CentOS6.5 64-bit installation and configuration of puppet Server
We will first prepare three centos 6.5 x86_64 machines to complete the pre-installation work.
OS: Centos 6.5 x86_64
Puppet master: master.com (192.168.37.72)
Puppet clients: client1.com (192.168.37.83)
Puppet clients: client2.com (192.168.37.82)
1. Prepare for installation:
Disable selinux and iptables on both the master and client:
Stop iptables
[Root @ master ~] # Service iptables stop
Iptables: clear firewall rules: [OK]
Iptables: uninstalling module: [OK]
[Root @ master ~] # Chkconfig -- list | grep iptables
Iptables 0: Disable 1: Disable 2: Enable 3: Enable 4: Enable 5: Enable 6: Disable
[Root @ master ~] # Chkconfig ptables off
Disable selinux
[Root @ master ~] # Vim/etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX = can take one of these three values:
# Enforcing-SELinux security policy is enforced.
# Permissive-SELinux prints warnings instead of enforcing.
# Disabled-No SELinux policy is loaded.
SELINUX = enforcing changed to SELINUX = disabled
# SELINUXTYPE = can take one of these two values:
# Targeted-Targeted processes are protected,
# Mls-Multi Level Security protection.
SELINUXTYPE = targeted
To ensure that the correct valid certificate can be applied to the master host, we recommend that you set ntp for the master and client:
[Root @ master ~] # Yum-y install ntp
[Root @ master ~] # Ntpdate pool.ntp.org
[Root @ master ~] # Chkconfig ntpd on
[Root @ master ~] # Chkconfig -- list | grep ntp
Ntpd 0: off 1: off 2: Enable 3: Enable 4: Enable 5: Enable 6: Disable
Ntpdate 0: Disabled 1: Disabled 2: Disabled 3: Disabled 4: Disabled 5: Disabled 6: Disabled
[Root @ master ~] # Service ntpd start
Starting ntpd: [OK]
Set hosts on master and client
Puppet requires that all machines have a complete domain name. If no DNS server provides a domain name, you can set the host name on the machine (Note: You must set the host name before installing Puppet, because the host name is written into the certificate when Puppet is installed, the certificate is required for communication between the client and the server). To simplify the installation process, I configured/etc/hosts.
[Root @ master ~] # Vim/etc/hosts
127.0.0.1 localhost. localdomain localhost4 localhost4.localdomain4
: 1 localhost. localdomain localhost6 localhost6.localdomain6
192.168.37.72 master.com
192.168.37.83 client1.com
192.168.37.82 client2.com
Install puppet official sources
[Root @ master ~] # Wgethttp: // yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-7.noarch.rpm
[Root @ master ~] # Rpm-ivh puppetlabs-release-6-7.noarch.rpm
[Root @ master ~] # Yum update
II,Master installation Configuration
Install puppet-Server
[Root @ master ~] # Yum-y install puppet-server
Add automatic certificate issuing
Edit the/etc/puppet. conf file and add autosign = true in the [main] section,Server = master.com
[Root @ master ~] # Vim/etc/puppet. conf
[Main]
# The Puppet log directory.
# The default value is '$ vardir/log '.
Logdir =/var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$ vardir/run '.
Rundir =/var/run/puppet
# Where SSL certificates are kept.
# The default value is '$ confdir/ssl '.
Ssldir = $ vardir/ssl
Autosign = true
Server = master.com
Start Puppetmaster
[Root @ master ~] # Service puppetmaster start
Start puppetmaster: [OK]
[Root @ master ~] # Netstat-tunlp | grep: 8140
Tcp 0 0 0.0.0.0: 8140 0.0.0.0: * LISTEN 9148/ruby
Start
[Root @ master ~] # Chkconfig -- list | grep puppet
Puppet 0: Close 1: Close 2: Close 3: Close 4: Close 5: Close 6: Close
Puppetmaster 0: Close 1: Close 2: Close 3: Close 4: Close 5: Close 6: Close
[Root @ master ~] # Chkconfig puppetmaster on
[Root @ master ~] # Chkconfig -- list | grep puppet
Puppet 0: Close 1: Close 2: Close 3: Close 4: Close 5: Close 6: Close
Puppetmaster 0: Disable 1: Disable 2: Enable 3: Enable 4: Enable 5: Enable 6: Disable
III,Client installation Configuration
Puppet Installation
[Root @ client1 ~] # Yum-y install puppet
Specify the puppet server for the client and enable the Master push function.
Edit the/etc/puppet. conf file and add listen = true, server = master.com to the [agent] section.
[Root @ client1 ~] # Vim/etc/puppet. conf
[Agent]
# The file in which puppetd stores a list of the classes
# Associated with the retrieved provided atiion. Can be loaded in
# The separate '''puppet''' executable using the ''-- loadclass''
# Option.
# The default value is '$ confdir/classes.txt '.
Classfile = $ vardir/classes.txt
# Where puppetd caches the local configuration.
# Extension indicating the cache format is added automatically.
# The default value is '$ confdir/localconfig '.
Localconfig = $ vardir/localconfig
Listen = true
Server = master.com
Edit the/etc/puppet/auth. conf file and add the following statement at the bottom of auth /.
[Root @ client1 ~] # Vim/etc/puppet/auth. conf
Path/run
Method save
Allow master.com
Start client
[Root @ client1 ~] # Service puppet start
Starting puppet agent: [OK]
[Root @ client1 ~] # Netstat-tunlp | grep: 8139
Tcp 0 0 0.0.0.0: 8139 0.0.0.0: * LISTEN 15038/ruby
Start
[Root @ client1 ~] # Chkconfig puppet on
[Root @ client1 ~] # Chkconfig -- list | grep puppet
Puppet 0: Disable 1: Disable 2: Enable 3: Enable 4: Enable 5: Enable 6: Disable