Puppet日志管理系统———以Web方式管理Puppet
系统环境:rhel6.5 selinux and iptables disabled
sever:172.25.44.33 server3.example.com puppet master
client:172.25.44.44 server4.example.com puppet agent
client:172.25.44.55 server5.example.com puppet agent
1.puppet dashboard安装并解决依赖性
rpm -ivh rubygem-rake-0.8.7-2.1.el6.noarch.rpm ruby-mysql-2.8.2-1.el6.x86_64.rpm ##两个软件包要同时装,才能解决依赖性 yum install -y puppet-dashboard-1.2.23-1.el6.noarch.rpm cd /usr/share/puppet-dashboard/config/ vim database.yml production: ##只留下生产环境的配置 database: dashboard_production username: dashboard password: westos encoding: utf8 adapter: mysql vim test.sql ##配置检测的数据库 CREATE DATABASE dashboard_production CHARACTER SET utf8; CREATE USER 'dashboard'@'localhost' IDENTIFIED BY 'westos'; GRANT ALL PRIVILEGES ON dashboard_production.* TO 'dashboard'@'localhost'; vim settings.yml time_zone: 'Beijing' ##更改时区为北京 /etc/init.d/mysqld start mysql < test.sql ##将检测的数据库导入 rake RAILS_ENV=production db:migrate ##建立Dashborad所需要的数据库和表 mysql mysql> show databases; +----------------------+ | Database | +----------------------+ | information_schema | | dashboard_production | | mysql | | test | +----------------------+ 4 rows in set (0.00 sec) mysql> use dashboard_production; mysql> show tables; +--------------------------------+ | Tables_in_dashboard_production | +--------------------------------+ | delayed_job_failures | | delayed_jobs | | metrics | | node_class_memberships | | node_classes | | node_group_class_memberships | | node_group_edges | | node_group_memberships | | node_groups | | nodes | | old_reports | | parameters | | report_logs | | reports | | resource_events | | resource_statuses | | schema_migrations | | timeline_events | +--------------------------------+ 18 rows in set (0.00 sec) mysql> quit Bye /etc/init.d/puppet-dashboard restart chmod 666 /usr/share/puppet-dashboard/log/production.log /etc/init.d/puppetmaster start /etc/init.d/puppet-dashboard-workers start
2.实时报告汇总
在server端: vim /etc/puppet/puppet.conf [main] #添加以下两项 reports = http reporturl = http://172.25.44.33:3000/reports /etc/init.d/puppet-dashboard restart 在client端: vim /etc/sysconfig/puppet # The puppetmaster server PUPPET_SERVER=server3.example.com # If you wish to specify the port to connect to do so here PUPPET_PORT=8140 # Where to log to. Specify syslog to send log messages to the system log. PUPPET_LOG=/var/log/puppet/puppet.log vim /etc/puppet/puppet.conf [agent] report = true runinterval = 60 ##60s与服务器同步一次 /etc/init.d/puppet restart 访问http://172.25.44.33:3000 ,如图:
3.整合Nginx与Passenger
puppet 默认使用基于 Ruby 的 WEBRickHTTP 来处理 HTTPS 请求,单个服务器使用Apache/Nginx+Passenger 替换掉 WEBRickHTTP,Passenger 是用于将 Ruby 程序进行嵌入执行的Apache 模块,实现对 puppet 的负载均衡。
gem install passenger-5.0.15.gem rack-1.6.4.gem tar zxf nginx-1.9.14.tar.gz -C /mnt/ passenger-config --root yum install gcc gcc-c++ libcurl-devel openssl-devel zlib-devel passenger-install-nginx-module 如图:
vim /opt/nginx/conf/nginx.conf worker_processes 1; worker_cpu_affinity 01; events { worker_connections 4096; } server { listen 8140; server_name server3.example.com; root /etc/puppet/rack/public; passenger_enabled on; passenger_set_header X_CLIENT_DN $ssl_client_s_dn; passenger_set_header X_CLIENT_VERIFY $ssl_client_verify; ssl on; ssl_session_timeout 5m; ssl_certificate /var/lib/puppet/ssl/certs/server3.example.com.pem; ssl_certificate_key /var/lib/puppet/ssl/private_keys/server3.example.com.pem; ssl_client_certificate /var/lib/puppet/ssl/ca/ca_crt.pem; ssl_crl /var/lib/puppet/ssl/ca/ca_crl.pem; ssl_verify_client optional; ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA; ssl_prefer_server_ciphers on; ssl_verify_depth 1; ssl_session_cache shared:SSL:128m; } mkdir /etc/puppet/rack/public -p cd /etc/puppet/rack/ mkdir tmp cp /usr/share/puppet/ext/rack/config.ru /etc/puppet/rack/ chown puppet.puppet /etc/puppet/rack/ -R /etc/init.d/puppetmaster stop ##puppetmaster不需要启动,nginx启动时会自动调用puppet /opt/nginx/sbin/nginx -t ##检测 /opt/nginx/sbin/nginx ##开启nginx netstat -antple ##查看nginx是否接管8140端口 如图:
访问:http://172.25.44.33:3000/nodes/1
如图:
转载于:https://blog.51cto.com/jeffrey13/1830889