yum源配置

1. wget http://ftp.kaist.ac.kr/fedora//epel/6/i386/epel-release-6-8.noarch.rpm

2. yum list | grep puppet`  //测试yum源配置有没有问题

NTP时间服务器配置

 vi /etc/ntp.conf

-----------------------

driftfile /var/lib/ntp/drift

Broadcastdelay 0.008

logfile /var/log/ntp.log

restrict default kod nomodify notrap nopeer noquery

restrict -6 default kod nomodify notrap nopeer noquery

restrict 127.0.0.1

restrict -6 ::1

restrict 172.16.1.0 mask 255.255.0.0 nomodify notrap

server 127.127.1.0

fudge 127.127.1.0 stratum 10 refid NIST

includefile /etc/ntp/crypto/pw

keys /etc/ntp/keys

启动ntpd服务并加入开机启动

service ntpd start

chkconfig ntpd on

过几分钟之后客户端进行测试

1. service ntpd start

2. ntpdate 172.16.1.1 #这个IP地址是你时间服务器的IP地址

puppetmaster的安装

yum install -y puppetmaster puppet facter #系统会自己安装ruby环境,因为puppet是用ruby写的所以需要ruby环境的支持

配置puppet.conf

vim /etc/puppet/puppet.conf

[main]

logdir = /var/log/puppet  #默认日志存放路径

rundir = /var/run/puppet  #pid存放路径

ssldir = $vardir/ssl #证书存放目录,默认$vardir为/var/lib/puppet

[agent]

classfile = $vardir/classes.txt

localconfig = $vardir/localconfig

server = puppetmaster.kisspuppet.com #设置agent认证连接master端的服务器名称,注意这个名字必须能够被节点解析

certname = puppetmaster_cert.kisspuppet.com #设置agent端certname名称

[master]

certname = puppetmaster.kisspuppet.com  puppetmaster.kisspuppet.com #设置puppetmaster认证服务器名

创建site.pp文件

touch /etc/puppet/manifests/site.pp

启动puppetmaster服务

1. /etc/init.d/puppetmaster start

2. chkconfig puppetmaster on

查看证书的生成情况 因为第一次启动会自动生成证书自动注册自己

tree /var/lib/puppet/ssl

/var/lib/puppet/ssl/

├── ca

│   ├── ca_crl.pem

│   ├── ca_crt.pem

│   ├── ca_key.pem

│   ├── ca_pub.pem

│   ├── inventory.txt

│   ├── private

│   │   └── ca.pass

│   ├── requests

│   ├── serial

│   └── signed

│       └── puppetmaster.kisspuppet.com.pem  #已注册

├── certificate_requests

├── certs

│   ├── ca.pem

│   └── puppetmaster.kisspuppet.com.pem

├── crl.pem

├── private

├── private_keys

│   └── puppetmaster.kisspuppet.com.pem

└── public_keys

└── puppetmaster.kisspuppet.com.pem

列出已经注册成功的证书

puppet cert --list --all  #带+标示已经注册成功

puppetagent安装

yum install puppet facter

配置puppet.conf

vim /etc/puppet/puppet.conf

[main]

logdir = /var/log/puppet

rundir = /var/run/puppet

ssldir = $vardir/ssl

[agent]

classfile = $vardir/classes.txt

localconfig = $vardir/localconfig

server = puppetmaster.kisspuppet.com  #指向puppetmaster端

certname = agent1_cert.kisspuppet.com #设置自己的certname名

通过调试模式启动节点向Puppetmaster端发起认证

puppet agent --test

info: Creating a new SSL key for agent1_cert.kisspuppet.com

info: Caching certificate for ca

info: Creating a new SSL certificate request for agent1_cert.kisspuppet.com

info: Certificate Request fingerprint (md5): 69:D2:86:E4:7F:00:E0:55:61:19:02:34:9E:9B:AF:F9

Exiting; no certificate found and waitforcert is disabled

服务器端确定认证

 [root@puppetmaster ~]#puppet cert --list --all

 "agent1_cert.kisspuppet.com"  (69:D2:86:E4:7F:00:E0:55:61:19:02:34:9E:9B:AF:F9) #未认证

+ "puppetmaster.kisspuppet.com" (C0:E3:6B:76:36:EC:92:93:4D:BF:F0:8F:77:00:91:C8) (alt names: "DNS:puppet", "DNS:puppet.kisspuppet.com", "DNS:puppetmaster.kisspuppet.com")

注册client1

[root@puppetmaster ~]#puppet cert --sign agent1_cert.kisspuppet.com #注册agent1

notice: Signed certificate request for agent1_cert.kisspuppet.com

notice: Removing file Puppet::SSL::CertificateRequest agent1_cert.kisspuppet.com at '/var/lib/puppet/ssl/ca/requests/agent1_cert.kisspuppet.com.pem'

再次查看认证情况

[root@puppetmaster ~]# puppet cert --list --all

+ "agent1_cert.kisspuppet.com"  (3E:46:4E:75:34:9A:5A:62:A6:3C:AE:BD:49:EE:C0:F5)

+ "puppetmaster.kisspuppet.com" (C0:E3:6B:76:36:EC:92:93:4D:BF:F0:8F:77:00:91:C8) (alt names: "DNS:puppet", "DNS:puppet.kisspuppet.com", "DNS:puppetmaster.kisspuppet.com")

client2和client3和client1一样都需要编辑本配置文件并启动服务

其它节点一起认证

[root@puppetmaster ~]# puppet agent --test #puppetmaster自己申请agent认证

info: Creating a new SSL key for puppetmaster_cert.kisspuppet.com

info: Creating a new SSL certificate request for puppetmaster_cert.kisspuppet.com

info: Certificate Request fingerprint (md5): 7D:AC:F7:97:04:2B:E4:C5:74:4A:16:05:DB:F6:6A:98

Exiting; no certificate found and waitforcert is disabled

[root@puppetmaster ~]# puppet cert --sign --all #注册所有请求的节点

notice: Signed certificate request for puppetmaster_cert.kisspuppet.com

notice: Removing file Puppet::SSL::CertificateRequest puppetmaster_cert.kisspuppet.com at '/var/lib/puppet/ssl/ca/requests/puppetmaster_cert.kisspuppet.com.pem'

notice: Signed certificate request for agent2_cert.kisspuppet.com

notice: Removing file Puppet::SSL::CertificateRequest agent2_cert.kisspuppet.com at '/var/lib/puppet/ssl/ca/requests/agent2_cert.kisspuppet.com.pem'

notice: Signed certificate request for agent3_cert.kisspuppet.com

notice: Removing file Puppet::SSL::CertificateRequest agent3_cert.kisspuppet.com at '/var/lib/puppet/ssl/ca/requests/agent3_cert.kisspuppet.com.pem'

[root@puppetmaster ~]# puppet cert --list --all #查看所有节点认证

+ "agent1_cert.kisspuppet.com"       (3E:46:4E:75:34:9A:5A:62:A6:3C:AE:BD:49:EE:C0:F5)

+ "agent2_cert.kisspuppet.com"       (A0:CE:70:BE:A9:11:BF:F4:C8:EF:25:8E:C2:2C:3B:B7)

+ "agent3_cert.kisspuppet.com"       (98:93:F7:0C:ED:94:81:3D:51:14:86:68:2B:F3:F1:A0)

+ "puppetmaster.kisspuppet.com"      (C0:E3:6B:76:36:EC:92:93:4D:BF:F0:8F:77:00:91:C8) (alt names: "DNS:puppet", "DNS:puppet.kisspuppet.com", "DNS:puppetmaster.kisspuppet.com")

+ "puppetmaster_cert.kisspuppet.com" (57:A3:D7:3D:64:2F:D6:FD:BC:2A:6C:79:68:73:EA:AB)

编写简单的motd模块

创建模块目录结构 注意:再未指定modulepath搜索路径的情况下,会有默认搜索路径的,可通过以下方式查看到

[root@puppetmaster ~]# puppet master --genconfig >/etc/puppet/puppet.conf.out

[root@puppetmaster ~]# cat /etc/puppet/puppet.conf.out | grep modulepath

    modulepath = /etc/puppet/modules:/usr/share/puppet/modules

[root@puppetmaster modules]# tree /etc/puppet/modules/

/etc/puppet/modules/

└── motd

    ├── files  #存放文件目录

    │   └── etc

    │       └── motd

    ├── manifests  #存放模块pp配置文件目录

    │   └── init.pp

    └── templates #存放模板目录

5 directories, 2 files

编写pp文件

[root@puppetmaster modules]# vim motd/manifests/init.pp

class motd{                 #定义一个类叫motd

  package{ 'setup':    #定义package资源

    ensure => present,  #要求setup这个包处于被安装状态

  }

  file{ '/etc/motd':  #定义file资源

    ensure  => present,  #要求file文件处于存在状态

    owner   => 'root', #要求file文件属主为root

    group   => 'root', #要求file文件属组为root

    mode    => '0644', #要求file文件权限为644

    source  => "puppet://$puppetserver/modules/motd/etc/motd", #要求file文件从puppetmaster端服务器下载

    require => Package['setup'], #要求文件被配置之前先执行package资源

  }

}

[root@puppetmaster modules]# cat motd/files/etc/motd

--                       --

--------puppet test---------

--                       --

编写site.pp文件

[root@puppetmaster ~]# vim /etc/puppet/manifests/site.pp 

$puppetserver = 'puppetmaster.kisspuppet.com' #设置全局变量

node 'puppetmaster_cert.kisspuppet.com'{

  include  motd

}

node 'agent1_cert.kisspuppet.com'{

  include  motd

}

node 'agent2_cert.kisspuppet.com'{

  include  motd

}

node 'agent3_cert.kisspuppet.com'{

  include  motd

}

测试motd模块

[root@agent1 ~]# puppet agent --test  #测试节点agent1

info: Caching catalog for agent1_cert.kisspuppet.com

info: Applying configuration version '1394304542'

notice: /Stage[main]/Motd/File[/etc/motd]/content:

--- /etc/motd    2000-01-13 07:18:52.000000000 +0800

+++ /tmp/puppet-file20140309-4571-1vqc18j-0    2014-03-09 02:51:47.000000000 +0800

@@ -0,0 +1,3 @@

+--                       --

+--------puppet test---------

+--                       --

info: FileBucket adding {md5}d41d8cd98f00b204e9800998ecf8427e

info: /Stage[main]/Motd/File[/etc/motd]: Filebucketed /etc/motd to puppet with sum d41d8cd98f00b204e9800998ecf8427e

notice: /Stage[main]/Motd/File[/etc/motd]/content: content changed '{md5}d41d8cd98f00b204e9800998ecf8427e' to '{md5}87ea3a1af8650395038472457cc7f2b1'

notice: Finished catalog run in 0.40 seconds

[root@agent1 ~]# cat /etc/motd

--                       --

--------puppet test---------

--                       --

[root@agent1 ~]# 

[root@puppetmaster ~]# puppet agent -t  #测试节点puppetmaster

info: Caching catalog for puppetmaster_cert.kisspuppet.com

info: Applying configuration version '1394305371'

notice: /Stage[main]/Motd/File[/etc/motd]/content:

--- /etc/motd    2010-01-12 21:28:22.000000000 +0800

+++ /tmp/puppet-file20140309-3102-1gadon0-0    2014-03-09 03:02:51.966998294 +0800

@@ -0,0 +1,3 @@

+--                       --

+--------puppet test---------

+--                       --

info: FileBucket adding {md5}d41d8cd98f00b204e9800998ecf8427e

info: /Stage[main]/Motd/File[/etc/motd]: Filebucketed /etc/motd to puppet with sum d41d8cd98f00b204e9800998ecf8427e

notice: /Stage[main]/Motd/File[/etc/motd]/content: content changed '{md5}d41d8cd98f00b204e9800998ecf8427e' to '{md5}87ea3a1af8650395038472457cc7f2b1'

info: Creating state file /var/lib/puppet/state/state.yaml

notice: Finished catalog run in 0.52 seconds

[root@puppetmaster ~]# cat /etc/motd

--                       --

--------puppet test---------

--                       --

转载自:https://kisspuppet.gitbooks.io/puppet/content/puppetlearningbase3.html

puppet 安装的更多相关文章

  1. Puppet安装及部署

    本篇博客主要介绍Puppet的安装部署,后续会更新其他相关内容 一.简介 二.环境介绍 三.安装Puppet 四.配置Puppet-dashboard 五.配置Puppet Kick 一.简介 Pup ...

  2. puppet安装配置及使用

     puppet安装前准备 一.服务器信息 master端:10.10.10.201 master.fansik.com slave端:10.10.10.156 slave.fansik.com 三台机 ...

  3. puppet安装

    server  xuesong1     10.152.14.85 client  xuesong      10.152.14.106   系统centos5.8   两台配置都配置 /etc/ho ...

  4. Puppet安装与配置简介(附视频教程)

    Puppet是一种Linux平台的集中配置管理系统,他可管理配置文件.用户.cron任务.软件包.系统服务等.puppet把这些系统实体称之为资源,puppet采用C/S星状的结构,所有的客户端和一个 ...

  5. puppet安装和使用

    puppet是一种Linux.Unix.windows平台的集中配置管理系统,使用自有的puppet描写叙述语言,可管理配置 文件.用户.cron任务.软件包.系统服务等.puppet把这些系统实体称 ...

  6. CentOS下puppet安装

    简介 Puppet是开源的基于Ruby的系统配置管理工具,puppet是一个C/S结构, 当然,这里的C可以有很多,因此,也可以说是一个星型结构. 所有的puppet客户端同一个服务器端的puppet ...

  7. centos6.5环境自动化运维之puppet实现nginx反向代理功能及puppet安装配置详解

    puppet是一种Linux.Unix.windows平台的集中配置管理系统,使用自有的puppet描述语言,可管理配置文件.用户.cron任务.软件包.系统服务等.puppet把这些系统实体称之为资 ...

  8. puppet安装和配置

    一.安装puppet准备 //安装准备 ,两台机器都要操作 . 两台机器 172.7.15.106 (server) 172.7.15.111 (client) . 关闭防火墙 setenforce ...

  9. Puppet 安装配置

    环境说明: OS:CentOS 5.4 i386 puppetmaster    192.168.0.12    hostname: puppetmaster.info.com client      ...

随机推荐

  1. 编写高质量代码改善C#程序的157个建议[用抛异常替代返回错误、不要在不恰当的场合下引发异常、重新引发异常时使用inner Exception]

    前言 自从.NET出现后,关于CLR异常机制的讨论就几乎从未停止过.迄今为止,CLR异常机制让人关注最多的一点就是“效率”问题.其实,这里存在认识上的误区,因为正常控制流程下的代码运行并不会出现问题, ...

  2. WCF入门(8)

    前言 昨天买的usb无线路由到了,笔记本又可以愉快的上网了. 下午去办市民卡,被告知说“本人医保现在停保,要等继续缴才行”,白公交坐了那么远的路. 需要视频的进群,378190436. 第八集 Dif ...

  3. Javascript基础系列之(六)循环语句(while语句)

    循环语句的作用是反复的执行同一段代码,尽管分几种不同的类型,但其原理几乎相同:只要给定的条件满足,包含在循环体内的语句会不断执行,一旦条件不再满足则终止. while循环是前测试循环,这意味着是否终止 ...

  4. Android Studio快速添加Gson以及GsonFormat的使用

    目录: 一.Android Studio快速添加Gson 二.Android Studio中GsonFormat的使用 三.在线JSON校验格式化工具 一.Android Studio快速添加Gson ...

  5. Log4Net使用详解

    1.Log4Net环境的搭建与基本配置 (1)Log4Net框架介绍     Log4net 是 Apache 下一个开放源码的项目,它是Log4j 的一个克隆版.我们可以控制日志信息的输出目的地.L ...

  6. Oracle写函数读写日志实例

    1.用DBA登录赋权限create or replace directory D_OUTPUT as 'D:\TEMP'; grant read,write on directory D_OUTPUT ...

  7. Project facet Java version 1.8 is not supported解决记录

    一看知道是因为jdk版本不一致所导致,如何解决? 方法一: 选中项目 Properties , 选择 Project Facets,右击选择 Java , Change Version  方法二: 在 ...

  8. 【poj2079】 Triangle

    http://poj.org/problem?id=2079 (题目链接) 题意 求凸包内最大三角形面积 Solution 旋转卡壳. 只会n²的做法,但是竟然过了.就是枚举每一个点,然后旋转卡壳另外 ...

  9. 洛谷P1736 创意吃鱼法

    题目描述 回到家中的猫猫把三桶鱼全部转移到了她那长方形大池子中,然后开始思考:到底要以何种方法吃鱼呢(猫猫就是这么可爱,吃鱼也要想好吃法 ^_*).她发现,把大池子视为01矩阵(0表示对应位置无鱼,1 ...

  10. android jni

    1, java.lang.UnsatisfiedLinkError: Couldn't load xxxxx: findLibrary returned null 当 apk 是被放到 /system ...