一.准备环境 1.修改HOSTS Vi /etc/hosts 192.168.2.95 db-s 192.168.2.101 WIN-FM3J0MA3JK4 2.关闭iptables,selinux。 # service iptables stop # chkconfig iptables off # getenforce # setenforce 0 # vi /etc/sysconfig/selinux SELINUX=disabled 3.配置时间同步 # ntpdate pool.ntp.org 二.正式安装。 1.puppet yum源 # rpm -ivhpuppetlabs-release-el-6.noarch.rpm 2.安装ruby。 # yum -y install ruby ruby-libs ruby-shadow 3.安装puppet。 # yum -y install puppet puppet-serverfacter 三.正式配置 1.启动服务 # service puppetmaster start # chkconfig puppetmaster on 2.master配置 # cp /etc/puppet/puppet.conf /etc/puppet/puppet.conf.bak # vi /etc/puppet/puppet.conf # The Puppet log directory. # Thedefault value is '$vardir/log'. logdir = /var/log/puppet ###默认存放日志路径 #Where Puppet PID files are kept. # Thedefault value is '$vardir/run'. rundir = /var/run/puppet ###pid存放路径 #Where SSL certificates are kept. # Thedefault value is '$confdir/ssl'. ssldir = $vardir/ssl ###证书存放目录,$vardir为/var/lib/puppet [agent] # Thefile in which puppetd stores a list of the classes #associated with the retrieved configuratiion. Can be loaded in # theseparate ``puppet`` executable using the ``--loadclasses`` #option. # Thedefault value is '$confdir/classes.txt'. classfile = $vardir/classes.txt #Where puppetd caches the local configuration. An #extension indicating the cache format is added automatically. # Thedefault value is '$confdir/localconfig'. localconfig = $vardir/localconfig certname = db-s server = db-s ###设置agent认证连接master端的服务器名称,此名称必须得能够解析 [master] certname = db-s ###设置puppetmaster认证服务器名称 # service puppet restart 3.angent请求。 #cd C:\Program Files\Puppet Labs\Puppet\bin # puppetagent --server db-s 请求服务端 # puppetagent --server db-s –test 4.master颁发证书。 # puppetcert list 查看请求 # puppetcert sign "WIN-FM3J0MA3JK4" 颁发证书 # puppetcert --sign –all 认证所有已请求节点 # puppet cert --list –all 查看所有
|