Try Puppet 
Search Puppet.com
Why Puppet

Puppet is the industry standard for IT automation.

Manage and automate more infrastructure and complex workflows in a simple, yet powerful way.

Customers
Open source
Cloud & Hybrid Automation

Accelerate your cloud journey with an enterprise automation platform for your hybrid estate.

Continuous Compliance

Enforce compliance across hybrid infrastructure with policy as code and model-driven automation.

Scaling DevOps

Modernize faster with Puppet DevOps consulting and infrastructure as code.

Use Cases
Integrations
ProductsEcosystem
Pricing & PackagingGet Puppet Enterprise

First 10 Nodes are free!

Custom consulting services

Get you up and running quickly with a custom solution that addresses your unique business goals and easily allows for growth as your needs evolve.

Professional services
TrainingOpen source
Support
Puppet Compass Logo
Puppet Compass

Puppet Compass is your source for learning best practices to address common business challenges.

Get started
Resource library
State of DevOps Report

Since launching our first DevOps survey in 2012, we’ve learned a lot about the power of DevOps to transform organizations.

Puppet Events
Join us for a Puppet event

It's our community that makes Puppet great. Connect with Puppet users and employees.

Virtual events
Puppet CommunityContribute content
Connect
Puppet Events
About Us

Puppet frees you to do what robots can’t. We make automation software because you’ve got better things to do.

Company
Press & news
Our voiceWorking at Puppet

Install Remediate on offline nodes

Puppet Remediate1.3
Sections

If any of your swarm nodes are offline (do not have external connectivity), you must manually import the Puppet Remediate images in order to install the product.

Before you begin

Prior to installing Remediate on any offline nodes, check that you have carried out the following prerequisite tasks:

  • Make sure you meet the system requirements for installing and running Remediate, and that you have received your license.
  • Ensure that Docker and Docker Compose are installed on the nodes where you want to install the Remediate images. If you are installing Docker Compose on Windows, ensure that you create a new Windows environment variable called COMPOSE_CONVERT_WINDOWS_PATHS and set it to 1. This enables path conversion from Windows-style to Unix-style in volume definitions.
  • Ensure that your license is added to the nodes where you want to install the Remediate images.

To install Remediate on nodes that do not have network connectivity:

  1. On a node with internet connectivity:
    1. Download the offline Remediate image bundle (https://storage.googleapis.com/remediate/stable/latest/offline/images.tar.gz)
    2. Download the offline docker-compose.yml file (https://storage.googleapis.com/remediate/stable/latest/offline/docker-compose.yml)
    Note: Skip this step if you are using your own custom Docker registry.
  2. Optionally, you can verify the image bundle and offline docker-compose.yml files signatures:
    With each Puppet Remediate release, a digital signature is created using the private key portion of an asymmetric key. You can manually validate the signature using the public key portion of the same asymmetric key.
    1. Download the offline docker-compose.yml file signature and the image bundle signature, along with the public key to the same directory as your docker-compose.yml and license file.
    2. Run the following commands: 
      openssl dgst -sha256 -verify puppet-remediate-signing-key.pub -signature docker_compose_signature docker-compose.yml

      And:

      openssl dgst -sha256 -verify puppet-remediate-signing-key.pub -signature images_signature images.tar.gz

      If the signature is valid, you will get the following response for each command: 

      Verified Ok
  3. Copy the Remediate image bundle and offline docker-compose.yml file to the offline node where you want to install Remediate.
  4. On the node where you want to install Remediate, initialize a swarm by running the following command: 
    docker swarm init
  5. Run the Docker load command: 
    docker load -i images.tar.gz
  6. Use the following command ⁠to start Remediate (replacing your-license.json with your own license): 
    docker-compose run remediate start -o --license-file ./your-license.json
    CAUTION: If you start Remediate without a license file you will not have access to the full range of Remediate functionality. If you started Remediate without a license file in error, simply stop the application by issuing the following command:
    docker-compose run remediate stop

    And start Remediate again using the --license-file parameter as outlined above.

  7. To check that the containers have started running, run this command: 
    docker ps

    The list of running containers:

    CONTAINER ID        IMAGE                                             COMMAND                  CREATED             STATUS                   PORTS                NAMES
36139cda23ca        gcr.io/puppet-discovery/pdp-go:<version>          "/app/entrypoint.sh"     3 minutes ago       Up 3 minutes (healthy)   8082/tcp, 8087/tcp   remediate_gopdp.1.w035aad0ifvu0ynaimxy64lcq
43709401f394        gcr.io/puppet-discovery/pd-storage:<version>      "storageEntryPoint.s…"   3 minutes ago       Up 3 minutes (healthy)   5432/tcp             remediate_storage.1.omv1rrd3rwhnwo3ngurgtcnxk
551b061acc98        gcr.io/puppet-discovery/licensing-api:<version>   "/entrypoint.sh"         3 minutes ago       Up 3 minutes (healthy)                        remediate_licensing.1.kdoj7s492el77rdpc2rza3fx7
43a3568e6b5a        vault:1.1.2                                       "docker-entrypoint.s…"   3 minutes ago       Up 3 minutes (healthy)   8200/tcp             remediate_vault.1.k0jgyxxi45ldn4pqadhgvjf0o
11b90d8564ef        gcr.io/puppet-discovery/identity:<version>        "/opt/jboss/tools/do…"   3 minutes ago       Up 3 minutes (healthy)   8080/tcp, 8443/tcp   remediate_identity.1.b1wkt4kx4ps107949k14ctsqx
1235fd27cbdc        gcr.io/puppet-discovery/frontdoor:<version>       "nginx -g 'daemon of…"   3 minutes ago       Up 3 minutes (healthy)   80/tcp               remediate_frontdoor.1.oib8jsr7u4z6wqxvjz02mxcxz
a3a641af5269        gcr.io/puppet-discovery/pdp-proxy:<version>       "/pdp-proxy-svc"         3 minutes ago       Up 3 minutes (healthy)   9200/tcp             remediate_export.1.uin509pnc2zb4pf3rdjr1so0x
c60250b8a2eb        gcr.io/puppet-discovery/node-ui:<version>         "/usr/src/app/entryp…"   3 minutes ago       Up 3 minutes (healthy)                        remediate_ui.1.3u0tewgou7t4hz2c46nn4mydo
f9af99dc9ca7        gcr.io/puppet-discovery/edge:<version>            "/edge-svc"              3 minutes ago       Up 3 minutes             9997/tcp             remediate_edge.1.koacwnjoce2tabwcbi73619fu
149485b54fec        gcr.io/puppet-discovery/controller:<version>      "/controller-svc"        4 minutes ago       Up 4 minutes (healthy)   9999/tcp             remediate_controller.1.mww2fm9up4lmeisjorul89hr4
f9f1ab4a029d        gcr.io/puppet-discovery/vr:<version>              "/vr-svc"                4 minutes ago       Up 4 minutes (healthy)                        remediate_vr.1.yjlliup91g4mac1bklvvw2nqq
  8. To access Remediate on a local workstation, the URL is https://localhost:8443, or port 8443 on the host where you installed Remediate.
    Note: When you first open the site, a warning message will be displayed that indicates the site certificate is untrusted. This is because Remediate uses a self-signed certificate and is expected behavior. Accept the certificate to continue.
  9. Read and accept the software license agreement.
  10. Sign in to Remediate.

    For default usernames and passwords, see Managing user access.

See an issue? Please file a JIRA ticket in our [DOCUMENTATION] project.
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.