Puppet安装文档

安装前准备

现在有两台主机 一台作为master，一台作为agent

Master: IP 192.168.58.153 hostname : puppetmaster
Agent:  IP 192.168.58.150 hostname : puppetclient

同时编辑master和agent两台主机的文件 /etc/hosts 

添加如下两行：

# 192.168.58.150 puppetclient.example.com puppetclient
# 192.168.58.153 puppetmaster.example.com puppetmaster

保存退出。

安装Puppet

同时在agent和master端安装Puppet,这里是Ubuntu系统可以直接通过apt-get命令安装。

 

Agent端（可能有多个）

# sudo apt-get install puppet

 

Master 端

# apt-get install puppet puppetmaster

 

在master端编辑目录下的site.pp文件(若没有则创建该文件)

编辑内容如下：

# sudo vim  /etc/puppet/manifests/site.pp

package {

“vim”:

ensure => installed

}

# Create “/tmp/testfile” if it doesn’t exist.

class test_class {

file {

               “/tmp/testfile”:

ensure => present,

mode   => 600,

owner  => root,

group  => root

}

}

# tell puppet on which client to run the class

node puppetclient {

include test_class

}

通过上面的配置将会在agent的/tmp目录下创建testfile文件

 

在master端启动puppetmaster:

 # sudo /etc/init.d/puppetmaster start

 

在agent端配置puppet.conf

编辑/etc/puppet/puppetd.conf 添加如下内容：

 

[puppetd]

 

server = puppetmaster.example.com

# Make sure all log messages are sent to the right directory

# This directory must be writable by the puppet user

logdir=/var/log/puppet

vardir=/var/lib/puppet

rundir=/var/run

 

到此基本配置完毕。

 

启动和运行puppet

在agent端以root权限进行测试

# sudo puppet agent -–test

 

运行结果如下：

warning: peer certificate won’t be verified in this SSL session
warning: peer certificate won’t be verified in this SSL session
info: Creating a new SSL certificate request for puppetclient.example.com
info: Certificate Request fingerprint (md5): 9E:3A:CB:C4:50:6D:42:CD:4E:EE:57:07:FB:AA:98:1B
warning: peer certificate won’t be verified in this SSL session
warning: peer certificate won’t be verified in this SSL session
warning: peer certificate won’t be verified in this SSL session

back  to The  Server and  check  who is  waiting

 

回到master端，使用root权限运行如下命令：

 

# sudo puppetca –list

 

运行结果如下：

 

you  see  that  the  client puppetclient.example.com is  waiting
Now  Sign  the  certificaat  from the  Master with:

 

现在Master用以下命令签写证书：

# sudo puppetca --sign   puppetclient.example.com

 

运行结果如下：

notice: Signed certificate request for puppetclient.example.com

notice: Removing file Puppet::SSL::CertificateRequest puppetclient.example.com at ‘/var/lib/puppet/ssl/ca/requests/puppetclient.example.com.pem’

 

回到agent端再用以下命令进行测试：

# sudo puppet agent -–test

 

运行结果为：

notice: /Stage[main]/Test_class/File[/tmp/testfile]/ensure: created

notice: Finished catalog run in 0.79 seconds

 

这时进入Agent的/tmp目录下，发现新增文件testfile

安装成功！