3.4.2. Installing SIMP From A Repository

Using the official SIMP YUM repositories is the simplest method for getting up and running with SIMP on an existing infrastructure. If you are using a virtual infrastructure, such as AWS, Microsoft Azure, Google Cloud, or your own internal VM stack, this is the method that you will want to use.

Note

This method does not modify your system’s partitioning scheme or encryption scheme to meet any regulatory policies. If you want an example of what that should look like see the Kickstart files in the simp-core Git repository.

3.4.2.1. Enable EPEL

Note

RHEL systems will need to enable the EPEL Repositories manually.

$ sudo yum install epel-release -y
$ sudo yum install pygpgme yum-utils -y

3.4.2.2. Install The SIMP-Project Repositories

Add the following to /etc/yum.repos.d/simp-project.repo, replacing 6 with the appropriate version of SIMP. If the repo file does not exist, create it. The repo file contents for SIMP 6.X is shown below.

If you don’t know what versions map together, please see the SIMP Version Guide.

Important

RHEL Users should replace $releasever below with the actual release version.

This would be 7 for RHEL 7 and 6 for RHEL 6

Note

The ‘dependencies’ repository may contain items from external vendors, most notably Puppet, Inc. and EPEL but may also contain non-SIMP project files that have been compiled for distribution.

Warning

The whitespace and alignment shown before the additional gpgkey values must be preserved

[simp-project_6_X]
name=simp-project_6_X
baseurl=https://packagecloud.io/simp-project/6_X/el/$releasever/$basearch
gpgcheck=1
enabled=1
gpgkey=https://raw.githubusercontent.com/NationalSecurityAgency/SIMP/master/GPGKEYS/RPM-GPG-KEY-SIMP
       https://download.simp-project.com/simp/GPGKEYS/RPM-GPG-KEY-SIMP-6
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

[simp-project_6_X_dependencies]
name=simp-project_6_X_dependencies
baseurl=https://packagecloud.io/simp-project/6_X_Dependencies/el/$releasever/$basearch
gpgcheck=1
enabled=1
gpgkey=https://raw.githubusercontent.com/NationalSecurityAgency/SIMP/master/GPGKEYS/RPM-GPG-KEY-SIMP
       https://download.simp-project.com/simp/GPGKEYS/RPM-GPG-KEY-SIMP-6
       https://yum.puppet.com/RPM-GPG-KEY-puppetlabs
       https://yum.puppet.com/RPM-GPG-KEY-puppet
       https://apt.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG-96
       https://artifacts.elastic.co/GPG-KEY-elasticsearch
       https://grafanarel.s3.amazonaws.com/RPM-GPG-KEY-grafana
       https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-$releasever
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

3.4.2.3. Rebuild The Yum Cache

$ sudo yum makecache

3.4.2.4. Install the SIMP Server

  1. Select the simp-adapter package appropriate for the version of Puppet you will be using

    • simp-adapter-foss: Version appropriate for FOSS Puppet
    • simp-adapter-pe: Version appropriate for Puppet Enterprise
  2. Install the simp-adapter package

    $ sudo yum install -y simp-adapter-foss
    
  3. Install the remaining SIMP packages

    $ sudo yum install -y simp
    

Note

The simp RPM installs the SIMP core Puppet modules. Breaking changes in these modules trigger a breaking change update in SIMP itself.

There are a large number of additional ‘extra’ modules that may be individually installed. Search for pupmod via yum to discover what is available.

If you wish to install all of the extra modules, you can simply run sudo yum install -y simp-extras

3.4.2.5. Next Steps

Now that your system has been installed, you should proceed to Initial SIMP Server Configuration to complete the initial setup.