Environment
[Email protected] ~]# cat/etc/redhat-release
CentOS Release 6.6 (Final)
Http://downloads.puppetlabs.com/facter/facter-1.5.8.tar.gz
Http://downloads.puppetlabs.com/puppet/puppet-2.6.1.tar.gz
Package:
[email protected] tools]# LL
Total dosage 1532
-rw-r--r--1 root root 71295 8 months facter-1.5.8.tar.gz
-rw-r--r--1 root root 1492177 9 months puppet-2.6.1.tar.gz
shut down the firewall (the online environment do not die, you must open the appropriate firewall rules )
[[email protected] ~]#/etc/init.d/iptables stop
[Email protected] ~]# Getenforce
Disabled
Time synchronization
[[email protected] ~]#/etc/init.d/ntpdate start
Ntpdate: synchronizing with the time server: [ OK ]
[Email protected] ~]# chkconfig ntpdate on
Ruby Environment Installation
[[email protected] ~]# yum-y install Ruby
Create Puppet users and Groups
[Email protected] ~]# Groupadd puppet
[Email protected] ~]# useradd-g puppet-s/bin/false-m puppet
Change host and hostname
[Email protected] ~]# hostname
Master.test.com
[Email protected] ~]# cat/etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4master.test.com
:: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.98.110 master.test.com
192.168.98.111 agent.test.com
Installing Facter
[Email protected] tools]# pwd
/tools
[Email protected] tools]# tar-zxvffacter-1.5.8.tar.gz
[Email protected] tools]# CD facter-1.5.8
[Email protected] facter-1.5.8]# Ruby INSTALL.RB
Confirm Installation
[[email protected] facter-1.5.8]# echo $?
0
[Email protected] tools]# Facter
Installing Puppet
[Email protected] tools]# pwd
/tools
[Email protected] tools]# tar-zxvfpuppet-2.6.1.tar.gz
[Email protected] tools]# CD puppet-2.6.1
[Email protected] puppet-2.6.1]# Ruby INSTALL.RB
Confirm Installation
[[email protected] puppet-2.6.1]# echo $?
0
[Email protected] tools]# mkdir-p/etc/puppet
[Email protected] puppet-2.6.1]# cpconf/redhat/*/etc/puppet/
[Email protected] puppet-2.6.1]# cpconf/auth.conf/etc/puppet/
[Email protected] puppet-2.6.1]# pwd
/tools/puppet-2.6.1
shut down the firewall (the online environment do not die, you must open the appropriate firewall rules )
[[email protected] ~]#/etc/init.d/iptables stop
[Email protected] ~]# Getenforce
Disabled
Time synchronization
[[email protected] ~]#/etc/init.d/ntpdate start
Ntpdate: synchronizing with the time server: [ OK ]
[Email protected] ~]# chkconfig ntpdate on
[Email protected] ~]# Mkdir/tools
[Email protected] ~]# cd/tools/
[Email protected] tools]# wget http://downloads.puppetlabs.com/facter/facter-1.5.8.tar.gz
[Email protected] tools]# wget http://downloads.puppetlabs.com/puppet/puppet-2.6.1.tar.gz
650) this.width=650; "border=" 0 "width=" 537 "height=" "" Src= "/e/u261/themes/default/images/spacer.gif" style= " Background:url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center;border:1px solid #ddd; "alt=" spacer.gif "/>
installation of the Ruby environment
[[email protected] tools]# yum-y install Ruby
Create Puppet users and Groups
[Email protected] tools]# Groupadd puppet
[Email protected] tools]# useradd-g puppet-s/bin/false-m puppet
Change Host and hostname
[Email protected] ~]# cat/etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4agent.test.com
:: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.98.111 agent.test.com
192.168.98.110 master.test.com
[Email protected] ~]# hostname
Agent.test.com
installing facter and puppet
[Email protected] ~]# cd/tools/
[email protected] tools]# LL
Total dosage 1532
-rw-r--r--1 root root 71295 8 months facter-1.5.8.tar.gz
-rw-r--r--1 root root 1492177 2 months 4 01:23 puppet-2.6.1.tar.gz
[Email protected] tools]# tar-xffacter-1.5.8.tar.gz
[Email protected] tools]# tar-xfpuppet-2.6.1.tar.gz
[Email protected] tools]# CD facter-1.5.8
[Email protected] facter-1.5.8]# Ruby INSTALL.RB
Check the installation steps
[[email protected] facter-1.5.8]# echo $?
0
#heck Facter
[Email protected] facter-1.5.8]# Facter
[Email protected] facter-1.5.8]# CD.
[Email protected] tools]# CD puppet-2.6.1
[Email protected] puppet-2.6.1]# Ruby INSTALL.RB
[Email protected] puppet-2.6.1]# mkdir-p/etc/puppet
[email protected] puppet-2.6.1]# CP conf/redhat/*/etc/puppet/
[Email protected] puppet-2.6.1]# cpconf/auth.conf/etc/puppet/
Start Configuration puppet
Master -side configuration
Setting up the configuration file directory
[Email protected] tools]# mkdir/etc/puppet/manifests–p
Set power-on self-boot
[Email protected] tools]# mkdir/etc/puppet/manifests-p
[Email protected] tools]# Cp/etc/puppet/server.init/etc/init.d/puppetmaster
[Email protected] tools]# chmod 755/etc/init.d/puppetmaster
[Email protected] tools]# chkconfig--addpuppetmaster
[Email protected] tools]# chkconfig--level 35puppetmaster on
Start Puppet Master
[[email protected] tools]#/etc/init.d/puppetmaster start
start puppetmaster: [ OK ]
#check Puppet Master ( Port 8140)
[Email protected] tools]# Netstat-lntup|grepruby
TCP 0 0 0.0.0.0:8140 0.0.0.0:* LISTEN 2416/ruby
Configuring Agent -side —--- authorization
[Email protected] puppet-2.6.1]# telnetmaster.test.com 8140
Trying 192.168.98.110 ...
Connected to master.test.com.
Escape character is ' ^] '.
Connection closed by foreign host.
Node Request Registration
[Email protected] puppet-2.6.1]# puppetd--test--server master.test.com
Info:creating a new SSL key foragent.test.com
Warning:peer Certificate won ' t be verifiedin this SSL session
Info:caching Certificate for CA
Warning:peer Certificate won ' t be verifiedin this SSL session
Warning:peer Certificate won ' t be verifiedin this SSL session
Info:creating a new SSL certificaterequest for agent.test.com
Info:certificate Request Fingerprint (MD5): B6:22:AE:77:67:00:01:B1:43:C1:10:1A:DA:4A:B3:B2
Warning:peer Certificate won ' t be verifiedin this SSL session
Warning:peer Certificate won ' t be verifiedin this SSL session
Warning:peer Certificate won ' t be verifiedin this SSL session
Exiting; No certificate found Andwaitforcert is disabled
Master Server-side determination authentication
[[Email protected] tools]# puppet cert--list–all # Server View authentication status
Agent.test.com (B6:22:AE:77:67:00:01:B1:43:C1:10:1A:DA:4A:B3:B2) # not certified
+ master.test.com (3F:9B:8A:AD:8A:5C:88:00:AA:AE:FB:09:6E:07:24:FB)
[[Email protected] tools]# puppet cert--signagent.test.com # Registration Agent
notice:signed certificate Request foragent.test.com # to formally register the requested certificate
Notice:removing filepuppet::ssl::certificaterequest agent.test.com at '/var/lib/puppet/ssl/ca/requests/agent.test.com.pem '
[[Email protected] tools]# puppet cert--list–all # Review the authentication situation again
+ agent.test.com (32:cf:0b:0e:26:5e:6d:6d:78:b2:ac:41:7b:7c:dd:47) # Note the preceding + sign
+ master.test.com (3F:9B:8A:AD:8A:5C:88:00:AA:AE:FB:09:6E:07:24:FB)
Another way to view certifications
[Email protected] tools]# tree/var/lib/puppet/ssl/
/var/lib/puppet/ssl/
├── CA
│ ├── Ca_crl.pem
│ ├── Ca_crt.pem
│ ├── Ca_key.pem
│ ├── Ca_pub.pem
│ ├── inventory.txt
│ ├── Private
│ │ └── ca.pass
│ ├── requests
│ ├── serial
│ └── signed
│ ├──Agent.test.com.pem # has been registered successfully
│ └──Master.test.com.pem
├── certificate_requests
├── certs
│ ├── Ca.pem
│ └── Master.test.com.pem
├── Crl.pem
├── Private
├── Private_keys
│ └── Master.test.com.pem
└── Public_keys
└──Master.test.com.pem
9 Directories, files
the Agent tests again to verify the status of the certification
[Email protected] puppet-2.6.1]# puppetd--test--server master.test.com
Warning:peer Certificate won ' t be verifiedin this SSL session
Info:caching Certificate foragent.test.com
Info:caching certificate_revocation_listfor CA
info:caching Catalog for Agent.test.com
Info:applying configuration version ' 1454562128 '
Info:creating State File/var/lib/puppet/state/state.yaml
notice:finished Catalog run in 0.01seconds
This article is from the "hope of the Dog" blog, be sure to keep this source http://8874480.blog.51cto.com/8864480/1741082
Puppet Installation and Deployment