Puppet 3.7 使用PuppetDB做数据仓库

3qwe

1. 环境准备

   OS：CentOS 6.4

   关闭selinux和iptables

   部署Puppet：1.0 Puppet 3.7部署

   安装Puppet源：http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm


   完成PuppetMaster/Agent的部署，证书签署...

   PuppetDB是一个数据仓库，可以通过RESTful HTTP的方式查询nodes、facter、report、catalog、resources等信息..


2. 安装PuppetDB

   以下操作在Puppet Master执行

        
yum install puppetdb puppetdb-terminus -y
/etc/init.d/puppetdb start


#在Puppet Master的配置中增加.
/etc/puppet/puppet.conf
[master]
  storeconfigs = true
  storeconfigs_backend = puppetdb
   
cat > /etc/puppet/puppetdb.conf <<EOF
[main]
   server = master.dbsa.cn
   port = 8081
   soft_write_failure = false
EOF


cat > /etc/puppet/routes.yaml <<EOF
---
master:
  facts:
    terminus: puppetdb
    cache: yaml
EOF

   

    查看日志..，PuppetDB 启动是比较慢的，要耐心等待。。。

        
[iyunv@master puppet]# tail -f /var/log/puppetdb/puppetdb.log
2014-12-03 23:46:50,620 INFO  [c.p.p.command] [5145b424-a8a2-45c9-8859-19a6b8afbd9f] [replace facts] agent1.dbsa.cn
2014-12-03 23:46:50,857 INFO  [c.p.p.command] [b95dbbce-0d08-45f1-9db6-ed1e19aac8e7] [replace catalog] agent1.dbsa.cn


    生产数据库建议将PuppetDB的内存使用加大到1G左右..
1
        
cat /etc/sysconfig/puppetdb |grep -E '(JAVA_ARGS|Xmx)' --color



3. 更换数据库为PostgreSQL。

    默认的KahaDB之适合100个左右的节点连接

        
yum install postgresql-server -y

sed -i '/^classname/ s/org.hsqldb.jdbcDriver/org.postgresql.Driver/' /etc/puppetdb/conf.d/database.ini
sed -i '/^subprotocol/ s/hsqldb/postgresql/' /etc/puppetdb/conf.d/database.ini
sed -i '/^subname/ s@= .*@=  //localhost:5432/puppetdb@' /etc/puppetdb/conf.d/database.ini
sed -i 's/# username =.*/username = puppetdb/' /etc/puppetdb/conf.d/database.ini
sed -i 's/# password =.*/password = #你的密码#/' /etc/puppetdb/conf.d/database.ini

service postgresql initdb
/etc/init.d/postgresql start

#创建用户，输入密码<就是上面的密码..>..然后创建一个库
sudo -u postgres sh
createuser -DRSP puppetdb
createdb -E UTF8 -O puppetdb puppetdb
exit

#如果使用PostgreSQL 9.3
sudo -u postgres sh
psql puppetdb -c 'create extension pg_trgm'
exit

#更改为允许网络连接使用MD5认证
sed -i '/^local/ s/ident/md5/' /var/lib/pgsql/data/pg_hba.conf
sed -i '/^host/ s/ident/md5/' /var/lib/pgsql/data/pg_hba.conf

service postgresql restart
psql -h localhost puppetdb puppetdb
service puppetdb restart



4. 查询PuppetDB

   通过HTTPS方式查询..

#通过facter接口：查询所有的facts
curl -X GET -k --key /var/lib/puppet/ssl/private_keys/$HOSTNAME.pem  --cert /var/lib/puppet/ssl/certs/$HOSTE.pem 'https://master.dbsa.cn:8081/v4/facts'  

#通过facter接口：查询指定主机的指定facters
curl -X GET --key /var/lib/puppet/ssl/private_keys/$HOSTNAME.pem  --cert /var/lib/puppet/ssl/certs/$HOSTNAMem -k 'https://master.dbsa.cn:8081/v4/facts/architecture' --data-urlencode 'query=["=", "certname", "agent1.dbsa.cn"]'  

#通过nodes接口：查询所有主机
curl -X GET --key /var/lib/puppet/ssl/private_keys/$HOSTNAME.pem  --cert /var/lib/puppet/ssl/certs/$HOSTNAMem -k 'https://master.dbsa.cn:8081/v4/nodes'  

#更多API信息请查看：
https://docs.puppetlabs.com/puppetdb/2.2/api/