一直在准备上puppet,这两天看了下puppet文档,模拟了下生产环境下puppet部署方案:

测试机器:
server: 192.168.3.68  
clinet: 192.168.3.67

命令规则:
应用_机房_地点_ip地址_服务器系统_域名
192.168.3.67    ppttest_wangsu_bj_192.168.3.67.centos.yypuppet.com
192.168.3.68    pptserver_wangsu_bj_192.168.3.68.centos.yypuppet.com

*****
本文侧重于puppet架构部署,安装过程不是本文的重点,请自行安装。
*****

主配置文件:
root@pts/2 # cat /etc/puppet/puppet.conf 
[main]
    logdir = /var/log/puppet

    rundir = /var/run/puppet

    ssldir = $vardir/ssl

[agent]
    classfile = $vardir/classes.txt

    localconfig = $vardir/localconfig
    server = pptserver_wangsu_bj_192.168.3.68.centos.yypuppet.com
[master]
    environments = yydev,yytest,yyprd 
[yydev]
modulepath = $confdir/multi-environment/yydev/environment/modules:$confdir/multi-environment/yydev/application/modules 
manifest = $confdir/multi-environment/yydev/manifests/site.pp
fileserverconfig = /etc/puppet/fileserver.conf.yydev
[yytest]
modulepath = $confdir/multi-environment/yytest/environment/modules:$confdir/multi-environment/yytest/application/modules
manifest = $confdir/multi-environment/yytest/manifests/site.pp
fileserverconfig = /etc/puppet/fileserver.conf.yytest
[yyprd]
modulepath = $confdir/multi-environment/yyprd/environment/modules:$confdir/multi-environment/yyprd/application/modules
manifest = $confdir/multi-environment/yyprd/manifests/site.pp
fileserverconfig = /etc/puppet/fileserver.conf.yyprd
为什么在每个环境下会有environment和application两个目录,其中environment目录是存放基础环境模块的,比如puppet、yum等;
而application目录是存在应用环境模块的,比如apache、mysql等。当然也可以放在同一个目录下,如果应用多的话还可以将application进行拆分,一切都是为了方便管理而考虑。


实施过程:
1: 创建多环境目录:
cd /etc/puppet 
mkdir -p multi-environment/yydev/environment/modules; mkdir -p multi-environment/yydev/application/modules
mkdir -p multi-environment/yytest/environment/modules; mkdir -p multi-environment/yytest/application/modules
mkdir -p multi-environment/yyprd/environment/modules; mkdir -p multi-environment/yyprd/application/modules
2: 创建多环境文件服务器:
cp /etc/puppet/fileserver.conf{,.yydev}; cp /etc/puppet/fileserver.conf{,.yytest}; cp /etc/puppet/fileserver.conf{,.yyprd}
3: 拷贝现有模块分别到三个环境中:
cp /etc/puppet/modules/ssh /etc/puppet/multi-environment/yydev/environment/modules
cp /etc/puppet/modules/httpd /etc/puppet/multi-environment/yydev/application/modules
cp /etc/puppet/modules/ssh /etc/puppet/multi-environment/yytest/environment/modules
cp /etc/puppet/modules/httpd /etc/puppet/multi-environment/yytest/application/modules
cp /etc/puppet/modules/ssh /etc/puppet/multi-environment/yyprd/environment/modules
cp /etc/puppet/modules/httpd /etc/puppet/multi-environment/yyprd/application/modules

4:组织架构:
cd /etc/puppet/multi-environment
tree

├── yydev
│ ├── application
│ │ └── modules
│ │     └── httpd
│ │         ├── files
│ │         │ └── 1.txt
│ │         ├── manifests
│ │         │ └── init.pp
│ │         └── templates
│ ├── environment
│ │ └── modules
│ │     ├── ssh
│ │     │ ├── files
│ │     │ │ └── sshd_config
│ │     │ ├── manifests
│ │     │ │ ├── config.pp
│ │     │ │ ├── init.pp
│ │     │ │ ├── install.pp
│ │     │ │ ├── params.pp
│ │     │ │ └── service.pp
│ │     │ └── templates
│ │     └── test
│ │         ├── files
│ │         ├── manifests
│ │         │ └── init.pp
│ │         └── templates
│ │             └── test.erb
│ └── manifests
│     ├── nodes
│     │ └── front_resin.pp
│     └── site.pp
├── yyprd
│ ├── application
│ │ └── modules
│ └── environment
│     └── modules
└── yytest
    ├── application
    │ └── modules
    └── environment
        └── modules

模块学习(ssh为例):
ssh/
├── files
│ └── sshd_config
├── manifests
│ ├── config.pp
│ ├── init.pp
│ ├── install.pp
│ └── service.pp
└── templates

root@pts/2 # cat init.pp config.pp install.pp service.pp 
class ssh {
        include ssh::install,ssh::service,ssh::config
}
class ssh::config {
        file { "/tmp/sshd_config":
        ensure => present,
        owner => 'root',
        group => 'root',
        mode => 0440,
        source => "puppet:///modules/ssh/sshd_config",
        require => Class["ssh::install"],
        notify => Class["ssh::service"],
        }
}
class ssh::install {
        package { "openssh":
        ensure => present,
        }
}
class ssh::service {
        service { "sshd": 
                ensure => running,
                hasstatus => true,
                hasrestart => true,
                enable => true,
                require => Class["ssh::config"],
        }
}

git的资料:

http://linuxadmin.blog.51cto.com/2683824/1630956

pupput加入git版本控制:

http://linuxadmin.blog.51cto.com/2683824/1633350