Puppet Common Commands

Last Update:2014-12-12 Source: Internet

Author: User

Tags syslog

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

1.puppet Master

Puppet master defaults to a daemon that runs in the background with Ruby's built-in Webrick, as well as using the most common Web server Apache and Nginx replacement Webrick to improve performance. Puppet Master main function is to compile the configuration file, files, templates, custom plugins for nodes.

[Email protected]:nodes# puppet master--helppuppet Master [-d|--daemonize|--no-daemonize] [-d|--debug] [-h|--help] [  -l|--logdest syslog|<file>|console] [-v|--verbose] [-v|--version]  [--compile <node-name>]*--daemonize: #-d Send to Background daemon, default option *--no-daemonize: #不发送到后台守护进程 *--debug: #完整调试 *--help: # Output Help *--logdest:  #日志发送方式, default is syslog*--verbose:  #显示详细信息 *--version: #打印puppet版本 *--compile: # Output the compiled catalog in JSON mode

Using--getconfig to output the default configuration file

[Email protected]:p uppet# puppet master--genconfig > puppet.conf

The Puppet does not enable the daemon daemon to run.

[Email protected]:p Uppet master--no-daemonize--verbose

2.puppet Agent

The puppet agent runs as a daemon at each node, typically requesting master every 30 minutes to confirm new information and ask for changes. Then run the compiled catalog code

[Email protected]:tmp# puppet agent--helppuppet agent [--certname <name>] [-d|--daemonize|--no-daemonize]  [ -d|--debug] [--detailed-exitcodes] [--digest <digest>] [--disable [MESSAGE]] [--enable]  [--fingerprint] [-H |--HELP] [-l|--logdest syslog|eventlog|<file>|console]  [--masterport <port>] [--no-client] [--noop] [-o|--onetime] [-t|--test]  [-v|--verbose] [-v|--version] [-w|--waitforcert <seconds>]

Using the "--noop" parameter, puppet runs Catelog, but does not perform configuration

[Email protected]:tmp# puppet Agent--noop

3.puppet Apply

Puppet Apply is a puppet Run command that is used primarily when detecting manifests or when there is no network connection. Unlike puppet Agent,puppet apply does not connect to master at run time

[Email protected]:tmp# puppet apply--helppuppet apply [-h|--help] [-v|--version] [-d|--debug] [-v|--verbose]  [-e|- -execute] [--detailed-exitcodes] [-l|--loadclasses]  [-l|--logdest syslog|eventlog|<file>|console] [-- NOOP]  [--catalog <catalog>] [--write-catalog-summary] <file>

(1) Output information to the log file

[Email protected]:manifests# puppet apply-l/tmp/init.pp init.pp [email protected]:manifests# cat/tmp/init.pp Fri Dec 12 16:17:46 +0800 Puppet (notice): Compiled Catalog for puppet.domain.com in environment production in 0.04 Secondsfri Dec 16:17:47 +0800 Puppet (notice): Finished catalog run in 0.04 seconds

4.puppet cert

It is used to manage local certificates, view unsigned certificates, sign certificates, revoke certificates, and purge certificates.

Puppet cert <action> [-h|--help] [-v|--version] [-d|--debug] [-v|--verbose]  [--digest <digest>] [< Host>]

Common operations:
Clean #清除证书
Fingerprint #打印证书指纹
Generate #生成客户端证书
List #查看认证客户端列表
Print #打印主机证书的全文信息
Revoke #废除已认证的主机
Sign #签署认证
Verify #验证本地指定的认证

Command parameters:
--all #执行所有操作, including ' sign ', ' clean ', ' list ', and ' fingerprint '
--digest #设置证书指纹加密的方式
--debug #启用完整调试模式 |
--verbose #显示详细信息
--version #显示版本

(1) View the list of clients requesting authentication

[Email protected]:nodes# puppet cert list

(2) Signing verification for host Agent.domin.com

[Email protected]:nodes# puppet cert sign agent.domain.com

(3) List all signed and unsigned certificates

[Email protected]:nodes# puppet cert list--all+ "agent.domain.com"  (SHA256) 3c:82:6a:e2:9b:8b:8f:8a:ed:c9:83:eb : 64:47:6c:91:e5:8e:86:a6:b3:d7:1d:e5:4e:39:4d:04:5a:21:c5:86  #符号 + indicates that the certificate has been signed "client.domain.com" (SHA256) e3:b4 : 46:90:df:85:37:77:48:bb:f9:fd:9f:13:de:52:2f:00:1c:71:a3:bc:c2:e2:a5:34:4f:01:db:27:02:f5

(4) To issue certification for all non-signed certification requests:

[Email protected]:nodes# puppet cert sign--all

(5) View a list of all signed and authenticated clients

[Email protected]:nodes# puppet cert list--all + "agent.domain.com"  (SHA256) 3c:82:6a:e2:9b:8b:8f:8a:ed:c9:83:eb : 64:47:6c:91:e5:8e:86:a6:b3:d7:1d:e5:4e:39:4d:04:5a:21:c5:86

5.puppet Kick

It is used to connect to the agent client to actively run the puppet Agent--test command. Similar to active trigger configuration

Puppet Common Commands

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More