1 准备
- 2台 centos7 (master/server:192.168.1.103 agent/client:192.168.1.106)
- 分别添加puppet自定义仓库
https://yum.puppet.com/puppet6-release-el-7.noarch.rpm
2 Master/Server
设置 hostname
hostnamectl set-hostname puppet.example.net --static
设置 hosts
vi /etc/hosts
增加
192.168.1.103 puppet.example.net
安装 puppet server
yum -y install puppet-server
启动puppetmaster
systemctl start puppetmaster
systemctl enable puppetmaster
3 Agent/Client
设置hostname
nmtui->set system hostname->agent1.example.net
设置hosts
vi /etc/hosts
增加
192.168.1.106 agent1.example.net
192.168.1.103 puppet.example.net
安装puppet agent
yum -y install puppet
设置 puppet.conf
// vi /etc/puppet/puppet.conf
[agent]
certname = agent1.example.net
server = puppet.example.net
report = true
启动
systemctl start puppet.service
systemctl enable puppet.service
4 测试
client执行:puppet agent --test
输出
Info: Creating a new SSL key for agent1.example.net
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for agent1.example.net
Info: Certificate Request fingerprint (SHA256): DB:21:15:C8:90:E4:2D:54:53:4C:A5:9A:4A:00:50:E7:99:5B:73:EE:0C:23:F9:7B:36:99:34:CD:FE:E6:DF:DA
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled
最后一行不是错误
master执行:
puppet cert list输出:
"agent1.example.net" (SHA256) 14:7D:AA:34:C8:F1:70:28:B9:51:A6:7D:94:3F:69:92:8F:61:94:17:7D:4A:EF:F2:44:CC:4A:BC:6B:D5:C3:EC
-
puppet cert sign agent1.example.net或者puppet cert sign --all输出:
Notice: Signed certificate request for agent1.example.net
Notice: Removing file Puppet::SSL::CertificateRequest agent1.example.net at '/var/lib/puppet/ssl/ca/requests/agent1.example.net.pem'
client再次执行
puppet agent --test
输出:
Info: Caching certificate for agent1.example.net
Info: Caching certificate_revocation_list for ca
Info: Caching certificate for agent1.example.net
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for agent1.example.net
Info: Applying configuration version '1428474782'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.05 seconds
在master上编辑 /etc/puppet/manifests/site.pp
node default {
file {"/tmp/test.txt":
content=>"I'm testing puppet
";
}
}
在agent上执行 puppet agent --test
[root@agent1]# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for stor01.centos7.com
Info: Applying configuration version '1563239001'
Notice: /Stage[main]/Main/Node[default]/File[/tmp/test.txt]/ensure: defined content as '{md5}3ac8d756cdcb2a7594aa115a2f03e065'
Notice: Finished catalog run in 0.01 seconds
[root@stor01 puppet]# cat /tmp/test.txt
I'm testing puppet