Puppet Update method

The puppet Update method based on C/s architecture generally has two kinds, one is the agent side set synchronization time active to puppet Master end pull configuration, the other is through the puppet master side use Puppet Kick command or trigger update configuration with mcollctive.

1. Proactive Updates

Advantages:

nodes are actively updated periodically, regardless of who has changed the configuration of the node by puppet management, and will automatically fix it within the specified time, without the need for administrator login to view it.

The environment is simple to set up, do not need very complex architecture, Puppet itself C/s architecture can be completed.

Disadvantages:

If the number of nodes is too large, an update request will be initiated to the puppetmaster side, resulting in a puppetmaster performance bottleneck. There are, of course, some solutions, such as setting up task schedules and updating nodes in batches.

since the node periodically updates the puppet master-side fetch configuration, this requires that the environment on the master side of the puppet be sufficiently secure.

You cannot manually control which servers need to be updated and which do not.

Automatic Update mode configuration is very simple, only need to add Runinterval field in the node configuration file puppet.conf to achieve automatic update, the following steps simple test
Note: By default, there is no runinterval field in the puppet.conf configuration file, and if not configured, the default is to automatically synchronize every 30 minutes.

1). Change the agent configuration file. Add the Runinterval field.

(2) Restart the client service

[Email protected]:p uppet#/etc/init.d/puppet restartstopping puppet agent:                                     [  OK  ]starting puppet agent:                                     [  OK  ]

(3) query log, you can see every 10 seconds Agent to puppet master synchronization

[Email protected]:tmp# tail-f/var/log/messagesdec 10:25:21 agent puppet-agent[12155]: finished catalog run in 0.06 SE Condsdec 10:25:31 Agent puppet-agent[12280]: finished catalog run in 0.05 secondsdec a 10:25:41 agent puppet-agent[124 : Finished catalog run in 0.07 Secondsdec 10:25:51 agent puppet-agent[12530]: finished catalog run in 0.06 SECONDSDE C 10:26:01 Agent puppet-agent[12655]: finished catalog run in 0.05 Secondsdec 10:26:11 agent puppet-agent[12780]: Fi nished catalog run in 0.13 seconds

(4) can also be named to test.

[Email protected]:p uppet#/etc/init.d/puppet stopstopping puppet agent:                                     [  OK  ][email protected]:p uppet# [ Email protected]:p uppet# puppet agent--verbose--no-daemonizenotice:starting Puppet client version 3.7.3info:retrievin G pluginfactsinfo:retrieving plugininfo:caching Catalog for agent.domain.comInfo:Applying configuration version ' 14182  92313 ' notice:finished catalog run in 0.07 secondsinfo:retrieving pluginfactsinfo:retrieving plugininfo:caching Catalog For agent.domain.comInfo:Applying configuration version ' 1418292313 ' notice:finished catalog run in 0.04 secondsinfo:re trieving pluginfactsinfo:retrieving plugininfo:caching Catalog for agent.domain.comInfo:Applying configuration Version ' 1418292313 ' notice:finished catalog run in 0.10 seconds

2. Push Updates

Push updates are controlled by puppet kick or mcollective to control when nodes get configuration change information to the puppetmaster side. This method is relatively easy to control, mainly in the following aspects:

Advantages:

very easy to control the update cycle of nodes
Security is high, you can check the code and update it before each update.
You can push updates for a single cluster (a group of servers) with a high flexibility.
Strong scalability to integrate a variety of other platforms

Disadvantages:
more complex environment, need to deploy n many things
After the agent configuration has been tampered with, it needs to be triggered manually to recover and not be able to recover in time

1). Puppet Kick Way

Puppet kick is a command triggered by the puppetmaster side of the way to update, due to the problem of the lock is difficult to solve and host unit control is not very flexible, gradually abandoned, Puppetlabs also saw this, so the acquisition of MCOLLECITVE.

2). mcollective trigger mode need to build MCOLLECTIVE+MQ architecture, set up and then pass the Puppet command to MQ by the MCO command to assign to a set of nodes up.

This approach will be followed by a separate document presentation.

Puppet Update method