刚研究出来的 算做个记录吧 puppet的作用自己查查吧 服务器多了起来 相信它可以帮你我告别那些重复没有太多技术含量的工作
- puppet的安装以及简单的应用
- 参考连接 http://chinaapp.sinaapp.com/thread-2062-1-1.html
- http://chinaapp.sinaapp.com/thread-2062-1-1.html
- http://blog.csdn.net/kumu_linux/article/details/7655043
- http://gehailong.blog.51cto.com/765312/754711
- 对应的yum源 http://yum.puppetlabs.com/el/5/products/x86_64/
- 系统配置:centos5.4 64bit selinux 0 iptables关闭
- 服务端ip 192.168.202.132 hostnmae: master.puppet.com
- 客户端ip 192.168.202.133 hostname: client1.puppet.com
- ############################ puppet服务端配置
- 一 修改主机名
- [root@master ~]# vim/etc/sysconfig/network
- NETWORKING=yes
- NETWORKING_IPV6=no
- HOSTNAME=master.puppet.com
- 修改hosts文件
- [root@master ~]# vim /etc/hosts
- # Do not remove the following line, or various programs
- # that require network functionality will fail.
- 127.0.0.1 localhost.localdomain localhost
- ::1 localhost6.localdomain6 localhost6
- 192.168.202.132 master.puppet.com master
- 192.168.202.133 clent1.puppet.com client1
- 使修改生效
- /etc/init.d/network restart
- 二安装ruby环境
- 1 首先导入系统对应的yum源 里面包含ruby puppet-server puppet facter
- rpm -ivh http://yum.puppetlabs.com/el/5/products/x86_64/puppetlabs-release-5-5.noarch.rpm
- root@clent1 tmp]# cd /etc/yum.repos.d/
- [root@clent1 yum.repos.d]# ls
- CentOS-Base.repo CentOS-Media.repo puppetlabs.repo(会生成这个)
- 2 安装ruby 我安装的是这么多 之前用源码安装的没有安装shadow augeas 然后连接报错(不知跟这有没有关系)
- yum install ruby.x86_64 ruby-augeas.x86_64 ruby-devel.x86_64 ruby-docs.x86_64 ruby-irb.x86_64 ruby-libs.x86_64 ruby-rdoc.x86_64 ruby-shadow.x86_64
- 3 检测是否安装成功
- [root@clent1 tmp]# ruby -v
- ruby 1.8.5 (2006-08-25) [x86_64-linux]
- 三安装puppet-server
- 1 这里会安装facter puppet puppet-server
- yum install puppet-server
- 2启动服务
- /etc/init.d/puppetmaster start
- [root@master manifests]# ps -ef | grep puppet
- puppet 21293 1 0 23:08 ? 00:00:04 /usr/bin/ruby /usr/sbin/puppetmasterd
- root 22301 20746 0 23:46 pts/5 00:00:00 grep puppet
- #############################客户端配置
- 一 修改主机名
- [root@master ~]# vim/etc/sysconfig/network
- NETWORKING=yes
- NETWORKING_IPV6=no
- HOSTNAME=clent1.puppet.com
- 修改hosts文件
- [root@master ~]# vim /etc/hosts
- # Do not remove the following line, or various programs
- # that require network functionality will fail.
- 127.0.0.1 localhost.localdomain localhost
- ::1 localhost6.localdomain6 localhost6
- 192.168.202.132 master.puppet.com master
- 192.168.202.133 clent1.puppet.com client1
- 使修改生效
- /etc/init.d/network restart
- 二安装ruby环境
- 1 首先导入系统对应的yum源 里面包含ruby puppet-server puppet facter
- rpm -ivh http://yum.puppetlabs.com/el/5/products/x86_64/puppetlabs-release-5-5.noarch.rpm
- root@clent1 tmp]# cd /etc/yum.repos.d/
- [root@clent1 yum.repos.d]# ls
- CentOS-Base.repo CentOS-Media.repo puppetlabs.repo(会生成这个)
- 2 安装ruby 我安装的是这么多 之前用源码安装的没有安装shadow augeas 然后连接报错(不知跟这有没有关系)
- yum install ruby.x86_64 ruby-augeas.x86_64 ruby-devel.x86_64 ruby-docs.x86_64 ruby-irb.x86_64 ruby-libs.x86_64 ruby-rdoc.x86_64 ruby-shadow.x86_64
- 3 检测是否安装成功
- [root@clent1 tmp]# ruby -v
- ruby 1.8.5 (2006-08-25) [x86_64-linux]
- 三安装puppet
- 这里会安装facter puppet
- yum install puppet
- 客户端执行 申请证书(测试的时候最好把selinux iptables关闭)
- [root@clent1 ~]# puppetd --server master.puppet.com --test (下面这中信息是没有错误的)
- info: Creating a new SSL key for clent1.puppet.com
- info: Caching certificate for ca
- info: Creating a new SSL certificate request for clent1.puppet.com
- info: Certificate Request fingerprint (md5): FB:5C:3F:C9:1E:DD:62:79:82:81:C3:20:2C:71:58:3C
- Exiting; no certificate found and waitforcert is disabled
- 然后服务端颁发证书执行
- [root@master ~]# puppetca --list 查看那些主机需要连接
- "clent1.puppet.com" (FB:5C:3F:C9:1E:DD:62:79:82:81:C3:20:2C:71:58:3C)
- [root@master ~]# puppetca -s client1.puppet.com 颁发证书报错
- err: Could not call sign: Could not find certificate request for client1.puppet.com
- Could not find certificate request for client1.puppet.com
- [root@master ~]# puppetca --list
- "clent1.puppet.com" (FB:5C:3F:C9:1E:DD:62:79:82:81:C3:20:2C:71:58:3C)
- [root@master ~]# puppetca --sign client1.puppet.com 用这种方法还是不行
- err: Could not call sign: Could not find certificate request for client1.puppet.com
- Could not find certificate request for client1.puppet.com
- [root@master ~]# puppetca -s -a 用这个方法颁发证书 提示如下表明正确
- notice: Signed certificate request for clent1.puppet.com
- notice: Removing file Puppet::SSL::CertificateRequest clent1.puppet.com at '/var/lib/puppet/ssl/ca/requests/clent1.puppet.com.pem'
- 然后客户端执行如下操作 获得证书
- [root@clent1 ~]# puppetd --server master.puppet.com --test
- Exiting; no certificate found and waitforcert is disabled
- [root@clent1 ~]# puppetd --server master.puppet.com --test
- info: Caching certificate for clent1.puppet.com
- info: Caching certificate_revocation_list for ca
- info: Caching catalog for clent1.puppet.com
- info: Applying configuration version '1346739497'
- info: Creating state file /var/lib/puppet/state/state.yaml
- notice: Finished catalog run in 0.04 seconds
- ********简单的测试看是否成功
- puppet服务端
- cd /etc/puppet/manifests
- 新建一个文件site.pp 内容如下 (就是建立一个文件 /tmp/a.txt内容为content对应的 对应的权限 所有者 所有组)
- [root@master manifests]# vim site.pp
- node default {
- file{"/tmp/a.txt":
- content => "helo,I am abc.bbb!abc.aaa \n bbbbbb \n cccc \n dddd \n",
- ensure => present,
- mode => 644,
- owner => root,
- group => root,
- }
- }
- 客户端
- [root@clent1 ~]# puppetd --server master.puppet.com --test 看到如下信息 提示创建了/tmp/a.txt
- info: Caching catalog for clent1.puppet.com
- info: Applying configuration version '1346739912'
- notice: /Stage[main]//Node[default]/File[/tmp/a.txt]/ensure: created
- notice: Finished catalog run in 0.06 seconds
- 看看内容 权限是不是正确
- [root@clent1 tmp]# ll
- total 52
- -rw-r--r-- 1 root root 50 Sep 3 23:25 a.txt
- drwx------ 2 root root 4096 Sep 3 20:33 gconfd-root
- srwxr-xr-x 1 root root 0 Sep 3 20:25 mapping-root
- drwxr-xr-x 2 root root 4096 Sep 4 2012 vmware-config0
- drwxrwxrwt 2 root root 4096 Sep 4 2012 VMwareDnD
- drwxr-xr-x 2 root root 4096 Sep 4 2012 vmware-file-mod0
- drwx------ 2 root root 4096 Sep 3 20:37 vmware-root
- [root@clent1 tmp]# cat a.txt
- helo,I am abc.bbb!abc.aaa
- bbbbbb
- cccc
- dddd
- 刚研究出来 这只是简单的应用
