppet.com/puppet/el/9/x86_64/index.html - why is the release file not in the root like all the other releases such as here https://yum.puppet.com/puppet/index.html