Installation configuration deployment for Linux puppet

I. Introduction of Puppet

Puppet is a configuration management software designed for data Center Automation management that manages the entire lifecycle of your IT Infrastructure: provisioning (provisioning) provisioning (configuration), Linkage (orchestration) and reporting (reporting). Puppet is based on the C/s architecture, similar to Zabbiz, with the master and Agent node points. It is an open source (not really open source, because of the commercial and Community editions), a new generation of centralized configuration management tools, developed by the Ruby language, it has its own configuration language (Pcl,puppet configuration language).

Puppet is able to code the daily system management of it, and the code can be reused, which reduces the workload of operations personnel and enables rapid and large-scale deployment of servers. In Puppet's world has its own philosophical thought: in IT system management, puppet only pays attention to the result, does not care about the process! This words how to understand, such as Puppet's Master end to each agent to install the Nginx this package and start the service, puppet agent face only to the master side report whether the software is installed, the service has been started, Puppet doesn't care how the software is installed, how the service starts, it only cares about the results.

Second, puppet working principle

1, puppet there are two ways of working, one is the independent mode of work (Standalon), the other is master-agent way , here mainly introduces the C/S method.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/6F/38/wKioL1WU_qmDdUg_AAGkoWRL1eY996.jpg "title=" 123. JPG "alt=" wkiol1wu_qmddug_aagkowrl1ey996.jpg "/>

Briefly:

Manifest: The literal meaning is a list, in this case refers to the puppet code of various resources, is a PCL written code;

Catalog: Represents the various manifest compiled after the generated executable code, also known as pseudo-code;

Apply: Generate catalog after puppet can put the code to use, in the use of the pseudo-code before the detection, detection before execution.

A), agent request to host the catalog code, in the request to bring their own host name and Facts,facts contains the agent server itself some of the system features, such as what the operating system is, which version, CPU is what model, memory how big and so on information;

b), Master received a request from the agent to start querying this node contains the list, the resources are found and compiled into catalog, and then sent to the agent;

c), the agent received the catalog and began to apply the code, and the implementation of the status of the resulting report returned to master;

d), Master receives reports and logs.

2, puppet certification mechanism

Puppet has its own certificate management mechanism, communication between agent and Master is required to be certified by master, The certificate is stored in/var/lib/puppet/ssl/.

The first time the process is enabled in Master/agent:

A), master startup will generate a key for themselves, and signed a certificate, so that they become a CA;

b), agent for the first time to generate a key for itself, generate a certificate signing request, and send a certificate request to master request to sign;

c), master receives the agent's certificate signing request, the administrator first verifies the request is legitimate, and then the certificate signing request signed or not signed.

Third, the installation of puppet

Puppet since it is the C/S architecture, the installation package will have the master installation package and agent installation package points. The following installation and testing are based on the CentOS 6.4_x86_64 system, the Epel source also contains the puppet package, so I use Yum installation as an example, you can puppet the official Yum source to install, the official Yum software version is relatively new, Official Yum address http://yum.puppetlabs.com/el/6.5/products/x86_64/, you can also use Epel source installation, I recommend that the installed version is puppet 2.7.25 or 3.6.2, the puppet open source community currently offers four versions of the branch:

Puppet 0.22.1--->0.25.5 puppet early branch, the current website has no longer provide technical support;

Puppet 2.6.0--->2.6.18 the security branch currently being maintained, has ceased to develop;

Puppet 2.7.0--->2.7.26 is currently maintaining the branch of the security version, is also a relatively popular version of the branch;

Puppet 3.0.0--->3.8.* the version branch currently in development.

So I recommend using the Epel yum source for installation, and Yum offers a version that is currently 2.7.26, and installing puppet relies on Ruby Facter,yum installation to resolve these dependencies.

1, first install Epel source

Install EPEL6 yum Source under RHEL/CENTOS/SL Linux 6.x:

32-bit System selection:

# RPM-IVH http://download4.fedora.redhat.com/pub/epel/6/i386/epel-release-6-8.noarch.rpm

64-bit System selection:

# RPM-IVH http://download4.fedora.redhat.com/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

2, puppet master end of the installation

# yum Install puppet-server-y

3, puppet agent side of the installation

# yum Install Puppet-y

4, puppet some of the use of commands

# PUPPET-V//view version of Puppet

# Puppet Help//view some subcommands supported by puppet

# Puppet Agent--configprint Confdir//View the directory of configuration files

Iv. Configuration of Puppet

1. Introduction of configuration Files

the path to the configuration file is/etc/puppet

auth.conf configuration file is the Agent Access Master's permission authentication file;

The autosign.conf configuration file is the configuration file that the master automatically signs the agent certificate;

The fileserver.conf configuration file is the configuration file that the master synchronizes static files to the agent;

Mainfests/agent the navigation files and logical files in the library, the files in this directory are also called lists;

module/Base Module Catalog

The puppet.conf profile is the primary configuration file for the master daemon

2, Puppet master configuration file Common configuration parameters

[Master]

Bindaddress = 0.0.0.0 Monitor on all NICs

Masterport = 8140 Listening port

Ssldir = $vardir/ssl The configuration path where the signature file is stored

LogDir =/var/log/puppet

This article is from the "Stones" blog, make sure to keep this source http://wangzan18.blog.51cto.com/8021085/1670254

Installation configuration deployment for Linux puppet