Puppet's Nginx+foreman

Source: Internet
Author: User
Tags character set log mysql create database

Foreman Architecture:

This paper mainly describes the construction of foreman, and integration into the nginx process

Environment Description:

CentOS 5.8 x86_64

Puppet version:3.1.1

Master hostname:server.domain.com

Client hostname:client.test.com

1,puppet,nginx environment is installed by the previous article Puppet,nginx,ruby, etc. 2, configure Yum source # RPM-IVH Http://yum.theforeman.org/releas es/1.1/el5/x86_64/foreman-release-1.1stable-3.el5.noarch.rpm 3, install Foreman,foreman-proxy # yum-y install F    
Oreman-installer # ruby/usr/share/foreman-installer/generate_answers.rb Input three times y # yum install Ruby-mysql # yum-y Install foreman Foreman-proxy # chown foreman.foreman-r/usr/share/foreman # su-foreman-s/bin/bas H-c/usr/share/foreman/extras/dbmigrate # vim/usr/share/foreman/config/database.yml original file for Sqllite configuration, here to MySQL as ================================================= production:adapter:mysql for database storage Database:pupp ET username:puppet password:puppet host:localhost socket: "/tmp/mysql.sock" ==============     
=================================== mysql> Create database puppet CHARACTER SET UTF8; Mysql> grant all privileges in puppet.* to Puppet@ ' localhost ' identified by ' puppet ';     
        
mysql> flush Privileges; # cd/usr/share/foreman/rails_env=production Rake db:migrate rake puppet:migrate:populate_hosts Rails_env=produ ction # chown Foreman.foreman/usr/share/foreman/tmp/secret_token # Vim/etc/foreman-proxy/settings.ym L ==========================================================: trusted_hosts:-server.domain.com:p upp Etca:true:p uppet:true:p uppet_conf:/etc/puppet/puppet.conf ==================================================== ===== #/etc/init.d/foreman-proxy Start proxy Port 8443 4, integrated into Nginx Nginx virtual host as follows: server {Liste    
        n 443;    
        server_name server.domain.com;    
        SSL on;    
        SSL_CERTIFICATE/VAR/LIB/PUPPET/SSL/CERTS/SERVER.DOMAIN.COM.PEM;    
                
        SSL_CERTIFICATE_KEY/VAR/LIB/PUPPET/SSL/PRIVATE_KEYS/SERVER.DOMAIN.COM.PEM; #Verify PuppetmastER clients against Puppet CA Ssl_crl/var/lib/puppet/ssl/ca/ca_crl.pem;    
        SSL_CLIENT_CERTIFICATE/VAR/LIB/PUPPET/SSL/CERTS/CA.PEM;    
        Ssl_verify_client Optional;    
        
        Ssl_verify_depth 1;    
        Access_log/usr/local/nginx/logs/foreman_access.log;    
        Error_log/usr/local/nginx/logs/foreman_error.log Debug;    
        
        Root/usr/share/foreman/public;    
        Passenger_enabled on;    
        Passenger_set_cgi_param HTTPS on;    
        Passenger_set_cgi_param ssl_client_s_dn $ssl _client_s_dn;    
        
       Passenger_set_cgi_param ssl_client_verify $ssl _client_verify;   #/etc/init.d/nginxd Start # # #启动nginx 5, Access Foreman input URL: https://server.domain.com default account: admin Password: changeme To configure More-configureation-smart proxies----Add proxy address after entering: https://server.domain.com:8443 # Vim/etc/puppet/node.rb:url => "Https://server.doMain.com ", 6, set up the automatic import Foreman # Cp/usr/share/foreman-installer/foreman/templates/foreman-report.rb.er B/USR/LIB/RUBY/SITE_RUBY/1.8/PUPPET/REPORTS/FOREMAN.RB # VIM FOREMAN.RB modified to configure, the other unchanged (PS: Has been stuck in the wrong) #<%= ERB. New (File.read (File.expand_path ("_header.erb", File.dirname (File))). Result (binding)-%> # Copy this File to your rep Ort dir-e.g./usr/lib/ruby/1.8/puppet/reports/# Add this is in your puppetmaster reports-e.g R puppet.conf Add: # Reports=log, Foreman # (or any other reports to you want) # URL of your foreman install ation $foreman _url = ' https://server.domain.com ' # If CA is specified, remote foreman host'll be verified $forem An_ssl_ca = "/var/lib/puppet/ssl/certs/ca.pem" # Ssl_cert and key are required if Require_ssl_puppetmasters is enabled in Foreman $foreman _ssl_cert = "/var/lib/puppet/ssl/certs/server.domain.com.pem" $foreman _ssl_key = "/var/lib/puppet/ Ssl/private_keys/server.domaIn.com.pem "The client needs to modify the agent configuration as follows [agent] Classfile = $vardir/classes.txt localconfig = $vardi R/localconfig-Pluginsync = True Masterport = 8140 environment = Producti On certname = client.test.com Server = server.domain.com Listen = True server-side modifications [MA Ster] Autosign = $confdir/autosign.conf {mode = 664} reports = Log,foreman external _nodes =/etc/puppet/node.rb Node_terminus = Exec ca = True ======================= 7,cla Ss,host.facts Import Foreman #cd/usr/share/foreman #导入hosts and facts rake puppet:import:hosts_and_facts Rails_env=produ Ction the modules underneath/etc/puppet/modules to/etc/puppet/modules/production in Foreman Web Admin mode---configuration---puppet Classes click Import from server

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.