首页 > 代码库 > CentOS7:安装Puppet
CentOS7:安装Puppet
环境说明:
192.168.153.133 master.localdomain #Puppet Server
192.168.153.134 agent1.localdomain #Puppet Agent
这里的机器名称不要有下划线等特殊服务,否则后面会报“the scheme puppet does not accept registry part”这样的错误信息。
1. 安装Puppet Server
$ hostnamectl set-hostname master.localdomain #设置机器名称$ systemctl reboot #重启$ cat /etc/hosts 192.168.154.133 master master.localdomain192.168.154.134 agent1 agent1.localdomain$ yum install puppet-server #安装Puppet Server# firewall-cmd --permanent --add-port=8140/tcp6 #修改防火墙,增加8140端口
2. 安装Puppet Agent
$ hostnamectl set-hostname agent1.localdomain #设置机器名称$ systemctl reboot #重启$ cat /etc/hosts 192.168.154.133 master master.localdomain$ yum install puppet #安装Puppet Agent
3. 测试Puppet
创建测试文件site.pp(Server端):
$ cat /etc/puppet/manifests/site.ppnode default { file { "/tmp/helloworld.txt" : content => "Hello World!", }}
启动server,以no-daemonize方式,这样可以在控制台看到操作信息(Server端):
$ puppet master --no-daemonize --debug... ...Notice: Starting Puppet master version 3.6.2 #启动成功,会看到这样的信息
编辑客户端puppet.conf,增加server配置项(Agent端):
$ cat /etc/puppet/puppet.conf[agent] ... ... server = master.localdomain
启动agent(Agent端):
$ puppet agent --testInfo: Creating a new SSL key for agent1.localdomainInfo: Caching certificate for caInfo: csr_attributes file loading from /etc/puppet/csr_attributes.yamlInfo: Creating a new SSL certificate request for agent1.localdomainInfo: Certificate Request fingerprint (SHA256): 1D:08:61:3B:1F:43:8C:B5:81:83:0F:FF:CC:4A:4F:8E:BA:B4:5F:7C:94:77:15:72:A2:0C:C0:44:D9:1D:16:9EInfo: Caching certificate for caExiting; no certificate found and waitforcert is disabled
启动后,agent向server申请证书,因为证书还没有被server审核,所以目前通信是不成功的。
回到server,通过puppet cert查询证书:
$ puppet cert list --all "agent1.localdomain" (SHA256) 1D:08:61:3B:1F:43:8C:B5:81:83:0F:FF:CC:4A:4F:8E:BA:B4+ "master.localdomain" (SHA256) 47:A1:12:28:22:05:75:A5:E5:92:2B:F6:53:05:A8:D6:1F:9B
证书列表中有cs_agnet1的申请,目前是未审核状态(最前面没有+)。审核证书:
$ puppet cert sign agent1.localdomain$ puppet cert list --all+ "agent1.localdomain" (SHA256) 39:7F:59:A8:3C:B8:EF:B9:E2:AD:1D:5C:D7:66:B6:02:CF:70+ "master.localdomain" (SHA256) 47:A1:12:28:22:05:75:A5:E5:92:2B:F6:53:05:A8:D6:1F:9B:
再次启动agent:
# puppet agent --testInfo: Retrieving pluginfactsInfo: Retrieving pluginInfo: Caching catalog for agent1.localdomainInfo: Applying configuration version ‘1479087051‘Notice: /Stage[main]/Main/Node[default]/File[/tmp/helloworld.txt]/ensure: defined content as ‘{md5}ed076287532e86365e841e92bfc50d8c‘Notice: Finished catalog run in 0.02 seconds
这时候,查看/tmp/helloworld.txt,该文件就自动同步了。
在证书申请过程中,如果有问题,可以删除证书重新申请,一般都能解决问题。
Agent:$ rm -rf /var/lib/puppet #删除缓存文件Server:$ puppet cert clean agent1.localdomain
CentOS7:安装Puppet
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。