Home > Others

Puppet's Nginx+foreman

Source: Internet
Author: User
Tags character set log mysql create database
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Foreman Architecture:

This paper mainly describes the construction of foreman, and integration into the nginx process

Environment Description:

CentOS 5.8 x86_64

Puppet version:3.1.1

Master hostname:server.domain.com

Client hostname:client.test.com

1,puppet,nginx environment is installed by the previous article Puppet,nginx,ruby, etc. 2, configure Yum source # RPM-IVH Http://yum.theforeman.org/releas es/1.1/el5/x86_64/foreman-release-1.1stable-3.el5.noarch.rpm 3, install Foreman,foreman-proxy # yum-y install F    
Oreman-installer # ruby/usr/share/foreman-installer/generate_answers.rb Input three times y # yum install Ruby-mysql # yum-y Install foreman Foreman-proxy # chown foreman.foreman-r/usr/share/foreman # su-foreman-s/bin/bas H-c/usr/share/foreman/extras/dbmigrate # vim/usr/share/foreman/config/database.yml original file for Sqllite configuration, here to MySQL as ================================================= production:adapter:mysql for database storage Database:pupp ET username:puppet password:puppet host:localhost socket: "/tmp/mysql.sock" ==============     
=================================== mysql> Create database puppet CHARACTER SET UTF8; Mysql> grant all privileges in puppet.* to Puppet@ ' localhost ' identified by ' puppet ';     
        
mysql> flush Privileges; # cd/usr/share/foreman/rails_env=production Rake db:migrate rake puppet:migrate:populate_hosts Rails_env=produ ction # chown Foreman.foreman/usr/share/foreman/tmp/secret_token # Vim/etc/foreman-proxy/settings.ym L ==========================================================: trusted_hosts:-server.domain.com:p upp Etca:true:p uppet:true:p uppet_conf:/etc/puppet/puppet.conf ==================================================== ===== #/etc/init.d/foreman-proxy Start proxy Port 8443 4, integrated into Nginx Nginx virtual host as follows: server {Liste    
        n 443;    
        server_name server.domain.com;    
        SSL on;    
        SSL_CERTIFICATE/VAR/LIB/PUPPET/SSL/CERTS/SERVER.DOMAIN.COM.PEM;    
                
        SSL_CERTIFICATE_KEY/VAR/LIB/PUPPET/SSL/PRIVATE_KEYS/SERVER.DOMAIN.COM.PEM; #Verify PuppetmastER clients against Puppet CA Ssl_crl/var/lib/puppet/ssl/ca/ca_crl.pem;    
        SSL_CLIENT_CERTIFICATE/VAR/LIB/PUPPET/SSL/CERTS/CA.PEM;    
        Ssl_verify_client Optional;    
        
        Ssl_verify_depth 1;    
        Access_log/usr/local/nginx/logs/foreman_access.log;    
        Error_log/usr/local/nginx/logs/foreman_error.log Debug;    
        
        Root/usr/share/foreman/public;    
        Passenger_enabled on;    
        Passenger_set_cgi_param HTTPS on;    
        Passenger_set_cgi_param ssl_client_s_dn $ssl _client_s_dn;    
        
       Passenger_set_cgi_param ssl_client_verify $ssl _client_verify;   #/etc/init.d/nginxd Start # # #启动nginx 5, Access Foreman input URL: https://server.domain.com default account: admin Password: changeme To configure More-configureation-smart proxies----Add proxy address after entering: https://server.domain.com:8443 # Vim/etc/puppet/node.rb:url => "Https://server.doMain.com ", 6, set up the automatic import Foreman # Cp/usr/share/foreman-installer/foreman/templates/foreman-report.rb.er B/USR/LIB/RUBY/SITE_RUBY/1.8/PUPPET/REPORTS/FOREMAN.RB # VIM FOREMAN.RB modified to configure, the other unchanged (PS: Has been stuck in the wrong) #<%= ERB. New (File.read (File.expand_path ("_header.erb", File.dirname (File))). Result (binding)-%> # Copy this File to your rep Ort dir-e.g./usr/lib/ruby/1.8/puppet/reports/# Add this is in your puppetmaster reports-e.g R puppet.conf Add: # Reports=log, Foreman # (or any other reports to you want) # URL of your foreman install ation $foreman _url = ' https://server.domain.com ' # If CA is specified, remote foreman host'll be verified $forem An_ssl_ca = "/var/lib/puppet/ssl/certs/ca.pem" # Ssl_cert and key are required if Require_ssl_puppetmasters is enabled in Foreman $foreman _ssl_cert = "/var/lib/puppet/ssl/certs/server.domain.com.pem" $foreman _ssl_key = "/var/lib/puppet/ Ssl/private_keys/server.domaIn.com.pem "The client needs to modify the agent configuration as follows [agent] Classfile = $vardir/classes.txt localconfig = $vardi R/localconfig-Pluginsync = True Masterport = 8140 environment = Producti On certname = client.test.com Server = server.domain.com Listen = True server-side modifications [MA Ster] Autosign = $confdir/autosign.conf {mode = 664} reports = Log,foreman external _nodes =/etc/puppet/node.rb Node_terminus = Exec ca = True ======================= 7,cla Ss,host.facts Import Foreman #cd/usr/share/foreman #导入hosts and facts rake puppet:import:hosts_and_facts Rails_env=produ Ction the modules underneath/etc/puppet/modules to/etc/puppet/modules/production in Foreman Web Admin mode---configuration---puppet Classes click Import from server

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
nginx nginx etc nginx nginx conf nginx binary nginx functions nginx manual nginx openbsd nginx review

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More