0
votes

I am trying to configure the puppet server and agent making my local laptop with ubuntu 18.04 as puppet server and aws ec2 instance as puppet agent. When trying to do so i am facing the issues related to hostname adding in /etc/hosts file and whether to use the public ip or private ip address and how to do the final configuration and make this work.

I have used the public ip and public dns of both the system to specify in the /etc/hosts file but when trying to run the puppet agent --test from the agent getting the error as temporary failure in name resolution and connecting to https://puppet:8140 failed. I am using this for a project and my setup needs to remain like this.

2
Without knowing your laptop's network configuration (whether it is behind your home router or corporate LAN) it is difficult to comment. In either case traffic from outside cannot reach your laptop. Try making your laptop as agent and EC2 instance as server which should work if you tweak the security group correctly. - helloV
You can check my answer which uses SSH tunnel, with that you can run the puppet server on your laptop and also avoid the trouble of configuring any security group :) - vik-y

2 Answers

1
votes

The connection is initiated from the Puppet agent to the PE server, so the agent is going to be looking for your laptop, even if you have the details of your laptop in the hosts file it probably has no route back to your laptop across the internet as the IP of your laptop was probably provided by your router at home.

Why not build your Puppet master on an ec2 instance and keep it all on the same network, edit code on your laptop, push to github/gitlab and then deploy the code from there to your PE server using code-manager.

Alternatively you may be able to use a VPN to get your laptop onto the AWS VPC directly in which case it'll appear as just another node on the network and everything should work.

1
votes

The problem here is that the puppet server needs a public IP or an IP in the same network as your ec2 instance to which your puppet agent can connect to. However, there's one solution without using a VPN though it can't be permanent. You can tunnel your local port to the ec2 instance

ssh -i <pemfile-location> -R 8140:localhost:8140 username@ec2_ip -> This tunnels port 8140 on your ec2 instance to port 8140 in your localhost.

Then inside your ec2 instance you can modify your /etc/hosts file to add this:

127.0.0.1    puppet 

Now run the puppet agent on your ec2 instance and everything should work as expected. Also note that if you close the ssh connection created above then the ssh tunnel will stop working.

If you want to keep the ssh tunnel open a bit more reliably then this answer might be helpful: https://superuser.com/questions/37738/how-to-reliably-keep-an-ssh-tunnel-open