puppet 搭建

Table of Contents

  1. 配置yum源
  2. 配置hosts
  3. 安装puppet-server
  4. 部署puppet-agent
  5. trouble-shoting

配置yum源

  • 备份系统自带yum源

      [root@master ~]# cd /etc/yum.repos.d/
    
  [root@master yum.repos.d]# mkdir bak
    
  [root@master yum.repos.d]# mv *.repo bak

  • 配置官网yum源(这个不太好用,建议不使用)

      rpm -Uvh https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm

配置hosts

  • 更改/etc/hosts文件和/etc/hostname

      127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    
  ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    
  #yum的仓库域名解析
    
  10.0.10.108     mirrors.polex.io
    
  #设置fqdn(格式为:ip  fqdn  hostname)
    
  127.0.0.1       master.puppet.io   master
    
  #设置agent域名解析
    
  10.211.55.3     agent.puppet.io
    
  [root@master yum.repos.d]# cat /etc/hostname
    
  master

  • 验证fqdn是否设置正确

[root@master ~]# hostname -f

master.puppet.io

安装puppet-server

  • yum安装软件包
yum install puppetserver

  • 更改配置文件/etc/sysconfig/puppetserver(如果需要)

    JAVA_ARGS="-Xms2g -Xmx2g -XX:MaxPermSize=256m”

    替换为

    JAVA_ARGS="-Xms512m -Xmx512m -XX:MaxPermSize=256m”

  • 更改配置文件puppet.conf(默认不需要更改)

[root@master ~]# cat backup/puppetlabs/puppet/puppet.conf

# This file can be used to override the default puppet settings.

# See the following links for more details on what settings are available:

# - https://docs.puppetlabs.com/puppet/latest/reference/config_important_settings.html

# - https://docs.puppetlabs.com/puppet/latest/reference/config_about_settings.html

# - https://docs.puppetlabs.com/puppet/latest/reference/config_file_main.html

# - https://docs.puppetlabs.com/puppet/latest/reference/configuration.html

[master]

vardir = /opt/puppetlabs/server/data/puppetserver

logdir = /var/log/puppetlabs/puppetserver

rundir = /var/run/puppetlabs/puppetserver

pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid

codedir = /etc/puppetlabs/code
  • 启动服务
[root@master ~]# systemctl start puppetserver
  • 验证

    参考第4步的验证

部署puppet-agent

  • yum安装软件包(如果部署过puppetserver就不用再次安装,puppetserver依赖于puppet-agent)
yum install puppet
  • 更改配置文件puppet.conf
[root@master ~]# cat /etc/puppetlabs/puppet/puppet.conf

# This file can be used to override the default puppet settings.

# See the following links for more details on what settings are available:

# - https://docs.puppetlabs.com/puppet/latest/reference/config_important_settings.html

# - https://docs.puppetlabs.com/puppet/latest/reference/config_about_settings.html

# - https://docs.puppetlabs.com/puppet/latest/reference/config_file_main.html

# - https://docs.puppetlabs.com/puppet/latest/reference/configuration.html

[master]

vardir = /opt/puppetlabs/server/data/puppetserver

logdir = /var/log/puppetlabs/puppetserver

rundir = /var/run/puppetlabs/puppetserver

pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid

codedir = /etc/puppetlabs/code

[agent]

#客户端传给master的验证名称

certname          = agent.puppet.io

pluginsync        = true

#puppetserver的服务端口

masterport        = 8140

#agent使用master的环境指定

environment       = production

#master的地址

server            = master.puppet.io

listen            = false

splay             = false

splaylimit        = 1800

#agent的运行周期

runinterval       = 1800

noop              = false

usecacheonfailure = true
  • 启动服务
[root@master ~]# systemctl start puppet
  • 验证
[root@master puppet]# puppet agent -vt

Info: Creating a new SSL key for agent.puppet.io

Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml

Info: Creating a new SSL certificate request for agent.puppet.io

Info: Certificate Request fingerprint (SHA256): CE:92:AF:5F:62:12:F6:F4:DB:59:41:7D:16:5B:19:3D:EC:7E:BB:B1:60:D6:DE:5D:2A:14:1A:23:60:8A:E6:B2

Exiting; no certificate found and waitforcert is disabled

查看证书

[root@master puppet]# puppet cert list

  "agent.puppet.io" (SHA256) CE:92:AF:5F:62:12:F6:F4:DB:59:41:7D:16:5B:19:3D:EC:7E:BB:B1:60:D6:DE:5D:2A:14:1A:23:60:8A:E6:B2

trouble-shoting

  • 报错信息如下:
[root@master ~]# puppet agent -vt

Exiting; no certificate found and waitforcert is disabled

解决办法:

尝试清理证书:

[root@master ~]# puppet cert clean agent.puppet.io

Error: Could not find a serial number for agent.puppet.io

找到证书的文件,并删除,问题即可解决。

[root@master ~]# cd /etc/puppetlabs/puppet

puppet/       puppetserver/

[root@master ~]# cd /etc/puppetlabs/puppet

[root@master puppet]# find . -name "agent.puppet.io*"

./ssl/public_keys/agent.puppet.io.pem

./ssl/certificate_requests/agent.puppet.io.pem

./ssl/private_keys/agent.puppet.io.pem

./ssl/ca/requests/agent.puppet.io.pem

[root@master puppet]# rm -rf ./ssl/public_keys/agent.puppet.io.pem ./ssl/certificate_requests/agent.puppet.io.pem ./ssl/private_keys/agent.puppet.io.pem ./ssl/ca/requests/agent.puppet.io.pem

[root@master puppet]# puppet cert list

[root@master puppet]#

puppet-master搭建的更多相关文章

  1. Advacned Puppet: Puppet Master性能调优

    本文是Advanced Puppet系列的第一篇:Puppet master性能调优,谈一谈如何优化和提高C/S架构下master端的性能. 故事情节往往惊人地类似:你是一名使用Puppet管理线上业 ...

  2. Puppet master nginx 扩展提升性能(puppet自动化系列4)

    puppet使用SSL(https)协议来进行通讯,默认情况下,puppet server端使用基于Ruby的WEBRick HTTP服务器.由于WEBRick HTTP服务器在处理agent端的性能 ...

  3. 自动化运维工具之Puppet master/agent模型、站点清单和puppet多环境设定

    前文我们了解了puppe中模块的使用,回顾请参考https://www.cnblogs.com/qiuhom-1874/p/14086315.html:今天我来了解下puppet的master/age ...

  4. Configure Puppet Master with Passenger and Apache on Centos

    What is Passenger? Passenger (AKA mod_rails or mod_rack) is an Apache 2.x module which lets you run ...

  5. WEBrick/Rack Puppet Master

    Puppet's Services: The WEBrick Puppet Master Puppet master is the application that compiles configur ...

  6. Puppet master/agent installation on RHEL7

    ==================================================================================================== ...

  7. 部署puppet master/agent模型

    自己画的一个简单的架构图 agent端每隔30分钟到master端请求与自己相关的catalog. 各节点时间要同步. 依赖DNS,各节点能通过主机名能解析. 1.同步时间 # yum install ...

  8. puppet master/agent

    puppet master/agent 配置 安装 master: yum install puppet-server agent: yum install puppet 自动签名 puppet的ma ...

  9. Puppet的搭建和应用

    Puppet的部署与应用 1. 案例概述 作为一名系统管理员,维护服务器正常运行是最基本的职责,在管理几台到几十台服务器时,大部分管理员喜欢自己写小工具来维护,但随着服务器的数量曾多,任务量也逐渐增多 ...

  10. puppet master 用 nginx + unicorn 作为前端

    目录 1. 概要 2. nginx + unicorn 配置 2.1. package 安装 2.2. 配置文件设置 2.2.1. 配置 unicorn 2.2.2. 配置nginx 2.3. 测试配 ...

随机推荐

  1. spring 装配机制

    <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w ...

  2. 某app的安全性分析过程

    交互过程如下,可以发现问题很多 http://www.ixxxx.com//api/index/app图片验证码:{"data":{"imgCode":&quo ...

  3. Numpy用户指南

    Numpy是Python语言的一个扩展库,支持大量的维度数组和矩阵运算,此外也针对数组运算提供大量的数学函数库. Mumpy是一个运行速度非常快的数学库,主要用于数组计算,包涵: 1.一个强大的N维数 ...

  4. 代码简洁的滑动门(tab)jquery插件

    < !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org ...

  5. OO第二单元多线程电梯总结

    OO第二单元多线程电梯总结 第一次作业 设计思路 Input为输入线程,负责不断读取请求并将读到的请求放入调度器中. Dispatcher为调度器,是Input线程和Elevator线程的共享对象,采 ...

  6. angularJs $templateCache

    模板加载后,AngularJS会将它默认缓存到 $templateCache 服务中.在实际生产中,可以提前将模板缓存到一个定义模板的JavaScript文件中,这样就不需要通过XHR来加载模板了 $ ...

  7. PM学习梳理--业务流程和流程图介绍

  8. IDEA的Find菜单使用

    想要显示Find菜单在底部,如图: 选中一个类,如Cloneable,然后按键Ctrl+Alt+B(相当于eclipse中的ctrl+T) 显示如图,选择最右上角的固定标签 就会把它固定在控制台菜单中 ...

  9. PDF分享:国外优秀数学教材选评

    <国外优秀数学教材选评>推荐书目下载 具体内容请查看原内容: http://www.library.fudan.edu.cn/wjzx/list/373-1-20.htm 或者http:/ ...

  10. [swarthmore cs75] Compiler 1 – Adder

    课程回顾 Swarthmore学院16年开的编译系统课,总共10次大作业.本随笔记录了相关的课堂笔记以及第3次大作业. 编译的过程:首先解析(parse)源代码,然后成抽象语法树(AST),再生成汇编 ...