Docker image for puppet server
Autosigning is turned on in puppet.conf.
In addition, confdir is /opt/puppet/ and vardir is /opt/varpuppet/, and both the confdir and vardir are marked as data volumes in the Dockerfile. This makes it easy to use data-only containers.
- Make a data-only container first, so you can destroy the puppetmaster container without losing certs or other configuration data:
docker run -d --name puppet-data --entrypoint /bin/echo chattr/puppetmaster Data-only container for puppetmaster docker run -d --name puppetmaster -h puppet -p 8140:8140 --volumes-from puppet-data chattr/puppetmaster- Important:
docker exec puppetmaster cp -Rf /etc/puppet /opt/ - To see list of certs:
docker exec puppetmaster puppet cert list -all - To test on a client:
- Install Puppet, Hiera, Facter, and Puppet LaunchDaemon onto client
- Add the IP of your Docker host to /etc/hosts (or configure DNS so that your Docker host is reachable at "puppet"). For example:
"10.0.0.1 puppet" - Test puppet on client running as root:
# puppet agent --test
You should see the cert request being generated and autosigned.
- Verify cert signing on puppetmaster docker container:
docker exec puppetmaster puppet cert list -all - On the client, run:
# puppet agent --testagain to verify that cert exists and was confirmed. - To create manifests, place them in /opt/puppet/manifests/.