The use of automated operation and maintenance puppet tools

Puppet is a tool used in ruby development

How to achieve basic automation with an example

Two machine master and slave

One defines hostname and hosts on master

1. Hostname master.liuwenzhi.com

2. Vim/etc/sysconfig/network

3. Vim/etc/hosts

   192.168.1.100 master.liuwenzhi.com

   192.168.1.101 slave.liuwenzhi.com

Define hostname and hosts on the slave

1. Hostname slave.liuwenzhi.com

2. Vim/etc/sysconfig/network

3. Vim/etc/hosts

   192.168.1.100 master.liuwenzhi.com

   192.168.1.101 slave.liuwenzhi.com

Note: Turn off Iptabels

Iptables-f

Crotable-e

*/10 * * * * ntpdate time.windows.com >>/dev/null 2>&1

Two downloads puppet extension source package

RPM-IVH http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-7.noarch.rpm

Service side:

Yum Install-y puppet-server

/etc/init.d/puppetmaster start

8140 ports on the service side

Client:

Yum Install-y puppet

/etc/init.d/puppet start

Note: The client is not actively opening the port

/etc/puppet/puppet.conf of the client under three modifications

On the last side add:
Listen = True
Server = master.liuwenzhi.com
Runinterval = 10 Every 10 seconds, detects the service side, and updates.

Then the puppet service is re-moved
/etc/init.d/puppet restart

Four SSL-generated certificates

Manual:

On the client

Puppet Agent--test--server=master.liuwenzhi.com

View and sign-off certificate on the service side

Puppet cert list--all

(There is no sign of the + sign in front of you)

Sign Order

Puppet cert--sign Slave.liuwenzhi.con

When there are a lot of machines, then what to do, it is impossible to a manual sign to generate a certificate,

The other is automatic sign-off.

Automatic:

First, the server deletes the certificate

Puppet cert Clean slave.liuwenzhi.com

Client needs to delete files

rm-rf/var/lib/puppet/*

On the service side

1. vim/etc/puppet/puppet.conf

Add a line below [main]
Autosign = True

2. vim/etc/puppet/autosign.conf

Add the following content:
*.liuwenzhi.coM

Restart the service.

In the check puppet cert list--all there is an automatic signature slave no

Five automatic file transfer

First define a module

Mkdir/etc/puppet/modules/testm//module name is Testm
CD!$
mkdir {files,manifests,templates}//A module needs to have these three directories, files save some file (can be empty), manifests storage configuration file, templates save template (can be left blank)
Touch MANIFESTS/INIT.PP//This is a must.
VI manifests/init.pp//content as follows
Class testm{
file {"/tmp/2.txt":
Owner = "Root",
Group = "Root",
mode = 0400,
Source = "puppet://$puppetserver/modules/testm/1.txt"
}
}

Description: The class name is also called Testm, the class defines a resource file, the file name is/tmp/2.txt, Owner,group,mode defines the file's owner, array, and permissions, and source defines where the file is obtained from. $puppetserver a moment to define, this refers to the puppet server server/etc/puppet/modules/testm/files/1.txt

Not finished yet,

The following is a key configuration file to continue defining:
VIM/ETC/PUPPET/MANIFESTS/SITE.PP//content is as follows
$puppetserver = ' master.liuwenzhi.com '

Node ' slave.liuwenzhi.com ' {
Include Testm
}


Description: $puppetserver define the hostname of the server, followed by the host name of the client, which defines the module to be loaded by the client.

Six

This article is from the "Liuliulinux" blog, make sure to keep this source http://zxlwz.blog.51cto.com/6952946/1771027

The use of automated operation and maintenance puppet tools