Puppet masters can be complex beasts, with multiple components and are often managed by themselves. There are multiple reasons why you might want to bootstrap a new puppetmaster without depending on your existing one (developement, DR, etc).
In my environment, the puppetmaster is managed with a combination of the following modules:
Getting to a position where our puppetmaster wrapper class can be applied using puppet apply takes some care. The final result can be see at bootstrap.sh in our puppet repo, Interesting things to note are:
- Trying to apply
theforeman/puppetto install a puppetmaster can lead to strange, inconsistant SSL (ca) certificates. The simplist fix I’ve found is to install the puppetmaster package via yum, then start and stop the puppmaster service to generate the keys before continuing - A combination of the modules will not apply cleanly in one run. Experience has shown that 3 runs are needed before the postgres database is created. At which point the database needs to be populated (either by seeding it or restoring from your DR backups). Then a final run is needed.