Chapter 5. Client and Server Settings for Configuration Management

An important part of Red Hat Satellite 6’s configuration process is making sure the Puppet clients (called Puppet agents) can communicate with the Puppet Server (called Puppet master) on either the internal Satellite Capsule or an external Satellite Capsule. This chapter examines how Red Hat Satellite 6 configures both the Puppet master and the Puppet agent.

5.1. Configuring Puppet on the Red Hat Satellite Server

Red Hat Satellite 6 controls the main configuration for the Puppet master on all Satellite Capsules. No additional configuration is required and it is recommended to avoid manually modify these configuration files. For example, the main /etc/puppetlabs/puppet/puppet.conf configuration file contains the following [master] section:

[master]
    autosign       = $confdir/autosign.conf { mode = 664 }
    reports        = foreman
    external_nodes = /etc/puppetlabs/code/node.rb
    node_terminus  = exec
    ca             = true
    ssldir         = /var/lib/puppet/ssl
    certname       = sat6.example.com
    strict_variables = false

    manifest       = /etc/puppetlabs/code/environments/$environment/manifests/site.pp
    modulepath     = /etc/puppetlabs/code/environments/$environment/modules
    config_version =

This section contains variables (such as $environment) that Satellite 6 uses to create configuration for different environments.

Some Puppet configuration options appear in the Satellite 6 web UI. Navigate to Administer > Settings and choose the Puppet subtab. This page lists a set of Puppet configuration options and a description of each.

5.2. Configuring Puppet agent on Provisioned Systems

As part of the provisioning process, Satellite 6 installs Puppet to the system. This process also installs the /etc/puppetlabs/puppet/puppet.conf file that configures Puppet as an agent of the Puppet master on a chosen Capsule. This configuration file is stored as a provisioning template snippet in Satellite 6. Navigate to Hosts > Provisioning templates and click the puppet.conf snippet to view it.

The default puppet.conf snippet contains the following agent configuration:

[agent]
pluginsync      = true
report          = true
ignoreschedules = true
daemon          = false
ca_server       = <%= @host.puppet_ca_server %>
certname        = <%= @host.certname %>
environment     = <%= @host.environment %>
server          = <%= @host.puppetmaster %>

This snippet contains some template variables, which are:

  • @host.puppet_ca_server and @host.certname — The certificate and certificate authority for securing Puppet communication.
  • @host.environment — The Puppet environment on the Satellite 6 Server to use for configuration.
  • @host.puppetmaster — The host containing the Puppet master. This is either the Satellite 6 Server’s internal Capsule or an external Satellite Capsule.