puppet 基础-入门安装

puppet 专栏收录该内容
7 篇文章 0 订阅
安装前准备
1.关闭selinux,iptables,并设置ntp
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
reboot

service iptables stop

yum install -y ntpdate
当前时区调整为上海就是+8区
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
利用ntpdate同步标准时间
ntpdate us.pool.ntp.org
加入定时计划任务,每隔10分钟同步一下时钟
crontab -e
0-59/10 * * * * /usr/sbin/ntpdate us.pool.ntp.org | logger -t NTP

2.设置主机名并使服务器之间能互相解析
master机器
[root@master-192 .ssh]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=master-192.168.9.157.centos.test.com
GATEWAY=192.168.9.1
[root@master-192 .ssh]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.9.157 master-192.168.9.157.centos.test.com
192.168.9.158 app-192.168.9.158.centos.test.com
192.168.9.159 app-192.168.9.159.centos.test.com
agent机器1
[root@app-192 .ssh]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=app-192.168.9.158.centos.test.com
GATEWAY=192.168.9.1
[root@app-192 .ssh]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.9.157 master-192.168.9.157.centos.test.com
192.168.9.158 app-192.168.9.158.centos.test.com
192.168.9.159 app-192.168.9.159.centos.test.com
agent机器2
[root@app-192 .ssh]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=app-192.168.9.159.centos.test.com
GATEWAY=192.168.9.1
[root@app-192 .ssh]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.9.157 master-192.168.9.157.centos.test.com
192.168.9.158 app-192.168.9.158.centos.test.com
192.168.9.159 app-192.168.9.159.centos.test.com

3.设置公钥私钥
使服务器之间无需密码远程,过程省略。

开始安装
4.安装puppet服务

puppet不在CentOS的基本源中,需要加入 PuppetLabs 提供的官方源:
[root@master ~]# wget http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-7.noarch.rpm

[root@master ~]# rpm -ivh puppetlabs-release-6-7.noarch.rpm

[root@master ~]#yum update


在 master上安装和启用 puppet 服务:
[root@master ~]# yum install puppet-server

[root@master ~]# service puppetmaster start

Starting puppetmaster: [ OK ]


在agent上安装puppet客户端

[root@node1 ~]# yum install puppet

[root@node1 ~]# service puppet start

Starting puppet agent: [ OK ]


5.配置puppet,客户端自动认证

master

修改/etc/puppet/puppet.conf,其实只需要main和master配置就可以了。

[root@master-192 requests]# cat /etc/puppet/puppet.conf 

[main]

    #cache data,report,files backup 

    vardir = /puppet_data

    # The Puppet log directory.

    # The default value is '$vardir/log'.

    logdir = /puppet_log


    # Where Puppet PID files are kept.

    # The default value is '$vardir/run'.

    rundir = /var/run/puppet


    # Where SSL certificates are kept.

    # The default value is '$confdir/ssl'.

    ssldir = $vardir/ssl


[agent]

    # The file in which puppetd stores a list of the classes

    # associated with the retrieved configuratiion.  Can be loaded in

    # the separate ``puppet`` executable using the ``--loadclasses``

    # option.

    # The default value is '$confdir/classes.txt'.

    classfile = $vardir/classes.txt


    # Where puppetd caches the local configuration.  An

    # extension indicating the cache format is added automatically.

    # The default value is '$confdir/localconfig'.

    localconfig = $vardir/localconfig


[master]

    certname = master-192.168.9.157.centos.test.com 

    #自动认证配置

    autosign = /etc/puppet/autosign.conf

    #开启自动认证

    autosign = true


启动

[root@master-192 puppet]# service puppetmaster start

启动 puppetmaster:                                        [确定]


agent

修改/etc/puppet/puppet.conf,两个agent配置一样。

[root@app-192 ssl]# cat /etc/puppet/puppet.conf 

[main]

    # The Puppet log directory.

    # The default value is '$vardir/log'.

    logdir = /puppet_log


    # Where Puppet PID files are kept.

    # The default value is '$vardir/run'.

    rundir = /var/run/puppet


    # Where SSL certificates are kept.

    # The default value is '$confdir/ssl'.

    ssldir = $vardir/ssl


[agent]

    # The file in which puppetd stores a list of the classes

    # associated with the retrieved configuratiion.  Can be loaded in

    # the separate ``puppet`` executable using the ``--loadclasses``

    # option.

    # The default value is '$confdir/classes.txt'.

    classfile = $vardir/classes.txt


    # Where puppetd caches the local configuration.  An

    # extension indicating the cache format is added automatically.

    # The default value is '$confdir/localconfig'.

    localconfig = $vardir/localconfig

    server = master-192.168.9.157.centos.test.com


启动

[root@app-192 puppet]# service puppet start

Starting puppet agent:                                     [确定]


查看master的日志,会发现两个agent向master发起认证签名。

在master上查看证书申请

[root@master-192 requests]# puppet cert list --all

+ "app-192.168.9.158.centos.test.com"    (SHA256) A9:92:C0:F5:E3:9F:B7:6E:E4:4B:06:E7:E7:C1:93:17:6C:5B:4B:40:9E:E4:7D:2D:0B:5B:4D:B7:D1:25:F9:FE

+ "app-192.168.9.159.centos.test.com"    (SHA256) 72:7C:B3:C3:1A:A5:95:B7:F2:D7:2E:69:50:A1:0C:77:C1:E2:55:0F:FF:BD:F1:B8:29:5A:0B:AE:7C:F3:B9:ED

+ "master-192.168.9.157.centos.test.com" (SHA256) AA:AC:3D:FF:E4:50:BC:FF:CA:F7:7D:09:89:79:9F:E9:07:4D:A8:F5:64:23:C2:BA:37:B4:A2:7C:62:3B:9C:28 (alt names: "DNS:master-192.168.9.157.centos.test.com", "DNS:puppet", "DNS:puppet.168.9.157.centos.test.com")

带'+'说明已签发。


到此入门级puppet已经安装好。

  • 0
    点赞
  • 0
    评论
  • 0
    收藏
  • 打赏
    打赏
  • 扫一扫,分享海报

参与评论 您还未登录,请先 登录 后发表或查看评论
©️2022 CSDN 皮肤主题:大白 设计师:CSDN官方博客 返回首页

打赏作者

庶龙

你的鼓励将是我创作的最大动力

¥2 ¥4 ¥6 ¥10 ¥20
输入1-500的整数
余额支付 (余额:-- )
扫码支付
扫码支付:¥2
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、C币套餐、付费专栏及课程。

余额充值