面向云管理工具puppet的部署和文件传输测试

2025-02-27 技术教程

面向云管理工具puppet的部署和测试

系统环境：

[root@rhel6u3-102puppet]#uname-r

2.6.32-279.el6.x86_64

[root@rhel6u3-102puppet]#cat/etc/redhat-release

RedHatEnterpriseLinuxServerrelease6.3(Santiago)

一、前期准备工作1、主机名能够互相解析（DNS上或者hosts文件中能够相互解析）puppetmaster(rhel6u3-102.rsyslog.org192.168.100.102)puppetagent节点（rhel6u3-207.rsyslog.org192.168.100.207）2、系统时间必须一致注意：本地已经下载好了安装包，并且配置好了yum源二、安装puppet服务器端master

yuminstallrubyruby-libsruby-shadowcompat-readline5libselinux-rubyaugeas-libs

rpm-ivhfacter-1.6.6-1.el6.x86_64.rpmpuppet-2.6.18-3.el6.noarch.rpmpuppet-server-2.6.18-3.el6.noarch.rpmruby-augeas-0.4.1-1.el6.x86_64.rpmruby-mysql-2.8.2-1.el6.x86_64.rpmruby-shadow-1.4.1-13.el6.x86_64.rpm

客户端节点slave（无需puttet-master）

yuminstallrubyruby-libsruby-shadowcompat-readline5libselinux-rubyaugeas-libs

rpm-ivhfacter-1.6.6-1.el6.x86_64.rpmpuppet-2.6.18-3.el6.noarch.rpmruby-augeas-0.4.1-1.el6.x86_64.rpmruby-mysql-2.8.2-1.el6.x86_64.rpmruby-shadow-1.4.1-13.el6.x86_64.rpm

三、初始化puppetmaster(rhel6u3-102.rsyslog.org)配置文件路径/etc/puppet/查看配置文件方法：

sed-e'/#/d'-e'/^$/d'puppet.conf

可通过以下命令生成一个更为详细的配置文件

#puppetmasterd--genconfig>puppet.conf.out

[root@rhel6u3-102puppet]#sed-e'/#/d'-e'/^$/d'puppet.conf.out

[master]

ssldir=/var/lib/puppet/ssl

factdest=/var/lib/puppet/facts/

privatekeydir=/var/lib/puppet/ssl/private_keys

rundir=/var/run/puppet

hostcsr=/var/lib/puppet/ssl/csr_rhel6u3-102.rsyslog.org.pem

hostpubkey=/var/lib/puppet/ssl/public_keys/rhel6u3-102.rsyslog.org.pem

plugindest=/var/lib/puppet/lib

inventory_terminus=yaml

publickeydir=/var/lib/puppet/ssl/public_keys

factsource=puppet://puppet/facts/

privatedir=/var/lib/puppet/ssl/private

logdir=/var/log/puppet

libdir=/var/lib/puppet/lib

statedir=/var/lib/puppet/state

hostcert=/var/lib/puppet/ssl/certs/rhel6u3-102.rsyslog.org.pem

localcacert=/var/lib/puppet/ssl/certs/ca.pem

pluginsource=puppet://puppet/plugins

certdir=/var/lib/puppet/ssl/certs

factpath=/var/lib/puppet/lib/facter:/var/lib/puppet/facts

httplog=/var/log/puppet/http.log

requestdir=/var/lib/puppet/ssl/certificate_requests

passfile=/var/lib/puppet/ssl/private/password

hostprivkey=/var/lib/puppet/ssl/private_keys/rhel6u3-102.rsyslog.org.pem

hostcrl=/var/lib/puppet/ssl/crl.pem

authconfig=/etc/puppet/namespaceauth.conf

localconfig=/var/lib/puppet/state/localconfig

client_datadir=/var/lib/puppet/client_data

reportserver=puppet

inventory_server=puppet

ca_server=puppet

lastrunreport=/var/lib/puppet/state/last_run_report.yaml

node_name_value=rhel6u3-102.rsyslog.org

statefile=/var/lib/puppet/state/state.yaml

clientbucketdir=/var/lib/puppet/clientbucket

classfile=/var/lib/puppet/state/classes.txt

report_server=puppet

inventory_port=8140

ca_port=8140

puppetdlockfile=/var/lib/puppet/state/puppetdlock

splaylimit=1800

clientyamldir=/var/lib/puppet/client_yaml

puppetdlog=/var/log/puppet/puppetd.log

report_port=8140

lastrunfile=/var/lib/puppet/state/last_run_summary.yaml

graphdir=/var/lib/puppet/state/graphs

capub=/var/lib/puppet/ssl/ca/ca_pub.pem

csrdir=/var/lib/puppet/ssl/ca/requests

autosign=/etc/puppet/autosign.conf

cert_inventory=/var/lib/puppet/ssl/ca/inventory.txt

cacert=/var/lib/puppet/ssl/ca/ca_crt.pem

cacrl=/var/lib/puppet/ssl/ca/ca_crl.pem

signeddir=/var/lib/puppet/ssl/ca/signed

serial=/var/lib/puppet/ssl/ca/serial

ca_name=PuppetCA:rhel6u3-102.rsyslog.org

cakey=/var/lib/puppet/ssl/ca/ca_key.pem

caprivatedir=/var/lib/puppet/ssl/ca/private

capass=/var/lib/puppet/ssl/ca/private/ca.pass

cadir=/var/lib/puppet/ssl/ca

railslog=/var/log/puppet/rails.log

dblocation=/var/lib/puppet/state/clientconfigs.sqlite3

rest_authconfig=/etc/puppet/auth.conf

modulepath=/etc/puppet/modules:/usr/share/puppet/modules

yamldir=/var/lib/puppet/yaml

reportdir=/var/lib/puppet/reports

masterlog=/var/log/puppet/puppetmaster.log

server_datadir=/var/lib/puppet/server_data

config=/etc/puppet/puppet.conf

pidfile=/var/run/puppet/master.pid

manifestdir=/etc/puppet/manifests

masterhttplog=/var/log/puppet/masterhttp.log

bucketdir=/var/lib/puppet/bucket

fileserverconfig=/etc/puppet/fileserver.conf

manifest=/etc/puppet/manifests/site.pp

templatedir=/var/lib/puppet/templates

tagmap=/etc/puppet/tagmail.conf

archive_file_server=puppet

rrddir=/var/lib/puppet/rrd

rrdinterval=1800

1、修改主配置文件puppet.conf插入master字段

vim/etc/puppet/puppet.conf

[master]

certname=rhel6u3-102.rsyslog.org\\设置puppet认证服务器主机名

2、创建节点全局配置文件site.pp，文件存在，服务才能够启动

#touch/etc/puppet/manifests/site.pp

3、启动puppetmaster服务

#/etc/rc.d/init.d/puppetmasterstart

第一次测试或者调试的时候可以考虑以下方法

#puppetmaster--verbose--no-daemonize--debug

四、配置agent节点（rhel6u3-207.rsyslog.org）1、配置第一个agent节点,在main标签中添加master的主机名

vim/etc/puppet/puppet.conf

[main]

server=rhel6u3-102.rsyslog.org

2、启动agent服务

#/etc/rc.d/init.d/puppetstart

第一次测试或者调试的时候可以考虑以下方法

#puppetagent--verbose–no-daemonize

五、配置puppetmaster将搜索到的新节点进行注册

#puppetcert--list\\查看等待注册的节点

#puppetcert--signrhel6u3-207.rsyslog.org\\注册指定节点

#puppetcert--signall\\注册所有等待注册的节点

六、在puppetmaster创建一个puppet配置1、创建第一个puppet配置1）定义全局配置site.pp文件,并创建import的目录

#vim/etc/puppet/manifests/site.pp

$puppetserver='rhel6u3-102.rsyslog.org'

import'nodes/*'

#mkdir/etc/puppet/manifests/nodes-p

2）配置节点nodes.pp

#vim/etc/puppet/manifests/nodes/nodes.pp

node'rhel6u3-207.rsyslog.org'{

includemyfile

package{'vim-enhanced':ensure=>present}

}

#node/^rhel6u3-\d+\.rsyslog.org'{

#includemyfile

2、创建第一个puppet模块1）创建模块搜索路径

vim/etc/puppet/puppet.conf

[main]

modulepath=/etc/puppet/modules:/var/lib/puppet/modules:/usr/local/lib/puppet/modules

2）创建模块目录结构

#mkdir/etc/puppet/modules-p

#mkdir-vp/etc/puppet/modules/myfile/{files,templates,manifests}

manifests目录存放模块配置文件，files目录存放模块包含的文件，templates目录存

放模块中的模板

3）创建模块核心配置文件init.pp

vim/etc/puppet/modules/myfile/manifests/init.pp

classmyfile{

package{setup:

ensure=>present,

}

file{"/etc/myfile":

owner=>"root",

group=>"root",

mode=>644,

source=>"puppet://$puppetserver/modules/myfile/files/etc/myfile",

require=>Package["setup"],

}

配置基本结束，实现的结果如下：1.检查setup软件包是否安装，如未安装将安装它2.下载“PuppetMaster”上的myfile文件放置到/etc目录下4）创建同步的测试文件

#mkdir/etc/puppet/modules/myfile/files/etc-p

#echo"HelloPuppet">/etc/puppet/modules/myfile/files/etc/myfile

5）客户端测试

[root@rhel6u3-207puppet]#cat/etc/myfile

HelloPuppet

**客户端通过以下方式启动，然后我们使用前台方式运行并监控它，我们在里使用一个puppet参数—noop,它代表我们只测试，并不真的运行并修改节点上的文件，--onetime参数是只执行一次然后退出的意思。

#puppetagent--server=rhel6u3-102.rsyslog.org--no-daemonize--verbose

--noop--onetime

#puppetagent--server=rhel6u3-102.rsyslog.org--no-daemonize--verbose--noop--onetime

info:Cachingcatalogforrhel6u3-207.rsyslog.org

info:Applyingconfigurationversion'1366705990'

notice:Finishedcatalogrunin0.20seconds

6）默认客户端同步时间为30分钟，可以设置为5秒测试效果

vim/etc/puppet/puppet.conf添加以下字段

[agent]

runinterval=5

测试方法：服务器端

#date>>/etc/puppet/modules/myfile/files/etc/myfile

客户端

cat/etc/myfile

HelloPuppet

2013年04月23日星期二16:52:58CST

puppet支持的全部资源类型及其属性http://docs.puppetlabs.com/references/stable/type.html获取包的方法：使用PuppetLabs公司的YUM安装源的准备方法:#rpm-ivhhttp://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-6.noarch.rpm使用RedHatEPEL的YUM源的准备方法：#rpm-ivhhttp://mirrors.ustc.edu.cn/fedora/epel/6/i386/epel-release-6-8.noarch.rpm