This appendix covers how to enable incoming TCP connections to services provided by Puppet on platforms other than CentOS/RHEL 7.
If you are using an older operating system that comes with the IP tables firewall (such as CentOS 6 or Debian), you may need to invoke the iptables
command directly. For example, the command shown here must be run on a Puppet server to allow incoming connections from clients:
[
vagrant@puppetserver
~
]
$
sudo
iptables
-A
INPUT
-p
tcp
--dport
8140
-j
ACCEPT
[
vagrant@puppetserver
~
]
$
sudo
/sbin/service
iptables
save
iptables:
Saving
firewall
rules
to
/etc/sysconfig/iptables:
[
OK
]
For the Puppet Dashboard, you’ll need to enable two ports:
[
vagrant@dashserver
~
]
$
sudo
iptables
-A
INPUT
-p
tcp
--dport
443,3000
-j
ACCEPT
Ubuntu comes standard with the Uncomplicated Firewall (UFW). You can uninstall this, and install firewalld
to use the commands shown in this book:
$
sudo
apt-get
remove
ufw
$
sudo
apt-get
install
firewalld
Or you can utilize the following commands with UFW on a Puppet server:
[
vagrant@puppetserver
~
]
$
sudo
ufw
allow
8140/tcp
[
vagrant@puppetserver
~
]
$
sudo
ufw
status
numbered
For Puppet Dashboard, you’ll need to enable three ports:
[
vagrant@puppetserver
~
]
$
sudo
ufw
allow
443/tcp
[
vagrant@puppetserver
~
]
$
sudo
ufw
allow
3000/tcp
[
vagrant@puppetserver
~
]
$
sudo
ufw
status
numbered