Puppet------Installation

Note: Puppet is best to create a snapshot before installation, need to be careful, the following is my installation process

Puppet preparatory work

1 installation

Yum-y Install puppet Puppet-server (service side to install this)

[Email protected] puppet]# puppet-v

2.7.26

Add Host File parsing

Finally, make sure that the server-side hostname is not changed, and that the snapshot or backup restore point is ready, both the client and the server, so that it is easy to solve the problem later

2 Preliminary configuration

2.1 Adding configuration Files

[Email protected] ~]# tree-r/etc/puppet/

/etc/puppet/

├──auth.conf

├──fileserver.conf

├──manifests

├──modules

└──puppet.conf

2 directories, 4 files

[Email protected] puppet]# Cd/etc/puppet

[email protected] puppet]# cat manifests/site.pp

Import "NODES/*.PP"

2.2 Service-side service open, client authentication request, service-side issue Certificate

Premise:selinux and Firewall open at least 8140 ports no problem, otherwise will be reported get addr info error

[[Email protected] ~]# Puppet master start

[Email protected] ~]# NETSTAT-TNLP

Active Internet connections (only servers)

Proto recv-q send-q Local address Foreign address State Pid/program Name

TCP 0 0 0.0.0.0:8140 0.0.0.0:* LISTEN 5167/ruby

Client:

[[Email protected] ~]# puppet agent--test--verbose

Info:creating a new SSL key for Cobbler

Info:caching Certificate for CA

Info:creating a new SSL certificate request for Cobbler

Info:certificate Request Fingerprint (SHA256): 14:3e:29:3e:88:83:fe:20:93:03:0a:03:6b:f5:b6:98:2b:07:0c:d3:32:a7: a9:d7:a5:80:d9:d8:30:e0:a8:57

Exiting; No certificate found and Waitforcert is disabled

Server-side view under request and issue:

[Email protected] ~]# Puppet cert list

"Cobbler" (d0:92:71:0d:b9:10:3d:28:35:d9:ce:99:7d:01:4c:3b)

"Zabbix-server" (cc:dc:03:09:b7:86:9c:90:0f:76:ff:e2:6e:e0:61:4a)

If there is rev.home.ne.jp behind your hostname, then go to/etc/resolv.conf to comment out the search domain,/etc/sysconfig/network-scripts/ Ifcfg-eth0 's nm_controlled is set to No

[Email protected] ~]# puppet cert sign "Cobbler"

notice:signed Certificate Request for Cobbler

notice:removing file Puppet::ssl::certificaterequest cobbler at '/var/lib/puppet/ssl/ca/requests/cobbler.pem '

Finally, do a test on the line:

Testing process

1 server Side write a pp file, equivalent to the puppet node configuration file

[email protected] puppet]# cat manifests/site.pp

Node Default {

file {"/tmp/liuliancao_test.txt":

ensure = present,

Content = "You know.puppet is your friend.\n";

}

}

#import "NODES/*.PP"

Check to see if there is a syntax error

[Email protected] puppet]# puppet parser validate manifests/site.pp

2 Agent request, and then observe if there is a specified test file

[[Email protected] ~]# puppet agent--test--verbose--server puppet

info:caching Catalog for Zabbix-server

Info:applying configuration version ' 1455787094 '

NOTICE:/stage[main]//node[default]/file[/tmp/liuliancao_test.txt]/content:

---/tmp/liuliancao_test.txt2016-02-18 17:16:13.646414163 +0800

+ ++/tmp/puppet-file20160218-12128-1dp2fei-0 2016-02-18 17:18:16.251414135 +0800

@@-1 +1 @@

-you Know.puppet is your friend.

\ No newline at end of file

+you Know.puppet is your friend.

Info:filebucket Adding {md5}7364c5483d25fe12eb0912643d8c8927

Info:/stage[main]//node[default]/file[/tmp/liuliancao_test.txt]: Filebucketed/tmp/liuliancao_test.txt to puppet With Sum 7364c5483d25fe12eb0912643d8c8927

Notice:/stage[main]//node[default]/file[/tmp/liuliancao_test.txt]/content:content changed ' {MD5} 7364c5483d25fe12eb0912643d8c8927 ' to ' {md5}aa050a17ce909e980c9e3e510a08935a '

notice:finished catalog run in 0.09 seconds

[Email protected] ~]# Cat/tmp/liuliancao_test.txt

You Know.puppet is your friend.

Operating normally

FAQ:

Because the problem is more, so here to summarize the errors encountered, suggestions written, may be forgotten next month

Issue 1: When input puppet agent--test--verbose--server Boot, no route to host

A: Check both Firewall service Iptables status and whether the server parameter is specified (in the configuration file or now)

Question 2: Re-apply for a certificate, how to clean up

Answer: My Steps,

S:puppet cert clean "cleaned host name" C:rm-rf/var/lib/puppet

S:puppet Master Restart C:puppet agent--verbose--test--server "host name of the server"

S:puppet cert List && puppet cert sign "clean hostname" C:puppet agent--verbose--test--server "hostname of server" (Verify success)

Question 3: Other Strange questions

A: For other agent testing, if the same, it is not re-installed, definitely OK

This article is from the "Learning Path of Kai Learning" blog, please make sure to keep this source http://qixue.blog.51cto.com/7213178/1743089

Puppet------Installation