Puppet Installation and Deployment

Environment

[Email protected] ~]# cat/etc/redhat-release

CentOS Release 6.6 (Final)

Http://downloads.puppetlabs.com/facter/facter-1.5.8.tar.gz

Http://downloads.puppetlabs.com/puppet/puppet-2.6.1.tar.gz

Package:

[email protected] tools]# LL

Total dosage 1532

-rw-r--r--1 root root 71295 8 months facter-1.5.8.tar.gz

-rw-r--r--1 root root 1492177 9 months puppet-2.6.1.tar.gz

shut down the firewall (the online environment do not die, you must open the appropriate firewall rules )

[[email protected] ~]#/etc/init.d/iptables stop

[Email protected] ~]# Getenforce

Disabled

Time synchronization

[[email protected] ~]#/etc/init.d/ntpdate start

Ntpdate: synchronizing with the time server: [ OK ]

[Email protected] ~]# chkconfig ntpdate on

• installation Puppetmaster

Ruby Environment Installation

[[email protected] ~]# yum-y install Ruby

Create Puppet users and Groups

[Email protected] ~]# Groupadd puppet

[Email protected] ~]# useradd-g puppet-s/bin/false-m puppet

Change host and hostname

[Email protected] ~]# hostname

Master.test.com

[Email protected] ~]# cat/etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4master.test.com

:: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.98.110 master.test.com

192.168.98.111 agent.test.com

Installing Facter

[Email protected] tools]# pwd

/tools

[Email protected] tools]# tar-zxvffacter-1.5.8.tar.gz

[Email protected] tools]# CD facter-1.5.8

[Email protected] facter-1.5.8]# Ruby INSTALL.RB

Confirm Installation

[[email protected] facter-1.5.8]# echo $?

0

[Email protected] tools]# Facter

Installing Puppet

[Email protected] tools]# pwd

/tools

[Email protected] tools]# tar-zxvfpuppet-2.6.1.tar.gz

[Email protected] tools]# CD puppet-2.6.1

[Email protected] puppet-2.6.1]# Ruby INSTALL.RB

Confirm Installation

[[email protected] puppet-2.6.1]# echo $?

0

[Email protected] tools]# mkdir-p/etc/puppet

[Email protected] puppet-2.6.1]# cpconf/redhat/*/etc/puppet/

[Email protected] puppet-2.6.1]# cpconf/auth.conf/etc/puppet/

[Email protected] puppet-2.6.1]# pwd

/tools/puppet-2.6.1

• installation Puppet_agent

shut down the firewall (the online environment do not die, you must open the appropriate firewall rules )

[[email protected] ~]#/etc/init.d/iptables stop

[Email protected] ~]# Getenforce

Disabled

Time synchronization

[[email protected] ~]#/etc/init.d/ntpdate start

Ntpdate: synchronizing with the time server: [ OK ]

[Email protected] ~]# chkconfig ntpdate on

[Email protected] ~]# Mkdir/tools

[Email protected] ~]# cd/tools/

[Email protected] tools]# wget http://downloads.puppetlabs.com/facter/facter-1.5.8.tar.gz

[Email protected] tools]# wget http://downloads.puppetlabs.com/puppet/puppet-2.6.1.tar.gz

650) this.width=650; "border=" 0 "width=" 537 "height=" "" Src= "/e/u261/themes/default/images/spacer.gif" style= " Background:url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center;border:1px solid #ddd; "alt=" spacer.gif "/>

installation of the Ruby environment

[[email protected] tools]# yum-y install Ruby

Create Puppet users and Groups

[Email protected] tools]# Groupadd puppet

[Email protected] tools]# useradd-g puppet-s/bin/false-m puppet

Change Host and hostname

[Email protected] ~]# cat/etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4agent.test.com

:: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.98.111 agent.test.com

192.168.98.110 master.test.com

[Email protected] ~]# hostname

Agent.test.com

installing facter and puppet

[Email protected] ~]# cd/tools/

[email protected] tools]# LL

Total dosage 1532

-rw-r--r--1 root root 71295 8 months facter-1.5.8.tar.gz

-rw-r--r--1 root root 1492177 2 months 4 01:23 puppet-2.6.1.tar.gz

[Email protected] tools]# tar-xffacter-1.5.8.tar.gz

[Email protected] tools]# tar-xfpuppet-2.6.1.tar.gz

[Email protected] tools]# CD facter-1.5.8

[Email protected] facter-1.5.8]# Ruby INSTALL.RB

Check the installation steps

[[email protected] facter-1.5.8]# echo $?

0

#heck Facter

[Email protected] facter-1.5.8]# Facter

[Email protected] facter-1.5.8]# CD.

[Email protected] tools]# CD puppet-2.6.1

[Email protected] puppet-2.6.1]# Ruby INSTALL.RB

[Email protected] puppet-2.6.1]# mkdir-p/etc/puppet

[email protected] puppet-2.6.1]# CP conf/redhat/*/etc/puppet/

[Email protected] puppet-2.6.1]# cpconf/auth.conf/etc/puppet/

Start Configuration puppet

Master -side configuration

Setting up the configuration file directory

[Email protected] tools]# mkdir/etc/puppet/manifests–p

Set power-on self-boot

[Email protected] tools]# mkdir/etc/puppet/manifests-p

[Email protected] tools]# Cp/etc/puppet/server.init/etc/init.d/puppetmaster

[Email protected] tools]# chmod 755/etc/init.d/puppetmaster

[Email protected] tools]# chkconfig--addpuppetmaster

[Email protected] tools]# chkconfig--level 35puppetmaster on

Start Puppet Master

[[email protected] tools]#/etc/init.d/puppetmaster start

start puppetmaster: [ OK ]

#check Puppet Master ( Port 8140)

[Email protected] tools]# Netstat-lntup|grepruby

TCP 0 0 0.0.0.0:8140 0.0.0.0:* LISTEN 2416/ruby

Configuring Agent -side —--- authorization

[Email protected] puppet-2.6.1]# telnetmaster.test.com 8140

Trying 192.168.98.110 ...

Connected to master.test.com.

Escape character is ' ^] '.

Connection closed by foreign host.

Node Request Registration

[Email protected] puppet-2.6.1]# puppetd--test--server master.test.com

Info:creating a new SSL key foragent.test.com

Warning:peer Certificate won ' t be verifiedin this SSL session

Info:caching Certificate for CA

Warning:peer Certificate won ' t be verifiedin this SSL session

Warning:peer Certificate won ' t be verifiedin this SSL session

Info:creating a new SSL certificaterequest for agent.test.com

Info:certificate Request Fingerprint (MD5): B6:22:AE:77:67:00:01:B1:43:C1:10:1A:DA:4A:B3:B2

Warning:peer Certificate won ' t be verifiedin this SSL session

Warning:peer Certificate won ' t be verifiedin this SSL session

Warning:peer Certificate won ' t be verifiedin this SSL session

Exiting; No certificate found Andwaitforcert is disabled

Master Server-side determination authentication

[[Email protected] tools]# puppet cert--list–all # Server View authentication status

Agent.test.com (B6:22:AE:77:67:00:01:B1:43:C1:10:1A:DA:4A:B3:B2) # not certified

+ master.test.com (3F:9B:8A:AD:8A:5C:88:00:AA:AE:FB:09:6E:07:24:FB)

[[Email protected] tools]# puppet cert--signagent.test.com # Registration Agent

notice:signed certificate Request foragent.test.com # to formally register the requested certificate

Notice:removing filepuppet::ssl::certificaterequest agent.test.com at '/var/lib/puppet/ssl/ca/requests/agent.test.com.pem '

[[Email protected] tools]# puppet cert--list–all # Review the authentication situation again

+ agent.test.com (32:cf:0b:0e:26:5e:6d:6d:78:b2:ac:41:7b:7c:dd:47) # Note the preceding + sign

+ master.test.com (3F:9B:8A:AD:8A:5C:88:00:AA:AE:FB:09:6E:07:24:FB)

Another way to view certifications

[Email protected] tools]# tree/var/lib/puppet/ssl/

/var/lib/puppet/ssl/

├── CA

│ ├── Ca_crl.pem

│ ├── Ca_crt.pem

│ ├── Ca_key.pem

│ ├── Ca_pub.pem

│ ├── inventory.txt

│ ├── Private

│ │ └── ca.pass

│ ├── requests

│ ├── serial

│ └── signed

│ ├──Agent.test.com.pem # has been registered successfully

│ └──Master.test.com.pem

├── certificate_requests

├── certs

│ ├── Ca.pem

│ └── Master.test.com.pem

├── Crl.pem

├── Private

├── Private_keys

│ └── Master.test.com.pem

└── Public_keys

└──Master.test.com.pem

9 Directories, files

the Agent tests again to verify the status of the certification

[Email protected] puppet-2.6.1]# puppetd--test--server master.test.com

Warning:peer Certificate won ' t be verifiedin this SSL session

Info:caching Certificate foragent.test.com

Info:caching certificate_revocation_listfor CA

info:caching Catalog for Agent.test.com

Info:applying configuration version ' 1454562128 '

Info:creating State File/var/lib/puppet/state/state.yaml

notice:finished Catalog run in 0.01seconds

This article is from the "hope of the Dog" blog, be sure to keep this source http://8874480.blog.51cto.com/8864480/1741082

Puppet Installation and Deployment