Because the 3.x series no longer support mongrel, so the use of Nginx+passenger to do load balancing; previously had Nginx+mongrel,puppet version is 2.7 series, so still can use;
Environment Description:
Operating system: CentOS 5.8 64-bit
Puppet version: 3.1 series
1, upgrade Ruby to 1.8.7, install RubyGems # RPM-UVH Http://rbel.frameos.org/rbel5 # yum install-y Ruby RubyGems ruby-devel.x86_ 64 2, install Puppet server # RPM-IVH Http://yum.puppetlabs.com/el/5/products/x86_64/puppetlabs-release-5-1.noa rch.rpm # yum Install-y puppet puppet-server 3, installing nginx dependent packets # Yum Install-y gcc make Pcre-devel ZL Ib-devel openssl-devel pam-devel curl-devel rpm-build 4 installation rake, rack and passenger Ruby Gems # Gem install Rake Rack Passenger--no-rdoc--no-ri 5, install Nginx compile parameters as follows, must contain passenger module # TAR-XJF PCRE-8.32.TAR.BZ2 -C/USR/LOCAL/SRC----pcre Download # TAR-XZF nginx-1.2.1.tar.gz-c/usr/local/src----extract Nginx Cd/usr/local/src/ng inx-1.2.1./configure--prefix= $NGINX _path--with-http_stub_status_module--with-http_ssl_module--with-pcre=/u sr/local/src/pcre-8.32--add-module= ' Passenger-config--root '/ext/nginx # make install 6, with Pass The combination of Enger # mkdir-p/etc/puppet/rack/public # cp/usr/share/puppet/ext/rack/files/config.ru/etc/puppet/rack/# chown-r Puppet:puppet
/etc/puppet/rack/# nginx.conf inside the specific content of the following user www www;
Worker_processes 1;
Error_log/usr/local/nginx/logs/error.log;
#error_log Logs/error.log Notice;
#error_log Logs/error.log Info;
Pid/usr/local/nginx/nginx.pid;
#Specifies the value for maximum file descriptors the can is opened by this process.
Worker_rlimit_nofile 65535;
events {use Epoll;
Worker_connections 65535;
HTTP {server_tokens off;
Include Mime.types;
Default_type Application/octet-stream; Log_format Main ' $remote _addr-$remote _user [$time _local] "$request" "$status $body _bytes_sent
"$http _referer" "$http _user_agent" "$http _x_forwarded_for";
#access_log Logs/access.log Main;
CharSet Utf-8;
Server_names_hash_bucket_size 128;
Client_header_buffer_size 32k;
Large_client_header_buffers 4 64k;
Client_max_body_size 8m;
Tcp_nopush on;
Tcp_nodelay on;
Keepalive_timeout 60;
Fastcgi_intercept_errors on;
Fastcgi_connect_timeout 300;
Fastcgi_send_timeout 300;
Fastcgi_read_timeout 300;
Fastcgi_buffer_size 64k;
Fastcgi_buffers 4 64k;
Fastcgi_busy_buffers_size 128k;
Fastcgi_temp_file_write_size 128k;
Open_file_cache max=65535 inactive=10s;
Open_file_cache_valid 30s;
Open_file_cache_min_uses 1;
gzip on;
Gzip_min_length 1k;
Gzip_buffers 4 16k;
Gzip_http_version 1.0;
Gzip_comp_level 2;
Gzip_types text/plain application/x-javascript text/css application/xml; Gzip_varyOn
# passenger needed for puppet passenger_root/usr/lib/ruby/gems/1.8/gems/passenger-3.0.19;
Passenger_ruby/usr/bin/ruby;
Passenger_max_pool_size 15;
Index index.html index.htm index.php;
server {Listen 80;
server_name localhost;
#access_log Logs/host.access.log Main;
Location/{root HTML;
Index index.php index.html index.htm;
} error_page 502 503 504/50x.html;
Location =/50x.html {root html;
} location ~ \.php$ {root html;
#fastcgi_pass 127.0.0.1:9000;
Fastcgi_pass Unix:/dev/shm/php.socket;
Fastcgi_index index.php;
Fastcgi_param script_filename $document _root/$fastcgi _script_name; Include Fastcgi_params;
} server {listen 8140 SSL;
server_name client.domain.com;
Passenger_enabled on;
Passenger_set_cgi_param http_x_client_dn $ssl _client_s_dn;
Passenger_set_cgi_param http_x_client_verify $ssl _client_verify;
Access_log/usr/local/nginx/logs/puppet_access.log;
Error_log/usr/local/nginx/logs/puppet_error.log;
Root/etc/puppet/rack/public;
SSL_CERTIFICATE/VAR/LIB/PUPPET/SSL/CERTS/CLIENT.DOMAIN.COM.PEM;
SSL_CERTIFICATE_KEY/VAR/LIB/PUPPET/SSL/PRIVATE_KEYS/CLIENT.DOMAIN.COM.PEM;
SSL_CRL/VAR/LIB/PUPPET/SSL/CA/CA_CRL.PEM;
SSL_CLIENT_CERTIFICATE/VAR/LIB/PUPPET/SSL/CA/CA_CRT.PEM; Ssl_ciphers Sslv2:-loW:-export:rc4+rsa;
Ssl_prefer_server_ciphers on;
Ssl_verify_client Optional;
Ssl_verify_depth 1;
Ssl_session_cache shared:ssl:128m;
Ssl_session_timeout 5m; Note that I am here to Puppet server hostname is client.domain.com, as for the specific key path of the people themselves according to their own environment and then adjust the puppet . conf [main] [agent] server = client.domain.com [Master] certname = Client.domain . com 7, verifying boot Nginx # lsof-i:8140 COMMAND PID USER FD TYPE DEVICE size/off NODE NAME nginx 20855 root 9u IPv4 421091 0t0 tcp *:8140 (LISTEN) nginx 20856 www 9u IPv4 421091 0t0 TCP *:8 140 (LISTEN) can find 8140 ports already up # Puppet agent--test--server client.domain.com info:retrieving Info: Caching Catalog for client.domain.com info:applying configuration version ' 1366960369 ' notice:finished catalog run In 0.16 seconds
Found to be working properly using # Tail/usr/local/nginx/log/puppet_access.log view Nginx Log 192.168.200.220--[26/apr/2013:21:12:15 +080 0] "get/production/node/client.domain.com?" http/1.1 "3502"-""-"192.168.200.220--[26/apr/2013:21:12:16 +0800]" get/production/file_metadatas/plugins?& links=manage&recurse=true&checksum_type=md5&ignore=---+%0a++-+%22.svn%22%0a++-+cvs%0a++-+%22.git% http/1.1 "283"-""-"192.168.200.220--[26/apr/2013:21:12:17 +0800]" post/production/catalog/client.domain.com http/1.1 "1033"-""-"192.168.200.220--[26/apr/2013:21:12:17 +0800]" put/production/report/client.domain.com HTTP /1.1 "200 14"-""-"has been recorded, 8. Adjust if the puppetmaster service has been made boot up, remember to turn off the # chkconfig puppetmaster off # chk Config Nginx on
So puppet load balance to this end, Nginx respectively and passenger,mongrel the combination of the finished