puppet 安装与配置
master test74
slave test72
些安装方法用在Radhad、CentOS系统 ,且操作系统版本为CentOs5 如为CentOs6等其它系统要更换下载的扩展RPM包版本
下载链接为http://yum.puppetlabs.com/el
puppet 中文WIKI http://puppet.wikidot.com/
一、Puppet的YUM安装
Master 端
1、安装扩展包
Centos5 ,可在链接中根据相应操作系统下载对应的RPM包
rpm -Uvh http://yum.puppetlabs.com/el/5/p ... ease-5-6.noarch.rpm
2、Puppet 需要 Ruby 的支持,如果要查看命令行帮助的话需要额外 ruby-rdoc 这个软件包:
yum install ruby ruby-libs ruby-rdoc ruby-shadow -y
yum install puppet puppet-server facter -y
Agent端
rpm -Uvh http://yum.puppetlabs.com/el/5/p ... ease-5-6.noarch.rpm
yum install ruby ruby-libs ruby-rdoc ruby-shadow -y
yum install puppet facter -y
基于Ruby-based的应用程序 ,可以用RUBY GEMS来安装;但要在系统安装rubygems包
yum install -y rubygems
然后执行安装pupet facter等命令为
gem install puppet facter
(这个安装方法我还没试过)
Puppet的源码安装
官方是不建议源码安装的,因为这样不利于版本升级
Installing from Source
You can also install Puppet and Facter from source tarballs. We donˇt recommend this approach
because it makes upgrading, uninstalling and generally managing Puppet across a lot of hosts difficult.
To do this youˇll need to ensure some prerequisites are installed, for example Ruby and its libraries,
using the appropriate packages for your host or via source again. First, download the Facter tarball from
the Puppet Labs site.
$ cd /tmp
$ wget http://puppetlabs.com/downloads/facter/facter-1.5.7.tar.gz
Unpack the tarball and run the install.rb script to install Facter.
$ tar -zxf facter-1.5.7.tar.gz
$ cd facter-1.5.7
# ./install.rb
This will install Facter into the default path for Ruby libraries on your host, for example
/usr/lib/ruby/ on many Linux distributions.
Next, we need to download and install Puppet using the same process:
$ cd /tmp
$ wget http://puppetlabs.com/downloads/puppet/puppet-2.6.1.tar.gz
$ tar -zxf puppet-2.6.1.tar.gz
$ cd puppet-2.6.1
# ./install.rb
Like the Facter steps, this will install Puppet into the default path for Ruby libraries on your host.
Note: You can find the latest Puppet and Facter releases at
http://projects.puppetlabs.com/p ... Downloading_Puppet.
二、安装完成后,puppet的安装目录为/etc/puppet
配置文件为/etc/puppet/puppet.conf ,如果不存在,可用如下命令生成一个简单的配置文件
puppetmasterd --getconfig >puppet.conf ,些方法切勿随便用,如果命令出错,会重写puppet.conf
设置puppet.conf中
[main]
[main]
certname=test74
设置/etc/hosts中
192.168.10.12 a.cns.com
manifests 目录中放置.pp文件,这个配置是告诉客户端怎么加载配置文件
touch /etc/puppet/manifests/site.pp
puppetmaster要对clients开放8140端口
然后执行service puppetmaster start,查看8140端口是否打开
客户端servcie puppet start
error1 :dnsdomainname: Unknown host
查看当前的host,要在/etc/hosts中正确设置
127.0.0.1 test74
vi /etc/sysconfig/puppet
PUPPET_SERVER=test74
证书
client端,提交证书puppet agent --server=test74 --no-daemonize --verbose
puppet agent --test --server test74
master端,查看需要确认的客户端
puppet cert --list
puppet cert --sign clienthost
puppet cert --sign --all
清除所有证书
uppet cert clean --all
修改HOST后,重新提交证书时会报错
See 'puppet help' for help on available puppet subcommands
[root@test72 puppet]# puppet agent --test --server test74
Error: Could not request certificate: The certificate retrieved from the master does not match the agent's private key.
Certificate fingerprint: C2:97:70:FF:56:A5:9C:0B:A2:1E:F9:C9:79:5F:60:03:10:91:D6:68:04:8F:34:34:A0:CA:81:F8:2D:8C:56:84
To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate.
On the master:
puppet cert clean test72
On the agent:
rm -f /etc/puppet/ssl/certs/test72.pem
puppet agent -t
如上,之后可以清除相关的证书
配置第一条PUPPET
puppetmaster的第一个执行的代码是在/etc/puppet/manifest/site.pp 因此这个文件必须
存在,而且其他的代码也要通过代码来调用. 现在,建立一个最简单的site.pp文件,
master端
[root@test74 manifests]# vi site.pp
node default{
file {"/tmp/temp1.txt":
content=> "hello";}
slave端将会从服务器下载默认的执行代码,在/tmp目录下生成叫做temp1.txt的文
件。
[root@test72 certs]# puppet agent --test --server test74
Info: Retrieving plugin
Info: Caching catalog for test72
Info: Applying configuration version '1364177070'
Notice: /Stage[main]//Node[default]/File[/tmp/temp1.txt]/ensure: defined content as '{md5}5d41402abc4b2a76b9719d911017c592'
Notice: Finished catalog run in 0.07 seconds
nodes.pp
node 'test72' {
include ssh
}
[root@test72 modules]# puppet agent --server=test74 --no-daemonize --verbose --onetime noop
Info: Retrieving plugin
Info: Caching catalog for test72
Info: Applying configuration version '1364177070'
Notice: Finished catalog run in 0.06 seconds
master test74
slave test72
些安装方法用在Radhad、CentOS系统 ,且操作系统版本为CentOs5 如为CentOs6等其它系统要更换下载的扩展RPM包版本
下载链接为http://yum.puppetlabs.com/el
puppet 中文WIKI http://puppet.wikidot.com/
一、Puppet的YUM安装
Master 端
1、安装扩展包
Centos5 ,可在链接中根据相应操作系统下载对应的RPM包
rpm -Uvh http://yum.puppetlabs.com/el/5/p ... ease-5-6.noarch.rpm
2、Puppet 需要 Ruby 的支持,如果要查看命令行帮助的话需要额外 ruby-rdoc 这个软件包:
yum install ruby ruby-libs ruby-rdoc ruby-shadow -y
yum install puppet puppet-server facter -y
Agent端
rpm -Uvh http://yum.puppetlabs.com/el/5/p ... ease-5-6.noarch.rpm
yum install ruby ruby-libs ruby-rdoc ruby-shadow -y
yum install puppet facter -y
基于Ruby-based的应用程序 ,可以用RUBY GEMS来安装;但要在系统安装rubygems包
yum install -y rubygems
然后执行安装pupet facter等命令为
gem install puppet facter
(这个安装方法我还没试过)
Puppet的源码安装
官方是不建议源码安装的,因为这样不利于版本升级
Installing from Source
You can also install Puppet and Facter from source tarballs. We donˇt recommend this approach
because it makes upgrading, uninstalling and generally managing Puppet across a lot of hosts difficult.
To do this youˇll need to ensure some prerequisites are installed, for example Ruby and its libraries,
using the appropriate packages for your host or via source again. First, download the Facter tarball from
the Puppet Labs site.
$ cd /tmp
$ wget http://puppetlabs.com/downloads/facter/facter-1.5.7.tar.gz
Unpack the tarball and run the install.rb script to install Facter.
$ tar -zxf facter-1.5.7.tar.gz
$ cd facter-1.5.7
# ./install.rb
This will install Facter into the default path for Ruby libraries on your host, for example
/usr/lib/ruby/ on many Linux distributions.
Next, we need to download and install Puppet using the same process:
$ cd /tmp
$ wget http://puppetlabs.com/downloads/puppet/puppet-2.6.1.tar.gz
$ tar -zxf puppet-2.6.1.tar.gz
$ cd puppet-2.6.1
# ./install.rb
Like the Facter steps, this will install Puppet into the default path for Ruby libraries on your host.
Note: You can find the latest Puppet and Facter releases at
http://projects.puppetlabs.com/p ... Downloading_Puppet.
二、安装完成后,puppet的安装目录为/etc/puppet
配置文件为/etc/puppet/puppet.conf ,如果不存在,可用如下命令生成一个简单的配置文件
puppetmasterd --getconfig >puppet.conf ,些方法切勿随便用,如果命令出错,会重写puppet.conf
设置puppet.conf中
[main]
[main]
certname=test74
设置/etc/hosts中
192.168.10.12 a.cns.com
manifests 目录中放置.pp文件,这个配置是告诉客户端怎么加载配置文件
touch /etc/puppet/manifests/site.pp
puppetmaster要对clients开放8140端口
然后执行service puppetmaster start,查看8140端口是否打开
客户端servcie puppet start
error1 :dnsdomainname: Unknown host
查看当前的host,要在/etc/hosts中正确设置
127.0.0.1 test74
vi /etc/sysconfig/puppet
PUPPET_SERVER=test74
证书
client端,提交证书puppet agent --server=test74 --no-daemonize --verbose
puppet agent --test --server test74
master端,查看需要确认的客户端
puppet cert --list
puppet cert --sign clienthost
puppet cert --sign --all
清除所有证书
uppet cert clean --all
修改HOST后,重新提交证书时会报错
See 'puppet help' for help on available puppet subcommands
[root@test72 puppet]# puppet agent --test --server test74
Error: Could not request certificate: The certificate retrieved from the master does not match the agent's private key.
Certificate fingerprint: C2:97:70:FF:56:A5:9C:0B:A2:1E:F9:C9:79:5F:60:03:10:91:D6:68:04:8F:34:34:A0:CA:81:F8:2D:8C:56:84
To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate.
On the master:
puppet cert clean test72
On the agent:
rm -f /etc/puppet/ssl/certs/test72.pem
puppet agent -t
如上,之后可以清除相关的证书
配置第一条PUPPET
puppetmaster的第一个执行的代码是在/etc/puppet/manifest/site.pp 因此这个文件必须
存在,而且其他的代码也要通过代码来调用. 现在,建立一个最简单的site.pp文件,
master端
[root@test74 manifests]# vi site.pp
node default{
file {"/tmp/temp1.txt":
content=> "hello";}
slave端将会从服务器下载默认的执行代码,在/tmp目录下生成叫做temp1.txt的文
件。
[root@test72 certs]# puppet agent --test --server test74
Info: Retrieving plugin
Info: Caching catalog for test72
Info: Applying configuration version '1364177070'
Notice: /Stage[main]//Node[default]/File[/tmp/temp1.txt]/ensure: defined content as '{md5}5d41402abc4b2a76b9719d911017c592'
Notice: Finished catalog run in 0.07 seconds
nodes.pp
node 'test72' {
include ssh
}
[root@test72 modules]# puppet agent --server=test74 --no-daemonize --verbose --onetime noop
Info: Retrieving plugin
Info: Caching catalog for test72
Info: Applying configuration version '1364177070'
Notice: Finished catalog run in 0.06 seconds
编辑回复