Puppet simple application of Linux operation and maintenance Automation (II.)

Source: Internet
Author: User

The previous blog introduced in the single-machine environment of the puppet application, this time we based on the C/S model to introduce the next puppet!

First, the experimental environment

Server role IP Address Installing the Software Host Name
Server-side 172.16.8.1 Puppet-server Www.gulong.com
Client Side 172.16.8.2 Puppet Node1.gulong.com
Client Side 172.16.8.3 Puppet Node2.gulong.com


Three host time synchronization:

#ntpdate 172.16.0.1


Three hosts can parse each other:

# vim/etc/hosts172.16.8.1 www.gulong.com172.16.8.2 node1.gulong.com172.16.8.3 node2.gulong.com


Second, the master side of the configuration

1, installation Puppet-server

Puppet Package

[Email protected] 2.7.25]# yum-y install facter-1.7.3-1.el6.x86_64.rpm puppet-server-2.7.25-1.el6.noarch.rpm


2. Configuration templates

    • To create a template directory:

[Email protected] 2.7.25]# cd/etc/puppet/modules/[[email protected] modules]# MKDIR-PV nginx/{files,manifests, Templates

Note :

files/: File storage Directory
manifests/: Inventory Store Directory
Templates/: Template Storage Directory


    • To create a manifest file:

[[email protected] modules]# CD nginx/manifests/[[email protected] manifests]# vim init.pp//is added as follows: Class Nginx {package {' Nginx ': ensure = present,} file {' nginx.conf ': ensure = File             , content = Template (' Nginx/nginx.conf.erb '), Path = '/etc/nginx/nginx.conf ',                                                                                                                                                                              require = package[' Nginx ', mode = ' 0644 ',}}                [[email protected] manifests]# vim web.pp//added as follows: Class Nginx::web inherits Nginx {file {' web.conf ' : Ensure =>file, Source = "puppet:///modules/nginx/web.conf", Path = '/E              Tc/nginx/conf.d/default.conf ', require = package[' Nginx ', mode = ' 0644 ', notify = service [' Nginx '],} service {' Nginx ': ensure = true, enable = True                                                                                                                            , restart = '/etc/init.d/nginx reload ', require = file[' nginx.conf ', ' web.conf '],}}                                                                                                                          [[email protected] manifests]# vim PROXY.P p//added as follows: Class Nginx::p Roxy inherits Nginx {file {' web.proxy.conf ': ensure =>file, source = "puppet:///modules/nginx/web.proxy.conf", Path = '/etc/nginx/conf.d/default.conf ', req Uire = package[' Nginx ', mode = ' 0644 ', notify = service [' Nginx '],} service { ' Nginx ': ensure = true, enable = true, restart = '/etc/init.d/ngi NX Reload ', require = file[' nginx.conf ', ' web.proxy.conf '],}}


    • Create the configuration file that is required:

[[email protected] manifests]# CD. /files/[[email protected] files]# vim web.conf//added as follows: # # The default Server#server {listen-Default_server    ;    server_name www.gulong.com;        Location/{root/usr/share/nginx/html;    Index index.html index.htm;    } error_page 404/404.html;    Location =/404.html {root/usr/share/nginx/html;    } error_page 502 503 504/50x.html;    Location =/50x.html {root/usr/share/nginx/html;                                                                                                                                                                                                                                                   }                                                                                         } [[email protected] files]# vim web.proxy.conf//is added as follows: # # The D    Efault Server#server {Listen default_server;    server_name _;    Location/{Proxy_pass http://172.16.0.1/;    } error_page 404/404.html;    Location =/404.html {root/usr/share/nginx/html; } error_page 500 502 503 504/50x.html;    Location =/50x.html {root/usr/share/nginx/html; }}


    • To create a template file:

[[email protected] files]# CD.  /templates/[[email protected] templates]# vim nginx.conf.erb//add as follows: # For more information on configuration, see:# * Official 中文版 documentation:http://nginx.org/en/docs/# * official Russian documentation:http://nginx.org/ru/docs/ User nginx;worker_processes <%= @processorcount%>;error_log/var/log/nginx/error.log; #error_log/va R/log/nginx/error.log notice; #error_log/var/log/nginx/error.log info;pid/var/run/nginx.pid;events {worker_ Connections 1024;}    HTTP {include/etc/nginx/mime.types;    Default_type Application/octet-stream; Log_format Main ' $remote _addr-$remote _user [$time _local] "$request" "$status $body _bytes_sent"    $http _referer "'" $http _user_agent "" $http _x_forwarded_for ";    Access_log/var/log/nginx/access.log main;    Sendfile on;    #tcp_nopush on;    #keepalive_timeout 0;    Keepalive_timeout 65; #gzip on; # Load config files from the/etc/nginx/conf.d directory # The default server was in Conf.d/default.conf include/etc /nginx/conf.d/*.conf;}


    • Enter the server-side configuration information into the puppet.conf file

[Email protected] templates]# puppet master--genconfig >>/etc/puppet/puppet.conf


    • To create a node file:

[[email protected] nginx]# cd/etc/puppet/manifests/[[email protected] manifests]# vim site.pp//Add the following: import "*. GULONG.COM.PP "   //indicates that all lists ending with gulong.com.pp are loaded in


    • Create back-end host node files:

[[email protected] manifests]# vim node1.gulong.com.pp//added as follows: node ' node1.gulong.com ' {include Nginx::p Roxy}                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   [[ Email protected] manifests]# vim node2.gulong.com.pp//is added as follows: node ' node2.gulong.com ' {include nginx::web}


    • To start the Master service:

[[Email protected] manifests]# service puppetmaster start

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/28/61/wKiom1N4flCylttWAAGCk8ho6f4083.jpg "title=" QQ pinyin unnamed. jpg "alt=" wkiom1n4flcylttwaagck8ho6f4083.jpg "/>


Third, the client side configuration

This is only a demo of the Node1.gulong.com mainframe.

1. Install puppet client software:

[Email protected] 2.7.25]# yum-y install facter-1.7.3-1.el6.x86_64.rpm puppet-2.7.25-1.el6.noarch.rpm


2. Modify the puppet.conf configuration file

[[email protected] 2.7.25]# vim/etc/puppet/puppet.conf//in the [Agent] segment is added as follows: Server = www.gulong.com


3. Start puppet

[[Email protected] 2.7.25]# service puppet start


Iv. signing of certificates and testing

1. On the server side of all this command, view the request for a signed certificate:

[Email protected] manifests]#  puppet cert list  "node1.gulong.com" (c9:e5:d1:bd:8a:5f:58:a2:a8:7b:cb:f5:c5 : 30:81:5a)


2. Use this command to sign:

[Email protected] manifests]# Puppet cert sign node1.gulong.com


You can also edit the configuration file to automatically sign it:

[Email protected] manifests]# echo "*.gulong.com" >/etc/puppet/autosign.conf


3, after the completion of the signing, check whether the client automatically install Nginx

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/28/61/wKiom1N4gWbQ6ok5AAHoOpuRgyg418.jpg "title=" QQ pinyin unnamed. jpg "alt=" wkiom1n4gwbq6ok5aahoopurgyg418.jpg "/>

As seen from the figure, the Nginx has been installed automatically!


4, Puppet kick function realization

Puppet client default is server every 30 minutes communication once, but sometimes, we want the server to be able to give the client an emergency push some transactions, so there is puppet kick.

1. Edit the client configuration file /etc/puppet/puppet.conf

[Email protected] 2.7.25]# echo "Listen=true" >>/etc/puppet/puppet.conf


2. Edit or create a new file on the client /etc/puppet/namespaceauth.conf, containing the following content

[Puppetrunner]allow *.gulong.com


3, the client to edit the file auth.conf, add the following content

Path    /run  method  Save  auth any allow   www.gulong.com


Client Restart Puppet

[Email protected] puppet]# service puppet restart


4. Running push commands on the server side

To demonstrate the effect, first modify the next Node1.gulong.com.pp[[email protected] puppet]# vim manifests/node1.gulong.com.pp//modified as follows: node ' Node1.gulong.com ' {include nginx::web}                                                                                                                                                                                                                        [[email protected] puppet]# puppet kick-p node1.gulong.com

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/28/62/wKiom1N4n8vwvp3AAACWCEhP98c499.jpg "title=" QQ pinyin unnamed. jpg "alt=" wkiom1n4n8vwvp3aaacwcehp98c499.jpg "/>


5. See if the configuration file changes on the client

[Email protected] puppet]# vim/etc/nginx/conf.d/default.conf

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/28/62/wKioL1N4oATjGSrnAAF78SQtibc139.jpg "title=" QQ pinyin unnamed. jpg "alt=" wkiol1n4oatjgsrnaaf78sqtibc139.jpg "/>

From the see, has been pushed to success!


5. Installation Configuration Puppet-dashboard

1. Install Puppet-dashboard Package

[[Email protected] ~]# CD 2.7.25/[[email protected] 2.7.25]# yum-y install puppet-dashboard-1.2.23-1.el6.noarch.rpm


2. Installing Rake

[[Email protected] 2.7.25]# gem install rake

The following error may occur:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/28/62/wKiom1N4syDyPA3rAACrAQWi2Xk164.jpg "title=" QQ pinyin unnamed. jpg "alt=" wkiom1n4sydypa3raacraqwi2xk164.jpg "/>

Workaround: This error is a network failure, not even the external network, you can modify the default gateway and other methods to connect to the extranet!


3. Database authorization

[[email protected] 2.7.25] #yum-y install mysql mysql-server[[email protected] 2.7.25]# service mysqld start[[email Protec  Ted] 2.7.25] #mysqlmysql > CREATE DATABASE dbdb Character Set utf8;mysql> grant all on dbdb.* to ' dbuser ' @ ' 172.16.%.% ' Identified by ' Dbpass ';mysql> grant all on dbdb.* to ' dbuser ' @ ' www.gulong.com ' identified by ' Dbpass ';mysql> flush privileges;


4. Modify the Dashboard configuration file

Dashboard configuration file is/usr/share/puppet-dashboard/config/database.yml, modify the following parameters

Production:  host:172.16.8.1  database:dbdb  username:dbuser  password:dbpass  Encoding:utf8  Adapter:mysql


5. Importing dependent data tables for Dashboard

[Email protected] 2.7.25]# Cd/usr/share/puppet-dashboard/config/[[email protected] config]# rake gems:refresh_specs[ [Email protected] config]# rake rails_env=production db:migrate

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/28/62/wKioL1N4tJfzmkOTAAKLnI7f8lc114.jpg "title=" 1.jpg " alt= "Wkiol1n4tjfzmkotaaklni7f8lc114.jpg"/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/28/62/wKiom1N4tNagsYt0AATNyCJmy0s425.jpg "title=" 3.jpg " alt= "Wkiom1n4tnagsyt0aatnycjmy0s425.jpg"/>

Appears as import success!


6. Whether the test server can work properly

[Email protected] 2.7.25]#/USR/SHARE/PUPPET-DASHBOARD/SCRIPT/SERVER-E production

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/28/62/wKioL1N4tQ7CJlsaAAFsDGxLv2A141.jpg "title=" 2.jpg " alt= "Wkiol1n4tq7cjlsaaafsdgxlv2a141.jpg"/>

By default, it listens on the 3000/TCP port, which can now access the appropriate service.


650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/28/62/wKioL1N4tUqzBSDTAAIMu4oZ3wA498.jpg "title=" QQ pinyin unnamed. jpg "alt=" wkiol1n4tuqzbsdtaaimu4oz3wa498.jpg "/>

You can now add nodes and class files to the page!


At this point, the puppet C/S mode application has been introduced, the shortcomings, please more guidance!

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.