Installing puppet(以CentOS为例)
参考资料:Pro puppethttp://docs.puppetlabs.com/
Installing puppet(以CentOS为例)
测试环境
Server
master.puppet.com
192.168.99.46
Client
client.puppet.com
192.168.99.47
安装
源码安装
1、下载facter,puppet(事先先安装ruby,ruby-libs,ruby-shadows)
[*]wget http://downloads.puppetlabs.com/puppet/puppet-2.7.19.tar.gz
[*]wget http://downloads.puppetlabs.com/facter/facter-1.6.11.tar.gz
2、安装puppet,facter
[*]tar xvf puppet-2.7.19.tar.gz
[*]cd puppet-2.7.19
[*]./install.rb
[*]tar xvf facter-1.6.11.tar.gz
[*]cd facter-1.6.11
[*]./install.rb
3、server/client上生成puppet用户
[*]puppetmasterd –mkusers
yum 安装
[*]##server端安装ruby,ruby-libs,ruby-shadows,puppet,puppet-server,facter##
[*]yum install ruby ruby-libs ruby-shadows puppet puppet-server facter
[*]##node 安装ruby ruby-libs ruby-shadows puppet facter ##
[*]yum install ruby ruby-libs ruby-shadows puppet facter
gem 安装
[*]##首先安装ruby ruby-libs ruby-shadows
[*]wget http://files.rubyforge.vm.bytemark.co.uk/rubygems/rubygems-1.8.24.tgz
[*]wget http://downloads.puppetlabs.com/gems/facter-1.6.7.gem
[*]wget http://downloads.puppetlabs.com/gems/puppet-2.7.12.gem
[*]tar xvf rubygems-1.8.24.tgz
[*]cd rubygems-1.8.24
[*]ruby setup.rb
[*]gem install facter-1.6.7.gem
[*]gem install puppet-2.7.12.gem
配置
Puppet 认证
Puppet是基于主机名(FQDN)的SSL认证,而且SSL认证依赖时间同步,所以server和client时间要保持一致,可以使用netdate同步时间
1、Server/client时间同步
[*]ntpdate time.nist.gov
2、配置server/client的FQDN
[*]#### ssl证书认证完成后不要修改FQDN ####
[*]## server ##
[*]hostname master.puppet.com
[*]vi /etc/sysconfig/network
[*]##HOSTNAME修改为master.puppet.com
[*]HOSTNAME=master.puppet.com
[*]## client ##
[*]Hostname agent.puppet.com
[*]vi /etc/sysconfig/network
[*]## HOSTNAME修改为agent.puppet.com
[*]HOSTNAME=agent.puppet.com
3、防火墙设置
[*]## server 端防火墙配置 ##
[*]iptables –I INPUT 2 –p tcp –dport 8140 –m state –state NEW –j ACCEPT
4、配置server/client host文件(推荐基于dns来实现)
[*]vi /etc/hosts
[*]## 添加以下内容 ##
[*]192.168.99.46master.puppet.com master
[*]192.168.99.47 agent.puppet.com agent
5、启动puppetmaster
[*]service puppetmaster start
6、验证
[*]## 在client执行下面命令进行ssl证书认证 ##
[*]puppet agent –server master.puppet.com –test –verbose –no-daemonize
[*]## server上查看证书并签证 ##
[*]puppet cert --list –all
[*]## 签证 ##
[*]puppet cert –s agent.puppet.com
页:
[1]