PUPPET简单安装配置
环境:服务器端:192.168.2.60 master.king.com
客户端:192.168.2.147 slave.king.com
1、服务器端设置用户名及DNS:
# more /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=master.king.com
NETWORKING_IPV6=no
PEERNAT=no
GATEWAY=192.168.2.1
# more /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.2.60 master.king.com
192.168.2.147 slave.king.com
# more /etc/resolv.conf
search localdomain CNC
nameserver 8.8.8.8
2、安装puppet-server及puppet:
# rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
# yum -y install puppet-server
# yum -y install puppet
chkconfig puppet on
chkconfig puppetmaster on
service puppetmaster start
service puppet start
lokkit -p 8140:tcp
# puppet cert list --all
3、客户端设置用户名及DNS:
# more /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=slave.king.com
# more /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.2.60 master.king.com
192.168.2.147 slave.king.com
# more /etc/resolv.conf
# Generated by NetworkManager
search king.com
nameserver 219.141.140.10
nameserver 219.141.136.10
nameserver 8.8.8.8
4、客户端安装puppet
yum install puppet
chkconfig puppet on
service puppet start
编辑 /etc/puppet/puppet.conf, 添加一行,指定master服务器名称。
server=master.king.com
5、证书颁发:
# puppetd --server master.king.com --test
服务器端查看# puppetca -l
服务器端分发# puppetca -s slave.king.com
6、功能测试:
# more site.pp
node default {
file {"/tmp/Puppet_test.txt":
content=>"This is test of PUPPET";}
}
#service puppetmaster restart
# puppet /etc/puppet/manifests/site.pp
warning: Implicit invocation of 'puppet apply' by passing files (or flags) directly
to 'puppet' is deprecated, and will be removed in the 2.8 series.Please
invoke 'puppet apply' directly in the future.
notice: Finished catalog run in 0.02 seconds
客户端执行:
# puppetd --test --server master.king.com
info: Caching catalog for slave.king.com
info: Applying configuration version '1417576906'
notice: /Stage//Node/File/ensure: defined content as '{md5}
0d31f0cb46dc51da999298473d3d26a3'
notice: Finished catalog run in 0.03 seconds
# more Puppet_test.txt
This is test of PUPPET
7、文件分发功能:
服务器端:
# more /etc/puppet/fileserver.conf
path /tmp
allow *.king.com
# more site.pp
node default {
file {"/tmp/Puppet_test.txt":
content=>"This is test of PUPPET";}
}
file {
”/tmp/hello.sh”:
source => “puppet://master.king.com/tmp/hello.sh”,
owner => root,
group => root,
mode => 755
}
# more /tmp/hello.sh
#!/bin/bash
touch /root/bb
客户端:
# ps -ef |grep puppet
root 2513 10 10:17 ? 00:00:03 /usr/bin/ruby /usr/sbin/puppetd
root 342424460 10:47 pts/0 00:00:00 /usr/bin/ruby /usr/bin/puppet --server master.king.com
root 788524460 11:50 pts/0 00:00:00 grep puppet
# kill 2513
# puppetd --server master.king.com --test
8、文件执行功能:
服务器端:
# more site.pp
node default {
file {"/tmp/Puppet_test.txt":
content=>"This is test of PUPPET";}
}
file { "/tmp/hello.sh":
owner => root,
group => root,
source => "puppet://master.king.com/tmp/hello.sh",
mode => 755,
}
exec {
"/tmp/hello.sh":
cwd => "/tmp",
timeout => 7200,
user => root,
path => ["/sbin","/usr/sbin","/usr/local/sbin","/usr/local/bin","/usr/bin","/bin
"],
}
客户端:
# puppetd --server master.king.com --test
info: Caching catalog for slave.king.com
info: Applying configuration version '1417583652'
notice: /Stage//Exec/returns: executed successfully
notice: Finished catalog run in 0.59 seconds
# ls
hello.sh Puppet_test.txt
# more hello.sh
#!/bin/bash
touch /root/bb
# more /root/bb
9、自动同步功能:
客户端:
# vi /etc/puppet/puppet.conf
server=master.king.com
listen=true
runinterval=900
# puppetd
# ps -ef | grep puppet
root 342424460 10:47 pts/0 00:00:00 /usr/bin/ruby /usr/bin/puppet --server master.king.com
root 10270 1 15 13:17 ? 00:00:01 /usr/bin/ruby /usr/sbin/puppetd
root 1043624460 13:17 pts/0 00:00:00 grep puppet
# tail -f /var/log/messages
Dec3 13:17:39 slave puppet-agent: Reopening log files
Dec3 13:17:41 slave puppet-agent: Starting Puppet client version 2.7.25
Dec3 13:17:43 slave puppet-agent: (/Stage//Exec/returns) executed successfully
10、强制同步功能:(服务器端发起)
编辑服务器端和客户端文件/etc/puppet/namespaceauth.conf
# more /etc/puppet/namespaceauth.conf
allow *.king.com
allow *.king.com
allow *.king.com
allow *.king.com
allow *.king.com
allow *.king.com
客户端:
编辑客户端文件/etc/puppet/auth.conf,将path /run 一段添加到path / 之前
#more /etc/puppet/auth.conf
path /run
method save
allow *
# this one is not stricly necessary, but it has the merit
# to show the default policy which is deny everything else
path /
auth any
重启:
# service puppetmaster restart
# service puppet restart
服务器端强制某台客户端立即读取site.pp
# puppetrun --host slave.king.com
客户端
# tail -f /var/log/messages
Dec3 13:32:59 slave puppet-agent: triggered run
Dec3 13:33:00 slave puppet-agent: (/Stage//Exec/returns) executed successfully
Dec3 13:33:00 slave puppet-agent: Finished catalog run in 1.22 seconds
11、crontab文件管理功能:
服务器端:
# more site.pp
# Add a crontab for puppet client
cron { logrotate:
command => "/tmp/hello.sh",
user => root,
hour => 14,
minute => 22
}
客户端:
# puppetd --server master.king.com --test
notice: Ignoring --listen on onetime run
info: Caching catalog for slave.king.com
info: Applying configuration version '1417585229'
notice: /Stage//Cron/ensure: created
notice: /Stage//Exec/returns: executed successfully
notice: Finished catalog run in 6.17 seconds
# crontab -l
22 14 * * * /tmp/hello.sh
后续待补充。
页:
[1]