面向云管理工具puppet的部署和文件传输测试

面向云管理工具puppet的部署和测试

系统环境：

1. [root@rhel6u3-102 puppet]# uname -r

2. 2.6.32-279.el6.x86_64

3. [root@rhel6u3-102 puppet]# cat /etc/redhat-release

4. Red Hat Enterprise Linux Server release 6.3 (Santiago)

一、前期准备工作1、主机名能够互相解析（DNS上或者hosts文件中能够相互解析）puppet master(rhel6u3-102.rsyslog.org 192.168.100.102)puppet agent节点（rhel6u3-207.rsyslog.org 192.168.100.207）2、系统时间必须一致注意：本地已经下载好了安装包，并且配置好了yum源二、安装puppet服务器端master

1. yum install ruby ruby-libs ruby-shadow compat-readline5 libselinux-ruby augeas-libs

2. rpm -ivh facter-1.6.6-1.el6.x86_64.rpm puppet-2.6.18-3.el6.noarch.rpm puppet-server-2.6.18-3.el6.noarch.rpm ruby-augeas-0.4.1-1.el6.x86_64.rpm ruby-mysql-2.8.2-1.el6.x86_64.rpm ruby-shadow-1.4.1-13.el6.x86_64.rpm

客户端节点slave（无需puttet-master）

1. yum install ruby ruby-libs ruby-shadow compat-readline5 libselinux-ruby augeas-libs

2. rpm -ivh facter-1.6.6-1.el6.x86_64.rpm puppet-2.6.18-3.el6.noarch.rpm ruby-augeas-0.4.1-1.el6.x86_64.rpm ruby-mysql-2.8.2-1.el6.x86_64.rpm ruby-shadow-1.4.1-13.el6.x86_64.rpm

三、初始化puppet master(rhel6u3-102.rsyslog.org)配置文件路径/etc/puppet/查看配置文件方法：

1. sed -e '/#/d' -e '/^$/d' puppet.conf

可通过以下命令生成一个更为详细的配置文件

1. #puppetmasterd --genconfig >puppet.conf.out

1. [root@rhel6u3-102 puppet]# sed -e '/#/d' -e '/^$/d' puppet.conf.out

2. [master]

3. ssldir = /var/lib/puppet/ssl

4. factdest = /var/lib/puppet/facts/

5. privatekeydir = /var/lib/puppet/ssl/private_keys

6. rundir = /var/run/puppet

7. hostcsr = /var/lib/puppet/ssl/csr_rhel6u3-102.rsyslog.org.pem

8. hostpubkey = /var/lib/puppet/ssl/public_keys/rhel6u3-102.rsyslog.org.pem

9. plugindest = /var/lib/puppet/lib

10. inventory_terminus = yaml

11. publickeydir = /var/lib/puppet/ssl/public_keys

12. factsource = puppet://puppet/facts/

13. privatedir = /var/lib/puppet/ssl/private

14. logdir = /var/log/puppet

15. libdir = /var/lib/puppet/lib

16. statedir = /var/lib/puppet/state

17. hostcert = /var/lib/puppet/ssl/certs/rhel6u3-102.rsyslog.org.pem

18. localcacert = /var/lib/puppet/ssl/certs/ca.pem

19. pluginsource = puppet://puppet/plugins

20. certdir = /var/lib/puppet/ssl/certs

21. factpath = /var/lib/puppet/lib/facter:/var/lib/puppet/facts

22. httplog = /var/log/puppet/http.log

23. requestdir = /var/lib/puppet/ssl/certificate_requests

24. passfile = /var/lib/puppet/ssl/private/password

25. hostprivkey = /var/lib/puppet/ssl/private_keys/rhel6u3-102.rsyslog.org.pem

26. hostcrl = /var/lib/puppet/ssl/crl.pem

27. authconfig = /etc/puppet/namespaceauth.conf

28. localconfig = /var/lib/puppet/state/localconfig

29. client_datadir = /var/lib/puppet/client_data

30. reportserver = puppet

31. inventory_server = puppet

32. ca_server = puppet

33. lastrunreport = /var/lib/puppet/state/last_run_report.yaml

34. node_name_value = rhel6u3-102.rsyslog.org

35. statefile = /var/lib/puppet/state/state.yaml

36. clientbucketdir = /var/lib/puppet/clientbucket

37. classfile = /var/lib/puppet/state/classes.txt

38. report_server = puppet

39. inventory_port = 8140

40. ca_port = 8140

41. puppetdlockfile = /var/lib/puppet/state/puppetdlock

42. splaylimit = 1800

43. clientyamldir = /var/lib/puppet/client_yaml

44. puppetdlog = /var/log/puppet/puppetd.log

45. report_port = 8140

46. lastrunfile = /var/lib/puppet/state/last_run_summary.yaml

47. graphdir = /var/lib/puppet/state/graphs

48. capub = /var/lib/puppet/ssl/ca/ca_pub.pem

49. csrdir = /var/lib/puppet/ssl/ca/requests

50. autosign = /etc/puppet/autosign.conf

51. cert_inventory = /var/lib/puppet/ssl/ca/inventory.txt

52. cacert = /var/lib/puppet/ssl/ca/ca_crt.pem

53. cacrl = /var/lib/puppet/ssl/ca/ca_crl.pem

54. signeddir = /var/lib/puppet/ssl/ca/signed

55. serial = /var/lib/puppet/ssl/ca/serial

56. ca_name = Puppet CA: rhel6u3-102.rsyslog.org

57. cakey = /var/lib/puppet/ssl/ca/ca_key.pem

58. caprivatedir = /var/lib/puppet/ssl/ca/private

59. capass = /var/lib/puppet/ssl/ca/private/ca.pass

60. cadir = /var/lib/puppet/ssl/ca

61. railslog = /var/log/puppet/rails.log

62. dblocation = /var/lib/puppet/state/clientconfigs.sqlite3

63. rest_authconfig = /etc/puppet/auth.conf

64. modulepath = /etc/puppet/modules:/usr/share/puppet/modules

65. yamldir = /var/lib/puppet/yaml

66. reportdir = /var/lib/puppet/reports

67. masterlog = /var/log/puppet/puppetmaster.log

68. server_datadir = /var/lib/puppet/server_data

69. config = /etc/puppet/puppet.conf

70. pidfile = /var/run/puppet/master.pid

71. manifestdir = /etc/puppet/manifests

72. masterhttplog = /var/log/puppet/masterhttp.log

73. bucketdir = /var/lib/puppet/bucket

74. fileserverconfig = /etc/puppet/fileserver.conf

75. manifest = /etc/puppet/manifests/site.pp

76. templatedir = /var/lib/puppet/templates

77. tagmap = /etc/puppet/tagmail.conf

78. archive_file_server = puppet

79. rrddir = /var/lib/puppet/rrd

80. rrdinterval = 1800

1、修改主配置文件 puppet.conf 插入master字段

1. vim /etc/puppet/puppet.conf

2. [master]

3. certname=rhel6u3-102.rsyslog.org \\设置puppet认证服务器主机名

2、创建节点全局配置文件site.pp，文件存在，服务才能够启动

1. # touch /etc/puppet/manifests/site.pp

3、启动puppetmaster服务

1. # /etc/rc.d/init.d/puppetmaster start

第一次测试或者调试的时候可以考虑以下方法

1. #puppet master --verbose --no-daemonize --debug

四、配置agent节点（rhel6u3-207.rsyslog.org）1、配置第一个agent节点,在main标签中添加master的主机名

1. vim /etc/puppet/puppet.conf

2. [main]

3. server=rhel6u3-102.rsyslog.org

2、启动agent服务

1. # /etc/rc.d/init.d/puppet start

第一次测试或者调试的时候可以考虑以下方法

1. # puppet agent --verbose -no-daemonize

五、配置puppet master 将搜索到的新节点进行注册

1. #puppet cert --list \\查看等待注册的节点

2. #puppet cert --sign rhel6u3-207.rsyslog.org \\注册指定节点

3. # puppet cert --sign all \\注册所有等待注册的节点

六、在puppet master创建一个puppet配置1、创建第一个puppet配置1）定义全局配置 site.pp文件,并创建import的目录

1. # vim /etc/puppet/manifests/site.pp

2. $puppetserver = 'rhel6u3-102.rsyslog.org'

3. import 'nodes/*'

4. #mkdir /etc/puppet/manifests/nodes -p

2）配置节点nodes.pp

1. # vim /etc/puppet/manifests/nodes/nodes.pp

2. node 'rhel6u3-207.rsyslog.org'{

3. include myfile

4. package { 'vim-enhanced': ensure => present }

5. }

6. #node /^rhel6u3-\d+\.rsyslog.org'{

7. # include myfile

8. #}

2、创建第一个puppet模块1）创建模块搜索路径

1. vim /etc/puppet/puppet.conf

2. [main]

3. modulepath=/etc/puppet/modules:/var/lib/puppet/modules:/usr/local/lib/puppet/modules

2）创建模块目录结构

1. # mkdir /etc/puppet/modules -p

2. #mkdir -vp /etc/puppet/modules/myfile/{files,templates,manifests}

3. manifests目录存放模块配置文件，files目录存放模块包含的文件，templates目录存

4. 放模块中的模板

3）创建模块核心配置文件init.pp

1. vim /etc/puppet/modules/myfile/manifests/init.pp

2. class myfile {

3. package{ setup:

4. ensure => present,

5. }

6. file{ "/etc/myfile":

7. owner => "root",

8. group => "root",

9. mode => 644,

10. source => "puppet://$puppetserver/modules/myfile/files/etc/myfile",

11. require => Package["setup"],

12. }

13. }

配置基本结束，实现的结果如下：1. 检查setup软件包是否安装，如未安装将安装它2. 下载"Puppet Master"上的myfile文件放置到/etc目录下4）创建同步的测试文件

1. # mkdir /etc/puppet/modules/myfile/files/etc -p

2. #echo "Hello Puppet" >/etc/puppet/modules/myfile/files/etc/myfile

5）客户端测试

1. [root@rhel6u3-207 puppet]# cat /etc/myfile

2. Hello Puppet

**客户端通过以下方式启动，然后我们使用前台方式运行并监控它，我们在里使用一个puppet参数-noop, 它代表我们只测试，并不真的运行并修改节点上的文件，--onetime参数是只执行一次然后退出的意思。

1. #puppet agent --server=rhel6u3-102.rsyslog.org --no-daemonize --verbose

2. --noop --onetime

3. # puppet agent --server=rhel6u3-102.rsyslog.org --no-daemonize --verbose --noop --onetime

4. info: Caching catalog for rhel6u3-207.rsyslog.org

5. info: Applying configuration version '1366705990'

6. notice: Finished catalog run in 0.20 seconds

6）默认客户端同步时间为30分钟，可以设置为5秒测试效果

1. vim /etc/puppet/puppet.conf 添加以下字段

2. [agent]

3. runinterval=5

测试方法：服务器端

1. # date >>/etc/puppet/modules/myfile/files/etc/myfile

客户端

1. cat /etc/myfile

2. Hello Puppet

3. 2013年 04月 23日 星期二 16:52:58 CST

puppet支持的全部资源类型及其属性http://docs.puppetlabs.com/references/stable/type.html获取包的方法：使用PuppetLabs公司的YUM安装源的准备方法:# rpm -ivh http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-6.noarch.rpm使用RedHat EPEL的YUM源的准备方法：# rpm -ivh http://mirrors.ustc.edu.cn/fedora/epel/6/i386/epel-release-6-8.noarch.rpm