运维利器puppet:初步安装与配置
测试环境:vmware
Puppet_master:192.168.1.1puppetmaster.sina.com.cnNode-1:192.168.1.2node.sina.com.cn1.安装ruby和ruby相关库#Yum-yinstallrubyruby-libs中央处理器和节点都要安装#ruby-version如果返回了Ruby版本,安装成功。2.安装Facter.Puppet依赖Facter工具提供主机的信息。Facter是使用Ruby编写的,和Puppet都是由LukeKanies和Reductive实验室开发。他是一个Ruby库的交互平台,返回“facts”作为主机操作系统的信息,例如:IP地址,系统版本等。#wgethttp://www.reductivelabs.com/downloads/facter/facter-1.5.5.tgz#tar-zxvffacter-1.5.5.tar.gz-C/usr/local/src/#rubyinstall.rb#facter–version不带任何选项的运行facter将返回一个所有facts的清单,它们的值是你的主机目前可用的信息。3.安装puppet#wget http://downloads.puppetlabs.com/puppet/puppet-2.6.5.tar.gz#tar-zxvfpuppet-2.6.5.tar.gz-C/usr/local/src/#rubyinstall.rb#puppet--version返回版本号安装成功#grep'puppet'/etc/passwd如果没有请添加#/usr/sbin/useradd-s/sbin/nologin-Mpuppet添加puppet用户和组#vim/etc/puppet/manifests/site.pp配置一个简单的文件使puppetmaster能够启动#cpconf/namespaceauth.conf/etc/puppet/#cpconf/redhat/puppet.conf/etc/puppet/puppet.conf#cpconf/redhat/fileserver.conf/etc/puppet/#cpconf/redhat/server.ini/etc/init.d/puppet##客户端cpconf/redhat/client.ini/etc/init.d/puppet#chmodo+xpuppet#chkconfig--addpuppet#mkdir-p/var/lib/puppet/rrd#chown-Rpuppet.puppet/var/lib/puppet/rrd#servicepuppetstart4.启动puppet客户端#puppetd--serverpuppetd.sina.com.cn--verbose--waitforcert60连接puppetmaster开始守护并隔60秒查看从puppetmster返回的注册信息.#puppetca--list能够列出所有等待注册的请求.或:建立一个autosign.confallow*.leju.com#用于自动验证#puppetca--signnode1.sina.com.cn注册请求,请求注册成功后将看到node1中的/etc/passwdgroup已更改为bin.客户端puppet.conf添加rununterval=900listen=trueclient=falsebindaddress="192.168.1.2"server=puppet.sina.com.cnPuppetmaster:/etc/puppet下目录结构|auth.conf|fileserver.conf|puppet.conf|manifests|-modules.pp,site.pp|nodes|-node.pp|modules|-crond|-manifests|-base.pp,addcron.pp,crontab.pp|-apache|manifests|....|files|http.conf|template|...#Vimbase.ppclassgeneral{file{"stop_services":name=>"/usr/local/src/services.pl",mode=>755,owner=>root,group=>group,ensure=>present,source=>"puppet://puppetmaster.leju.com/public/services.pl",}exec{"/usr/local/src/services.pl":require=>File["stop_services"],path=>"/usr/bin/perl:/sbin",}}#此脚本是用于仅开启系统常用服务,其他服务全部关闭.具体请查看本人博客perl章节.强制客户端更新puppetrun--hostnode.sina.com.cn#注意:允许传送的文件目录一定要在fileserver.conf中允许.
[public]
Path/public
Allow*.leju.com
Allow192.168.1.0/24
声明:本站所有文章资源内容,如无特殊说明或标注,均为采集网络资源。如若本站内容侵犯了原著者的合法权益,可联系本站删除。
