Puppet installation and deployment instance

Puppet installation and deployment instance

The description of puppet is not detailed here. Let's start deployment and installation of puppet!

Note: the client and server versions must be consistent. If the version is different, the higher version can only be the puppet server, and the other can only be used as the puppet client. That is to say, the puppet server version can be greater than or equal to the Client Version.

1. Disable Firewall
[Root @ puppet01 ~] Service iptables stop
[Root @ puppet01 ~] Chkconfig iptables off

2. Set selinux
[Root @ puppet01 ~] Sed-I's # SELINUX = enforcing # SELINUX = disabled # G'/etc/selinux/config

3. Modify the hosts file of the server and client, and add the IP address and host name.
[Root @ puppet01 ~] # Cat/etc/hosts
127.0.0.1 localhost. localdomain localhost4localhost4. localdomain4
: 1 localhost. localdomainlocalhost6 localhost6.localdomain6
192.168.1.231 puppetserver
192.168.1.20.puppetclient

4. Install puppetmaster on the server
Rpm-Uvh http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-1.noarch.rpm
Yum install puppet-server-y

5. Install puppet on the client
Rpm-Uvh http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-1.noarch.rpm
Yum install puppet-y

6. The server enables the puppetmaster service.
/Etc/init. d/puppetmasterstart

7. Client Certificate Application
Puppetagent -- server puppetserver -- test

8. Check whether the certificate is generated on the server.
[Root @ puppet01 ~] # Puppet cert -- list
"Puppet02" (SHA256) 36: 1F: C6: 80: 48: 66: 90: 52: 87: 3B: 55: AB: 6C: 66: 31: 3F: 33: 35: CF: AE: 8A: 3A: BA: F9: D0: 70: EE: C2: 3F: FD: 23: 9C

9. The server issues a certificate
1. Certificate command can be issued to a specific host: puppetcert-s
2. issue the certificate command to all hosts: puppetcert-s and-
Issue a certificate to the client:
Puppetcert -- s puppetclient # is followed by the Host Name

10. Create a test.txt file under the client/tmpfor testing.
Touchtest.txt
# Edit site. pp under the server
Vi/etc/puppet/manifests/site. pp
Node default {
File {
"/Tmp/test.txt": content => "helo, test! ";
}
}

11. Client Test
Puppetagent -- server puppetserver -- test
Successful information:
Info: Caching certificate for puppetclient
Info: Caching certificate_revocation_list for ca
Info: Caching certificate for puppetclient
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for puppetclient
Info: Applying configuration version '20140901'
Notice:/Stage [main]/Main/Node [default]/File [/tmp/test.txt]/content:
---/Tmp/test.txt 2015-03-1621: 51: 08.889040996-0400
+ +/Tmp/puppet-file20150316-1468-1n3cxlt-0 2015-03-1621: 52: 29.746041636-0400
@-+ 1 @@
+ Hello, test!
\ No newline at end of file

Info: Computing checksum on file/tmp/test.txt
Info:/Stage [main]/Main/Node [default]/File [/tmp/test.txt]: Filebucketed/tmp/test.txt to puppet with sum d41d8cd98f00b204e9800998ecf8427e
Notice:/Stage [main]/Main/Node [default]/File [/tmp/test.txt]/content: content changed '{md5} Comment' to '{md5} 18ea2a60db7763506261f87ecb82fb96'
Info: Creating state file/var/lib/puppet/state. yaml
Notice: Finished catalog run in 0.05 seconds

12. Set puppet automatic Authentication
Add the following content under [main] In the puppet. conf configuration file of the server
Autosign = true
Restart the puppetmaster service.
# In this way, the puppetd-server = puppetserver -- test server automatically authenticates on the client.

13. regenerate the certificate:
Because you need to change the host name frequently, You need to authenticate the host again.
1. Delete the rm-rf/var/lib/puppet/ssl folder on the client first.
2. Delete: puppet cert -- clean puppetclient on the server.
3. Re-obtain the certificate: puppet agent -- server puppetserver -- test

14. Configure puppet parameters and synchronization time on the client:
Vi/etc/puppet/sysconfig/puppet
# The puppetmaster server
PUPPET_SERVER = puppetserver
# If you wish to specify the port to connect to do so here
PUPPET_PORT = 8140
# Where to log to. Specify syslog to send log messages to the system log.
PUPPET_LOG =/var/log/puppet. log
# You may specify other parameters to the puppet client here
PUPPET_EXTRA_OPTS = -- waitforcert = 500
# Restart the puppet Service
/Etc/init. d/puppetstart
# After the default configuration is complete, the client synchronizes once every half an hour. We can modify the synchronization interval:
Vim/etc/puppet. conf
# Add runinterval = 60 under [agent]
# Synchronization with the server in 60 seconds
# Restart the puppet Service
/Etc/init. d/puppetstart

15. Use of puppetrun (puppet kick)
# Use the puppetrun command on the server side to send a signal to the client, telling the client to synchronize immediately with the server
1. Modify the puppet configuration file on the client
Vim/etc/puppet. conf
Add
Listen = true # The purpose is to allow puppet to listen to port 8139.
2. Modify the/etc/sysconfig/puppet file of the client.
Vim/etc/sysconfig/puppet
PUPPET_SERVER = puppetserver # server host name
3. Create the namespaceauth. conf file on the client.
[Puppetrunner]
Allow *
4. Modify auth. conf on the client and add the following content before paht:
# Test
Path/run
Method save
Allow *
5. Restart the puppet service.
/Etc/init. d/puppet restart
6. Test the command on the server:
Puppet kick-d host puppetclient
# Code 0 indicates successful

16. file synchronization
1. Edit the fileserver. conf file first:
[Root @ masterpuppet] # vim fileserver. conf
[Files] This name must be called in site. pp after the module name is defined
Path/opt/
Allow192.168.1.0/24

2. Edit the site. pp file:
[Root @ masterpuppet] # vim manifests/site. pp
File {"/opt": # The name of the file to be transferred.
Source => "puppet: // files/", # the file to be transmitted
Recurse => true; # transfer all files in this directory
}
# Puppet: // "is equivalent to the modulepath value in the main configuration file puppet. config.

3. Execute the command
Puppet agent -- server puppetserver -- test

 

Puppet Learning Series:

Puppet Learning 1: Installation and simple instance applications

Puppet 2: simple module configuration and application

Research on three Backup Recovery solutions for Puppet agent
Register your Puppet node in a safer way
Deep understanding of Puppet syntax and working mechanism through SSH Configuration
Puppet uses Nginx multiple ports for Load Balancing
C/S mode instance of Puppet in CentOS (5 and 6)

For more information about Puppet, click here.
Puppet: click here

This article permanently updates the link address: