Puppet master/agent installation on RHEL7

陈银山 · 发表于 2015-9-16 10:13:06

　　======================================================================================================================================================
master    172.31.10.249       linux1    linux1.test.com
agent       172.31.10.220       linux2    linux2.test.com
======================================================================================================================================================
Install puppet master
　　======================================================================================================================================================
[iyunv@linux1 puppet]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.0 (Maipo)
[iyunv@linux1 ~]# hostname linux1
[iyunv@linux1 ~]# rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
[iyunv@linux1 ~]# yum list |grep puppet
puppet.noarch             3.7.2-1.el7       puppetlabs-products
puppet-server.noarch       3.7.2-1.el7       puppetlabs-products
puppetdb.noarch          2.2.2-1.el7       puppetlabs-products
puppetdb-terminus.noarch 2.2.2-1.el7       puppetlabs-products
puppetserver.noarch       0.3.0-1.el7       puppetlabs-products
ruby-shadow.x86_64       1:2.2.0-2.el7    puppetlabs-deps
rubygem-deep_merge.noarch 1.0.0-2.el7       puppetlabs-deps
rubygem-puppet-lint.noarch  0.3.2-1.el7       puppetlabs-deps
rubygem-stomp.noarch       1.3.2-1.el7       puppetlabs-deps
rubygem-stomp-doc.noarch 1.3.2-1.el7       puppetlabs-deps
[iyunv@linux1 ~]# yum install puppet-server
Installed:
  puppet-server.noarch 0:3.7.2-1.el7
　　Dependency Installed:
  augeas-libs.x86_64 0:1.1.0-12.el7    facter.x86_64 1:2.2.0-1.el7                hiera.noarch 0:1.3.4-1.el7                libselinux-ruby.x86_64 0:2.2.2-6.el7 pciutils.x86_64 0:3.2.1-4.el7
  puppet.noarch 0:3.7.2-1.el7          ruby.x86_64 0:2.0.0.353-20.el7             ruby-augeas.x86_64 0:0.5.0-1.el7          ruby-irb.noarch 0:2.0.0.353-20.el7    ruby-libs.x86_64 0:2.0.0.353-20.el7
  ruby-shadow.x86_64 1:2.2.0-2.el7    rubygem-bigdecimal.x86_64 0:1.2.0-20.el7 rubygem-io-console.x86_64 0:0.4.2-20.el7 rubygem-json.x86_64 0:1.7.7-20.el7    rubygem-psych.x86_64 0:2.0.0-20.el7
  rubygem-rdoc.noarch 0:4.0.0-20.el7 rubygems.noarch 0:2.0.14-20.el7
　　Complete!
[iyunv@linux1 puppet]# vim /etc/puppet/puppet.conf
dns_alt_names = linux1,linux1.test.com
certname = linux1.test.com
server = linux1.test.com
　　[iyunv@linux1 puppet]# ls -l /var/lib/puppet/
total 0
drwxr-x---. 2 puppet puppet 6 Oct 21 17:54 reports
drwxr-x---. 2 puppet puppet 6 Oct 21 17:54 state
[iyunv@linux1 puppet]# puppet master --verbose --no-daemonize
Info: Creating a new SSL key for ca
Info: Creating a new SSL certificate request for ca
Info: Certificate Request fingerprint (SHA256): 72:8D:7B:70:02:59:01:F7:95:C1:77:49:87:28:F6:96:23:26:A1:27:A8:DC:58:CD:34:F9:44:69:4B:D5:46:60
Notice: Signed certificate request for ca
Info: Creating a new certificate revocation list
Info: Creating a new SSL key for linux1.cn-north-1.compute.internal
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for linux1.cn-north-1.compute.internal
Info: Certificate Request fingerprint (SHA256): 8E:8C:8C:C0:E1:88:2A:E1:FF:65:E3:06:25:79:8B:B4:E3:B3:FB:34:B1:97:4E:48:70:1E:F8:C4:FD:97:72:83
Notice: linux1.cn-north-1.compute.internal has a waiting certificate request
Notice: Signed certificate request for linux1.cn-north-1.compute.internal
Notice: Removing file Puppet::SSL::CertificateRequest linux1.cn-north-1.compute.internal at '/var/lib/puppet/ssl/ca/requests/linux1.cn-north-1.compute.internal.pem'
Notice: Removing file Puppet::SSL::CertificateRequest linux1.cn-north-1.compute.internal at '/var/lib/puppet/ssl/certificate_requests/linux1.cn-north-1.compute.internal.pem'
Notice: Starting Puppet master version 3.7.2
[iyunv@linux1 puppet]# ls -l /var/lib/puppet/
total 4
drwxr-x---. 2 puppet puppet 6 Oct 29 23:49 bucket
drwxr-xr-x. 2 root root    6 Oct 29 23:49 facts.d
drwxr-xr-x. 2 root root    6 Oct 29 23:49 lib
drwxr-x---. 2 puppet puppet 6 Oct 21 17:54 reports
drwxr-x---. 2 puppet puppet 6 Oct 29 23:49 rrd
drwxr-x---. 2 puppet puppet 6 Oct 29 23:49 server_data
drwxrwx--x. 8 puppet puppet 4096 Oct 29 23:49 ssl
drwxr-xr-t. 2 puppet puppet 6 Oct 21 17:54 state
drwxr-x---. 2 puppet puppet 6 Oct 29 23:49 yaml
　　[iyunv@linux1 public_keys]# service puppetmaster start
Redirecting to /bin/systemctl start  puppetmaster.service
　　[iyunv@linux1 public_keys]# puppet cert list
　　======================================================================================================================================================
Install puppet agent
　　======================================================================================================================================================
[iyunv@linux2 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.0 (Maipo)
[iyunv@linux2 ~]# rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
Retrieving http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
warning: /var/tmp/rpm-tmp.905Pmg: Header V4 RSA/SHA1 Signature, key ID 4bd6ec30: NOKEY
Preparing...                         ################################# [100%]
Updating / installing...
1:puppetlabs-release-7-11       ################################# [100%]

[iyunv@linux2 ~]# yum install puppet
Installed:
  puppet.noarch 0:3.7.2-1.el7
　　Dependency Installed:
  augeas-libs.x86_64 0:1.1.0-12.el7          facter.x86_64 1:2.2.0-1.el7                hiera.noarch 0:1.3.4-1.el7          libselinux-ruby.x86_64 0:2.2.2-6.el7    pciutils.x86_64 0:3.2.1-4.el7
  ruby.x86_64 0:2.0.0.353-20.el7             ruby-augeas.x86_64 0:0.5.0-1.el7          ruby-irb.noarch 0:2.0.0.353-20.el7    ruby-libs.x86_64 0:2.0.0.353-20.el7    ruby-shadow.x86_64 1:2.2.0-2.el7
  rubygem-bigdecimal.x86_64 0:1.2.0-20.el7    rubygem-io-console.x86_64 0:0.4.2-20.el7    rubygem-json.x86_64 0:1.7.7-20.el7    rubygem-psych.x86_64 0:2.0.0-20.el7    rubygem-rdoc.noarch 0:4.0.0-20.el7
  rubygems.noarch 0:2.0.14-20.el7
　　Complete!
[iyunv@linux2 ~]# cat /etc/hosts
172.31.10.249 linux1  linux1.test.com
172.31.10.220 linux2  linux2.test.com
　　[iyunv@linux2 ~]# vim /etc/puppet/puppet.conf
server = linux1.test.com
certname = linux2.test.com
　　[iyunv@linux2 ~]# ls -l /var/lib/puppet/
total 0
drwxr-x---. 2 puppet puppet 6 Oct 21 17:54 reports
drwxr-x---. 2 puppet puppet 6 Oct 21 17:54 state
　　[iyunv@linux2 ~]# service puppet start
Redirecting to /bin/systemctl start  puppet.service
　　[iyunv@linux2 ~]# ls -l /var/lib/puppet/
total 0
drwxr-x---. 2 root root 6 Oct 30 02:58 clientbucket
drwxr-x---. 2 root root 6 Oct 30 02:58 client_data
drwxr-x---. 2 root root 6 Oct 30 02:58 client_yaml
drwxr-xr-x. 2 root root 6 Oct 30 02:58 facts.d
drwxr-xr-x. 2 root root 6 Oct 30 02:58 lib
drwxr-x---. 2 puppet puppet  6 Oct 21 17:54 reports
drwxrwx--x. 7 puppet puppet 96 Oct 30 02:58 ssl
drwxr-xr-t. 3 puppet puppet 19 Oct 30 02:58 state
======================================================================================================================================================
Sign cert for the agent and verify connection
　　======================================================================================================================================================
[iyunv@linux1 puppet]# puppet cert list
  "linux2.test.com" (SHA256) 9B:00:2C:3F:44:F2:D7:E1:59:D9:50:4C:EE:34:A1:ED:34:BD:1F:2B:58:BF:B6:EA:3D:60:6F:1D:FB:5B:1F:EA

[iyunv@linux1 puppet]# puppet cert sign linux2.test.com
Notice: Signed certificate request for linux2.test.com
Notice: Removing file Puppet::SSL::CertificateRequest linux2.test.com at '/var/lib/puppet/ssl/ca/requests/linux2.test.com.pem'
　　[iyunv@linux1 puppet]# tail -f /var/log/puppet/masterhttp.log
[2014-10-30 03:09:01] 172.31.10.220 - - [30/Oct/2014:03:09:01 EDT] "GET /production/certificate/linux2.test.com? HTTP/1.1" 200 1980
[2014-10-30 03:09:01] - -> /production/certificate/linux2.test.com?
[2014-10-30 03:09:01] 172.31.10.220 - - [30/Oct/2014:03:09:01 EDT] "GET /production/certificate_revocation_list/ca? HTTP/1.1" 200 991
[2014-10-30 03:09:01] - -> /production/certificate_revocation_list/ca?
[2014-10-30 03:09:01] 172.31.10.220 - - [30/Oct/2014:03:09:01 EDT] "GET /production/node/linux2.test.com?transaction_uuid=1816306d-94b3-4c84-b74c-1d3faad34648&fail_on_404=true HTTP/1.1" 200 85
[2014-10-30 03:09:01] - -> /production/node/linux2.test.com?transaction_uuid=1816306d-94b3-4c84-b74c-1d3faad34648&fail_on_404=true
[2014-10-30 03:09:01] 172.31.10.220 - - [30/Oct/2014:03:09:01 EDT] "GET /production/file_metadatas/pluginfacts?links=manage&recurse=true&ignore=.svn&ignore=CVS&ignore=.git&checksum_type=md5 HTTP/1.1" 200 278
[2014-10-30 03:09:01] - -> /production/file_metadatas/pluginfacts?links=manage&recurse=true&ignore=.svn&ignore=CVS&ignore=.git&checksum_type=md5
[2014-10-30 03:09:01] 172.31.10.220 - - [30/Oct/2014:03:09:01 EDT] "GET /production/file_metadatas/plugins?links=manage&recurse=true&ignore=.svn&ignore=CVS&ignore=.git&checksum_type=md5 HTTP/1.1" 200 278
[2014-10-30 03:09:01] - -> /production/file_metadatas/plugins?links=manage&recurse=true&ignore=.svn&ignore=CVS&ignore=.git&checksum_type=md5
[2014-10-30 03:09:02] 172.31.10.220 - - [30/Oct/2014:03:09:02 EDT] "POST /production/catalog/linux2.test.com HTTP/1.1" 200 576
[2014-10-30 03:09:02] - -> /production/catalog/linux2.test.com
[2014-10-30 03:09:02] 172.31.10.220 - - [30/Oct/2014:03:09:02 EDT] "PUT /production/report/linux2.test.com HTTP/1.1" 200 9
[2014-10-30 03:09:02] - -> /production/report/linux2.test.com
　　[iyunv@linux1 puppet]# service puppetmaster status
Oct 30 03:02:32 linux1 puppet[10681]: Notice: Starting Puppet master version 3.7.2
Oct 30 03:09:02 linux1 puppet[10681]: Notice: Compiled catalog for linux2.test.com in environment production in 0.01 seconds
　　[iyunv@linux2 puppet]# service puppet status
Oct 30 03:07:01 linux2 puppet-agent[1157]: Did not receive certificate
Oct 30 03:09:01 linux2 puppet-agent[1157]: Starting Puppet client version 3.7.2
Oct 30 03:09:02 linux2 puppet-agent[1230]: Finished catalog run in 0.01 seconds
　　[iyunv@linux2 puppet]# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for linux2.test.com
Info: Applying configuration version '1414652942'
Notice: Finished catalog run in 0.01 seconds
　　[iyunv@linux1 puppet]# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for linux1.test.com
Info: Applying configuration version '1414652942'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.01 seconds
======================================================================================================================================================
Install a module from the Forge
　　======================================================================================================================================================
[iyunv@linux1 puppet]# puppet module list
/etc/puppet/modules (no modules installed)
/usr/share/puppet/modules (no modules installed)
　　[iyunv@linux1 puppet]# puppet module search apache |grep puppetlabs
Notice: Searching https://forgeapi.puppetlabs.com ...
puppetlabs-apache                   Puppet module for Apache                                                                               @puppetlabs    apache web httpd centos rhel ubuntu ssl wsgi proxy
puppetlabs-passenger                Puppet module for Passenger                                                                            @puppetlabs    apache passenger rails rack
[iyunv@linux1 puppet]# puppet module install puppetlabs-apache
Notice: Preparing to install into /etc/puppet/modules ...
Notice: Downloading from https://forgeapi.puppetlabs.com ...
Notice: Installing -- do not interrupt ...
/etc/puppet/modules
â””â”€â”¬ puppetlabs-apache (v1.1.1)
  â”&oelig;â”€â”€ puppetlabs-concat (v1.1.2)
  â””â”€â”€ puppetlabs-stdlib (v4.3.2)

[iyunv@linux1 puppet]# puppet module list
/etc/puppet/modules
â”&oelig;â”€â”€ puppetlabs-apache (v1.1.1)
â”&oelig;â”€â”€ puppetlabs-concat (v1.1.2)
â””â”€â”€ puppetlabs-stdlib (v4.3.2)
/usr/share/puppet/modules (no modules installed)
　　[iyunv@linux1 puppet]# ls -l /etc/puppet/modules/
total 12
drwxr-xr-x. 8 root root 4096 Jul 18 14:08 apache
drwxr-xr-x. 7 root root 4096 Oct 28 15:13 concat
drwxr-xr-x. 6 root root 4096 Jul 16 17:11 stdlib
　　
other command
[iyunv@linux1 puppet]# puppet module uninstall puppetlabs-apache
[iyunv@linux1 puppet]# puppet module upgrade puppetlabs-apache --version 0.0.3
[iyunv@linux1 puppet]# puppet module install --module_repository http://dev-forge.example.com puppetlabs-apache
[iyunv@linux1 puppet]# puppet module install ~/puppetlabs-apache-0.10.0.tar.gz --ignore-dependencies
======================================================================================================================================================
https://docs.puppetlabs.com/

账号		自动登录	找回密码
密码			立即注册

大疆运维招人啦，

C++ :try 语句块和异常处理

C++的多态

Red Hat RHCE 8 (EX294) Cert Guide

Java/C++ 区别：看完这一篇，就够用！

别再用过时库了！这 13 个顶级 C++ 库才是

c++ size_t 和 int 的区别

[经验分享] Puppet master/agent installation on RHEL7

扫码加入运维网微信交流群