IP:192.168.0.3 服务端
IP:192.168.0.4 客户端
IP:192.168.0.3 服务端
Server:
[root@Master tools]# yum install epel-release -y
[root@Master tools]# cat /etc/hostname #获取主机名,下面hosts文件需要用到
Master
[root@Master tools]# vi /etc/hosts #配置对应的ip和主机名
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.4 Slave
192.168.0.3 Master
[root@Master tools]# yum install puppet-server -y
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[root@Master tools]# puppet master --no-daemonize --debug #前台运行puppet,方便排错.然后另开一个窗口执行后续操作
不用执行
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[root@Master tools]# vi /etc/puppet/manifests/site.pp #配置.这里的意思是修改Client上的/tmp/helloworld.txt的内容为Hello World!
node default {
file { "/tmp/helloworld.txt" :
content => "Hello World!",
}
}
[root@Master tools]#
IP:192.168.0.4 客户端
Client:
[root@Slave tools]# yum install epel-release -y
[root@Slave tools]# yum install puppet -y
[root@Slave tools]# cat /etc/hostname #获取主机名,下面hosts文件需要用到
Slave
[root@Slave tools]# cat /etc/hosts #配置对应的ip和主机名
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.4 Slave
192.168.0.3 Master
[root@Slave tools]# cat /etc/puppet/puppet.conf|grep -v '#'|grep -v ^$
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
listen = true
server = master #只需要修改这里即可.指定Puppet的地址
runinterval = 30
[root@Slave tools]#
#开始测试,puppet涉及到认证授权问题,因为Client没正式得到授权,所以这里只是向Server发起认证申请,因此会返回报错,不用管
[root@Slave tools]# puppet agent --test
Info: Creating a new SSL key for slave
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for slave
Info: Certificate Request fingerprint (SHA256): CD:34:F3:34:1C:FE:61:4D:4A:97:12:8A:B3:8F:CC:A0:3F:36:CA:D4:2D:9F:3C:8A:DF:72:1B:79:10:E3:6A:6F
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled
[root@Slave tools]#
#查看Server的授权信息,有+号在前面就是得到授权了,可以看到我们的Client(bp-vm)没有得到授权
IP:192.168.0.3 服务端
Server:
[root@Master tools]# puppet cert list --all
"slave" (SHA256) CD:34:F3:34:1C:FE:61:4D:4A:97:12:8A:B3:8F:CC:A0:3F:36:CA:D4:2D:9F:3C:8A:DF:72:1B:79:10:E3:6A:6F
+ "master" (SHA256) DD:CD:76:BB:E5:D7:FB:97:34:64:C1:06:58:15:03:EA:52:18:09:49:88:C0:AA:81:72:20:F9:6B:83:31:76:DB
[root@Master tools]#
#确认授权给Slave
[root@Master tools]# puppet cert sign Slave
Notice: Signed certificate request for slave
Notice: Removing file Puppet::SSL::CertificateRequest slave at '/var/lib/puppet/ssl/ca/requests/slave.pem'
[root@Master tools]#
#Slave有+号就是得到授权
[root@Master tools]# puppet cert list --all
+ "master" (SHA256) DD:CD:76:BB:E5:D7:FB:97:34:64:C1:06:58:15:03:EA:52:18:09:49:88:C0:AA:81:72:20:F9:6B:83:31:76:DB
+ "slave" (SHA256) 62:BA:7C:5B:E9:0A:F7:A1:71:E1:0C:EA:F6:3B:9C:95:4B:A9:A3:DD:ED:C8:98:C2:09:56:D4:E3:11:BE:7E:AE
[root@Master tools]#
IP:192.168.0.4 客户端
Client:
[root@Slave tools]# cat /tmp/helloworld.txt
cat: /tmp/helloworld.txt: No such file or directory
#之前没有授权就报错了,授权后执行新增/tmp/helloworld.txt文件
[root@Slave tools]# puppet agent --test
Notice: Ignoring --listen on onetime run
Info: Caching certificate_revocation_list for ca
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: undefined method `include?' for nil:NilClass
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for slave
Info: Applying configuration version '1596079798'
Notice: /Stage[main]/Main/Node[default]/File[/tmp/helloworld.txt]/ensure: defined content as '{md5}ed076287532e86365e841e92bfc50d8c'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.03 seconds
[root@Slave tools]# cat /tmp/helloworld.txt
Hello World![root@Slave tools]#