Prior to installing the Puppet IPS package on the master server and on the managed nodes, perform the following tasks:
Designate a server that will function as the Puppet master.
You should install and configure Puppet on the master server or servers before you install Puppet on any of the managed nodes.
Designate the managed nodes (agents).
Configure the Domain Name System (DNS) protocol on both the master and the agents so that all of the hosts can be resolved by using a fully qualified domain name. See Chapter 3, Managing DNS Server and Client Services in Working With Oracle Solaris 11.4 Directory and Naming Services: DNS and NIS.
Ensure that time-keeping on the Puppet master is configured accurately as described in the following procedure.
Perform this procedure on the Puppet master prior to installing the system/management/puppet Puppet IPS package.
Because the Puppet master server acts as the certificate authority, best practice is to configure the Network Time Protocol (NTP) to accurately keep time on the master prior to installing Puppet. Otherwise, the master could issue certificates that the agents could treat as expired. For more information about managing NTP, see Managing Clock Synchronization in Oracle Solaris 11.4.
Before You Begin
Assume the Puppet Management rights profile. Use pfedit to edit the ntp.conf file.
Copy server information from the /etc/inet/ntp.client file to /etc/inet/ntp.conf.
In this procedure, the following four time servers are specified so that a backup is available if one time server fails:
server 0.pool.ntp.org server 1.pool.ntp.org server 2.pool.ntp.org server 3.pool.ntp.org
Add the following parameters to the /etc/inet/ntp.conf file:
driftfile /var/ntp/ntp.drift statsdir /var/ntp/ntpstats/ filegen peerstats file peerstats type day enable filegen loopstats file loopstats type day enable
# ntpdate 0.pool.ntp.org
# svcadm enable ntp
# ntpq -p
You can also specify NTP configuration by using a Puppet manifest. See Writing Puppet Manifests, Classes, and Modules in Oracle Solaris.