puppet-master搭建
puppet 搭建
Table of Contents
配置yum源
备份系统自带yum源
[root@master ~]# cd /etc/yum.repos.d/
[root@master yum.repos.d]# mkdir bak
[root@master yum.repos.d]# mv *.repo bak
配置官网yum源(这个不太好用,建议不使用)
rpm -Uvh https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm
配置hosts
更改/etc/hosts文件和/etc/hostname
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
#yum的仓库域名解析
10.0.10.108 mirrors.polex.io
#设置fqdn(格式为:ip fqdn hostname)
127.0.0.1 master.puppet.io master
#设置agent域名解析
10.211.55.3 agent.puppet.io
[root@master yum.repos.d]# cat /etc/hostname
master
验证fqdn是否设置正确
[root@master ~]# hostname -f
master.puppet.io
安装puppet-server
- yum安装软件包
yum install puppetserver
更改配置文件/etc/sysconfig/puppetserver(如果需要)
JAVA_ARGS="-Xms2g -Xmx2g -XX:MaxPermSize=256m”
替换为
JAVA_ARGS="-Xms512m -Xmx512m -XX:MaxPermSize=256m”更改配置文件puppet.conf(默认不需要更改)
[root@master ~]# cat backup/puppetlabs/puppet/puppet.conf
# This file can be used to override the default puppet settings.
# See the following links for more details on what settings are available:
# - https://docs.puppetlabs.com/puppet/latest/reference/config_important_settings.html
# - https://docs.puppetlabs.com/puppet/latest/reference/config_about_settings.html
# - https://docs.puppetlabs.com/puppet/latest/reference/config_file_main.html
# - https://docs.puppetlabs.com/puppet/latest/reference/configuration.html
[master]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code
- 启动服务
[root@master ~]# systemctl start puppetserver
- 验证
参考第4步的验证
部署puppet-agent
- yum安装软件包(如果部署过puppetserver就不用再次安装,puppetserver依赖于puppet-agent)
yum install puppet
- 更改配置文件puppet.conf
[root@master ~]# cat /etc/puppetlabs/puppet/puppet.conf
# This file can be used to override the default puppet settings.
# See the following links for more details on what settings are available:
# - https://docs.puppetlabs.com/puppet/latest/reference/config_important_settings.html
# - https://docs.puppetlabs.com/puppet/latest/reference/config_about_settings.html
# - https://docs.puppetlabs.com/puppet/latest/reference/config_file_main.html
# - https://docs.puppetlabs.com/puppet/latest/reference/configuration.html
[master]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code
[agent]
#客户端传给master的验证名称
certname = agent.puppet.io
pluginsync = true
#puppetserver的服务端口
masterport = 8140
#agent使用master的环境指定
environment = production
#master的地址
server = master.puppet.io
listen = false
splay = false
splaylimit = 1800
#agent的运行周期
runinterval = 1800
noop = false
usecacheonfailure = true
- 启动服务
[root@master ~]# systemctl start puppet
- 验证
[root@master puppet]# puppet agent -vt
Info: Creating a new SSL key for agent.puppet.io
Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for agent.puppet.io
Info: Certificate Request fingerprint (SHA256): CE:92:AF:5F:62:12:F6:F4:DB:59:41:7D:16:5B:19:3D:EC:7E:BB:B1:60:D6:DE:5D:2A:14:1A:23:60:8A:E6:B2
Exiting; no certificate found and waitforcert is disabled
查看证书
[root@master puppet]# puppet cert list
"agent.puppet.io" (SHA256) CE:92:AF:5F:62:12:F6:F4:DB:59:41:7D:16:5B:19:3D:EC:7E:BB:B1:60:D6:DE:5D:2A:14:1A:23:60:8A:E6:B2
trouble-shoting
- 报错信息如下:
[root@master ~]# puppet agent -vt
Exiting; no certificate found and waitforcert is disabled
解决办法:
尝试清理证书:
[root@master ~]# puppet cert clean agent.puppet.io
Error: Could not find a serial number for agent.puppet.io
找到证书的文件,并删除,问题即可解决。
[root@master ~]# cd /etc/puppetlabs/puppet
puppet/ puppetserver/
[root@master ~]# cd /etc/puppetlabs/puppet
[root@master puppet]# find . -name "agent.puppet.io*"
./ssl/public_keys/agent.puppet.io.pem
./ssl/certificate_requests/agent.puppet.io.pem
./ssl/private_keys/agent.puppet.io.pem
./ssl/ca/requests/agent.puppet.io.pem
[root@master puppet]# rm -rf ./ssl/public_keys/agent.puppet.io.pem ./ssl/certificate_requests/agent.puppet.io.pem ./ssl/private_keys/agent.puppet.io.pem ./ssl/ca/requests/agent.puppet.io.pem
[root@master puppet]# puppet cert list
[root@master puppet]#
puppet-master搭建的更多相关文章
- Advacned Puppet: Puppet Master性能调优
本文是Advanced Puppet系列的第一篇:Puppet master性能调优,谈一谈如何优化和提高C/S架构下master端的性能. 故事情节往往惊人地类似:你是一名使用Puppet管理线上业 ...
- Puppet master nginx 扩展提升性能(puppet自动化系列4)
puppet使用SSL(https)协议来进行通讯,默认情况下,puppet server端使用基于Ruby的WEBRick HTTP服务器.由于WEBRick HTTP服务器在处理agent端的性能 ...
- 自动化运维工具之Puppet master/agent模型、站点清单和puppet多环境设定
前文我们了解了puppe中模块的使用,回顾请参考https://www.cnblogs.com/qiuhom-1874/p/14086315.html:今天我来了解下puppet的master/age ...
- Configure Puppet Master with Passenger and Apache on Centos
What is Passenger? Passenger (AKA mod_rails or mod_rack) is an Apache 2.x module which lets you run ...
- WEBrick/Rack Puppet Master
Puppet's Services: The WEBrick Puppet Master Puppet master is the application that compiles configur ...
- Puppet master/agent installation on RHEL7
==================================================================================================== ...
- 部署puppet master/agent模型
自己画的一个简单的架构图 agent端每隔30分钟到master端请求与自己相关的catalog. 各节点时间要同步. 依赖DNS,各节点能通过主机名能解析. 1.同步时间 # yum install ...
- puppet master/agent
puppet master/agent 配置 安装 master: yum install puppet-server agent: yum install puppet 自动签名 puppet的ma ...
- Puppet的搭建和应用
Puppet的部署与应用 1. 案例概述 作为一名系统管理员,维护服务器正常运行是最基本的职责,在管理几台到几十台服务器时,大部分管理员喜欢自己写小工具来维护,但随着服务器的数量曾多,任务量也逐渐增多 ...
- puppet master 用 nginx + unicorn 作为前端
目录 1. 概要 2. nginx + unicorn 配置 2.1. package 安装 2.2. 配置文件设置 2.2.1. 配置 unicorn 2.2.2. 配置nginx 2.3. 测试配 ...
随机推荐
- 将EditPad Lite 加入鼠标右键
> 开始 > regedit 如图新建shell及command
- tmux使用(程序员适用)
原文:http://jack-boy.iteye.com/blog/1586908 tmux基本使用 tmux是一个优秀的终端复用软件,即使非正常掉线,也能保证当前的任务运行,这一点对于远程S ...
- 【深度学习】安装TensorFlow-GPU
1.Windows版 准备 干净的系统,没有安装过Python,有的话就卸载了. 另外我的系统安装了VS2015 VS2017(这里我不知道是不是必备的). 现在TensorFlow和cuda以及cu ...
- Git使用(二、分支的创建和上传)
介绍使用TortoiseGit创建分支并push到gitlab项目库,转载请注明出处. 一.创建一个新的文件夹,把要待编辑的工程从gitlab上pull到该文件夹. 其中URL从gitlab的对应项目 ...
- Python中使用cx_Oracle调用Oracle存储过程
import cx_Oracle as cx import datetime def execute_sql(): # 声明变量 date_time = datetime.datetime.now() ...
- 未能加载文件或程序集“ .....WebUI ”或它的某一个依赖项,试图加载格式不正确的程序
编译Web网站没有问题(需要引用oracle.dataAccess.dll),在运行时报错如下: 解决: 1. 将项目编译生成x86模式(win7 64位) 2. 有可能本机运行有问题,发布到IIS, ...
- SLAM
|__all together ship |__SLAM__ |__Graph SLAM__ |__完成约束 |__完成Graph SLAM__ | ...
- 20145232韩文浩 《网络对抗技术》 Web安全基础实践
问题回答 SQL注入攻击原理?如何防御? 原理:SQL注入攻击指的是通过构建特殊的输入作为参数传入Web应用程序,而这些输入大都是SQL语法里的一些组合,通过执行SQL语句进而执行攻击者所要的操作,使 ...
- 论文word排版相关插件
其中包括破解版的MathType.EndNote X7以及Aurora 链接:http://pan.baidu.com/s/1boRZTmf 密码:a6ai
- Android-finished with non-zero exit value 2
网上都是说,由于导入的依赖出现重复造成的,或者说 由于buildtools版本太高造成的,而我遇到的这个问题,这种两种方式无法去解决,所以才有了一下这种解决方式: 第一步,打开项目最外层的 build ...