|
Summary:
Puppet stellate structure using C S /, all clients and one or more server interaction. (Half an hour by default) sends a request to the server for each client cycle, access to the latest configuration information, and ensure that the configuration information synchronization. Each puppet client every half hour (may be provided) to connect a server to download the latest profile, and in strict accordance with the configuration file to configure the server. After the configuration, puppet client feedback can be a message to the server. If an error occurs, also a feedback message to the server.
One, the puppet master and client installation
1. Close iptables and selinux
2, master and client hosts to add the host information
[Root @ master ~] # vi / etc / hosts
192.168.1.10 master
192.168.1.11 client
3, installed on a puppet master
1) create the relevant directory and download the required software
[Root @ master ~] # mkdir / tmp / soft /
[Root @ master ~] # cd / tmp / soft /
[Root @ master soft] # wget http://downloads.puppetlabs.com/puppet/puppet-3.5.1.tar.gz
[Root @ master soft] # wget https://downloads.puppetlabs.com/facter/facter-2.0.1.tar.gz
[Root @ master soft] # wget http://cache.ruby-lang.org/pub/ruby/2.1/ruby-2.1.2.tar.gz
2) Install ruby
[Root @ master soft] # tar fzvx ruby-2.1.2.tar.gz
[Root @ master soft] # cd ruby-2.1.2
[Root @ master ruby-2.1.2] # ./configure --prefix = / usr / local / ruby
[Root @ master ruby-2.1.2] # make && make install
# Add an environment variable
[Root @ master ruby-2.1.2] # vi /etc/profile.d/ruby.sh
export PATH = $ PATH: / usr / local / ruby / bin
[Root @ master ruby-2.1.2] # source / etc / profile
# View ruby version
[Root @ master ruby-2.1.2] # ruby -v
ruby 2.1.2p95 (2014-05-08 revision 45877) [x86_64-linux]
3) Install facter
1234 [root @ master ruby-2.1.2] # cd ..
[Root @ master soft] # tar zfvx facter-2.0.1.tar.gz
[Root @ master soft] # cd facter-2.0.1
[Root @ master facter-2.0.1] # ruby install.rb
4) Install puppet
1234567891011 [root @ master facter-2.0.1] # cd ..
[Root @ master soft] # useradd -M -s / sbin / nologin puppet
[Root @ master soft] # tar fzvx puppet-3.5.1.tar.gz
[Root @ master soft] # cd puppet-3.5.1
[Root @ master puppet-3.5.1] # ruby install.rb
[Root @ master puppet-3.5.1] # cp ext / RedHat / puppet.conf /etc/puppet/puppet.conf
[Root @ master puppet-3.5.1] # vi /etc/puppet/puppet.conf
# In the [main] added:
server = hostname of master #master
certname = hostname of master #master
pluginsync = false
5) Start puppet
[Root @ master puppet-3.5.1] # puppet master
[Root @ master puppet-3.5.1] # ps -ef | grep master
puppet 11503 1 0 12:24? 00:00:01 / usr / local / ruby / bin / ruby / usr / local / ruby / bin / puppet master
4, install puppet on the client
1) Install ruby
[Root @ client soft] # tar fzvx ruby-2.1.2.tar.gz
[Root @ client soft] # cd ruby-2.1.2
[Root @ client ruby-2.1.2] # ./configure --prefix = / usr / local / ruby
[Root @ client ruby-2.1.2] # make && make install
# Add an environment variable
[Root @ client ruby-2.1.2] # vi /etc/profile.d/ruby.sh
export PATH = $ PATH: / usr / local / ruby / bin
[Root @ client ruby-2.1.2] # source / etc / profile
# View ruby version
[Root @ client ruby-2.1.2] # ruby -v
ruby 2.1.2p95 (2014-05-08 revision 45877) [x86_64-linux]
2) Install facter
[Root @ client ruby-2.1.2] # cd ..
[Root @ client soft] # tar zfvx facter-2.0.1.tar.gz
[Root @ client soft] # cd facter-2.0.1
3) Install puppet
[Root @ client facter-2.0.1] # cd ..
[Root @ client soft] # useradd -M -s / sbin / nologin puppet
[Root @ client soft] # tar fzvx puppet-3.5.1.tar.gz
[Root @ client soft] # cd puppet-3.5.1
[Root @ client puppet-3.5.1] # ruby install.rb
[Root @ client puppet-3.5.1] # cp ext / redhat / puppet.conf /etc/puppet/puppet.conf
[Root @ client puppet-3.5.1] # vi /etc/puppet/puppet.conf
# In the [main] added:
server = hostname of master #master
pluginsync = false
Two, puppet Certificate
puppet for safety, using ssl tunnel traffic, and therefore need to apply for a certificate to verify.
1) Client agent connection server
[Root @ client ~] # puppet agent --server = master
2) See application for a certificate request on the master
[Root @ master ~] # puppet cert --list
"Client" (SHA256) 02: EC: D4: CD: 02: 29: D2: 31: 3A: CA: 9A: 56: BD: 4C: 85: 71: 6A: 8B: 80: EB: E5: 96: 5D: 97: 41: C5: 89: F5: 23: B9: F6: 97
3) the issuance of a certificate on the master
[Root @ master ~] # puppet cert --sign client
Notice: Signed certificate request for client
Notice: Removing file Puppet :: SSL :: CertificateRequest client at '/etc/puppet/ssl/ca/requests/client.pem'
# View the certificate, "+" indicating that the signature has been successfully
[Root @ master ~] # puppet cert -all
+ "Client" (SHA256) 1F: 41: 43: 6E: 34: 0E: 69: 4D: 5C: 51: 40: 92: 57: CA: 5F: F0: 98: 58: 11: 38: D6: 2B : 46: 67: 63: 55: 6E: DC: 7E: F2: BC: BA
+ "Master" (SHA256) DF: 31: 4C: 9A: 89: FF: 34: 7B: 87: 81: 0D: 03: B8: 86: 66: 78: 44: BD: 02: 6D: C1: C9 : 1F: 0A: 27: 54: 8A: 31: 32: 47: 1F: 07
Three, the content synchronization verification
1) Create a file on the master site.pp
[Root @ master ~] # vi /etc/puppet/manifests/site.pp
node default {file { "/tmp/test.txt": content => "Hello, First puppet test!"}}
2) In the client machine to verify if /tmp/test.txt file generation and have content, then the function is normal.
[Root @ client ~] # puppet agent --test
Info: Caching certificate for client
Info: Caching certificate_revocation_list for ca
Info: Caching certificate for client
Info: Caching catalog for client
Info: Applying configuration version '1403072815'
Notice: /Stage[main]/Main/Node[default]/File[/tmp/test.txt]/ensure: defined content as '{md5} 390b4c389233b9ae38a84ff8c731a8a1'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.04 seconds
# Check / tmp / directory
[Root @ client ~] # cat /tmp/test.txt
Hello, First puppet test! |
|
|
|