zoukankan      html  css  js  c++  java

  • puppet 搭建

    puppet是一个IT基础设施自动化管理工具,它能够帮助系统管理员管理基础设施的整个生命周期: 供应(provisioning)、配置(configuration)、联动(orchestration)及报告(reporting)。

    安装环境centos7.5 ,1台server 2台client

    192.168.1.114 master.puppetcao.com
    192.168.1.115 nginxnode1.puppetcao.com
    192.168.1.116 nginxnode2.puppetcao.com

    一。修改hostname避免认证出现各种问题(server 如下,client类似)

    第一个地方
[root@master manifests]# cat /etc/hosts
127.0.0.1   master.puppetcao.com localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.114 master.puppetcao.com
192.168.1.115 nginxnode1.puppetcao.com
192.168.1.116 nginxnode2.puppetcao.com
第二个地方
hostnamectl  set-hostname master.puppetcao.com
第三个地方
[root@master manifests]# cat /etc/hostname
master.puppetcao.com

    二。安装puppet (client先不要启动 等配置好再启动)

    安装puppet server
rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
yum update
yum install puppet-server
systemctl  restart puppetmaster

安装puppet client
rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
yum update
yum install puppet

    三.认证

    修改 node上的/etc/puppet/puppet.conf 增加下面信息(2台client certname不一样)
certname=nginxnode2.puppetcao.com
server=master.puppetcao.com
runinterval=60

认证client端发起认证
[root@nginxnode1 yum.repos.d]#  puppet  agent -t
Info: Creating a new SSL key for nginxnode1.puppetcao.com
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for nginxnode1.puppetcao.com
Info: Certificate Request fingerprint (SHA256): 

DA:80:03:FC:14:39:99:7A:6C:31:BB:78:5B:23:25:96:CD:8B:27:80:14:82:0E:B2:D2:04:0E:FC:BB:7F:1E:FC
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled

server端 查看认证并授权
[root@master ~]# puppet cert --list
  "nginxnode1.puppetcao.com" (SHA256) 

DA:80:03:FC:14:39:99:7A:6C:31:BB:78:5B:23:25:96:CD:8B:27:80:14:82:0E:B2:D2:04:0E:FC:BB:7F:1E:FC
[root@master ~]# puppet cert sign --all
Notice: Signed certificate request for nginxnode1.puppetcao.com
Notice: Removing file Puppet::SSL::CertificateRequest nginxnode1.puppetcao.com at 

'/var/lib/puppet/ssl/ca/requests/nginxnode1.puppetcao.com.pem'

client端 认证
[root@nginxnode1 yum.repos.d]#  puppet  agent -t
Info: Caching certificate for nginxnode1.puppetcao.com
Info: Caching certificate_revocation_list for ca
Info: Caching certificate for nginxnode1.puppetcao.com
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: undefined method `include?' for nil:NilClass
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for nginxnode1.puppetcao.com
Info: Applying configuration version '1568783659'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.01 seconds

看到上面信息即正常

      

     
  • 相关阅读:
    BZOJ 1021 循环的债务
    BZOJ 1019 汉诺塔
    BZOJ 1018 堵塞的交通
    BZOJ 1017 魔兽地图
    BZOJ 1016 最小生成树计数
    Luogu 3008 [USACO11JAN]道路和飞机Roads and Planes
    Luogu 3625 [APIO2009]采油区域
    Luogu 4139 上帝与集合的正确用法
    Luogu 3629 [APIO2010]巡逻
    Luogu 3626 [APIO2009]会议中心
  • 原文地址:https://www.cnblogs.com/caonw/p/11907046.html
Copyright © 2011-2022 走看看