obeckham 发表于 2015-11-26 15:00:12

Puppet安装文档

  

安装前准备
  现在有两台主机 一台作为master,一台作为agent
  Master: IP 192.168.58.153 hostname : puppetmaster
Agent:IP 192.168.58.150 hostname : puppetclient
  同时编辑master和agent两台主机的文件 /etc/hosts
  添加如下两行:
  # 192.168.58.150 puppetclient.example.com puppetclient
# 192.168.58.153 puppetmaster.example.com puppetmaster
  保存退出。
安装Puppet
  同时在agent和master端安装Puppet,这里是Ubuntu系统可以直接通过apt-get命令安装。
  
  Agent端(可能有多个)
  # sudo apt-get install puppet
  
  Master 端
  # apt-get install puppet puppetmaster
  
  在master端编辑目录下的site.pp文件(若没有则创建该文件)
  编辑内容如下:
  # sudo vim/etc/puppet/manifests/site.pp
  package {
  “vim”:
  ensure => installed
  }
  # Create “/tmp/testfile” if it doesn’t exist.
  class test_class {
  file {
  “/tmp/testfile”:
  ensure => present,
  mode   => 600,
  owner=> root,
  group=> root
  }
  }
  # tell puppet on which client to run the class
  node puppetclient {
  include test_class
  }
  通过上面的配置将会在agent的/tmp目录下创建testfile文件
  
  在master端启动puppetmaster:
  # sudo /etc/init.d/puppetmaster start
  
  在agent端配置puppet.conf
  
编辑/etc/puppet/puppetd.conf 添加如下内容:
  
  
  
  server = puppetmaster.example.com
  # Make sure all log messages are sent to the right directory
  # This directory must be writable by the puppet user
  logdir=/var/log/puppet
  vardir=/var/lib/puppet
  rundir=/var/run
  
  到此基本配置完毕。
  
启动和运行puppet
  在agent端以root权限进行测试
  # sudo puppet agent -–test
  
  运行结果如下:
  
warning: peer certificate won’t be verified in this SSL session
warning: peer certificate won’t be verified in this SSL session
info: Creating a new SSL certificate request for puppetclient.example.com
info: Certificate Request fingerprint (md5): 9E:3A:CB:C4:50:6D:42:CD:4E:EE:57:07:FB:AA:98:1B
warning: peer certificate won’t be verified in this SSL session
warning: peer certificate won’t be verified in this SSL session
warning: peer certificate won’t be verified in this SSL session
  backto TheServer andcheckwho iswaiting
  
  回到master端,使用root权限运行如下命令:
  
  # sudo puppetca –list
  
  运行结果如下:
  
  youseethattheclient puppetclient.example.com iswaiting
NowSignthecertificaatfrom theMaster with:
  
  现在Master用以下命令签写证书:
  # sudo puppetca --sign   puppetclient.example.com
  
  运行结果如下:
  notice: Signed certificate request for puppetclient.example.com
  notice: Removing file Puppet::SSL::CertificateRequest puppetclient.example.com at ‘/var/lib/puppet/ssl/ca/requests/puppetclient.example.com.pem’
  
  回到agent端再用以下命令进行测试:
  # sudo puppet agent -–test
  
  运行结果为:
  notice: /Stage/Test_class/File/ensure: created
  notice: Finished catalog run in 0.79 seconds
  
  这时进入Agent的/tmp目录下,发现新增文件testfile
安装成功!
页: [1]
查看完整版本: Puppet安装文档