需要軟件包：ruby,facter，puppet

前提要求客戶端能解析到服務端的hostname

puppet服務端配置：

?

tar zxvf facter-1.6.5.tar.gz cd facter-1.6.5 ruby install.rb cd .. tar zxvf puppet-2.6.13.tar.gz cd puppet-2.6.13 ruby install.rb cp conf/auth.conf /etc/puppet/ cp conf/redhat/fileserver.conf /etc/puppet/ cp conf/redhat/puppet.conf /etc/puppet/ cp conf/redhat/server.init /etc/init.d/puppetmaster chmod +x /etc/init.d/puppetmaster chkconfig --add puppetmaster chkconfig puppetmaster on mkdir -p /etc/puppet/manifests 生成pupput用戶 [root@testsns opt]# puppetmasterd --mkusers 啟動 [root@testsns opt]# /etc/init.d/puppetmaster start

fileserver.conf文件的配置：

[files]
path /opt/
allow *
[yum]
path /etc/yum/
allow *

site.pp文件的配置：

node default {???? #m所有客戶端都同步，單獨客戶端同步：node hostname
??????? file {
??????????????? "test":
??????????????? name => "/tmp/1.txt",
??????????????? content => template("/etc/passwd"),
??????? }
??????? file {
??????? "/opt/install.log":
??????? content => "test,my first puppetmaster",
??????? ensure => present,
??????? mode => 666,
??????? owner => puppet,
??????? group => puppet,
??????? }
??????? file {
??????? "/tmp/install.log":
??????? source => "puppet://node3.wanghaihao.cn/files/install.log",
??????? ensure => present,
??????? owner => puppet,
??????? group => puppet,
??????? mode => 666,
??????? }
??????? file {
??????? "/tmp/puppet-2.6.17.tar.gz":
??????? source => "puppet://node3.wanghaihao.cn/files/puppet-2.6.17.tar.gz",
??????? }
# tian jia group
??????? group {
??????? "haihao":
??????? gid=>1000,
??????? ensure => present,
??????? }
#tian jia user
??????? user {
??????? "haihao":
??????? uid => 1000,
??????? gid => 1000,
??????? home => "/home/haihao",
??????? shell => "/bin/bash",
??????? password => "123456",
??????? ensure => present,
??????? }
#yum an zhuang ruan jian
??????? package {
??????????????? "httpd":
??????????????? ensure => installed,
??????? }
#yum xie zai ruan jian
??????? package {
??????????????? "ftpd":
??????????????? ensure => absent,
??????? }
??????? service {
??????????????? "httpd":
??????????????? ensure => running,????????????? #kai qi fu wu
??????????????? enable => false,??????????????? #kai ji bu zi qi dong
??????? }
??????? service {
??????????????? "atd":
??????????????? ensure => stopped,????????????? #guan bi fu wu
??????????????? enable => true,???????????????? #kai ji zi qi dong
??????? }
??????? cron { "ntpdate":
??????????????? command => "/usr/sbin/ntpdate 192.168.1.103",
??????????????? user => root,
??????????????? minute => 0,
??????????????? hour => 1,
??????? }
??????? exec { "build-Nagios Plugins":
??????????????? cwd => "/root",
??????????????? command => "/bin/tar xzf nagios-plugins-1.4.15.tar.gz && cd nagios-plugins-1.4.15 && sh configure && make && make install",
??????????????? creates => "/usr/local/nagios",
??????????????? logoutput => on_failure,
??????????????? timeout => 0,
??????? }

??????? exec { "exec-mkdir":

????????? cwd => "/opt",

????????? command => "sh /opt/hh.sh",

????????? user => "root",

???????? path => "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin",

??????? }

#tong bu mu lu
??????? file { "/tmp/test":
??????????????? owner => puppet,
??????????????? group => puppet,
??????????????? purge => true,
??????????????? recurse => true,
??????????????? force => true,
??????????????? source => "puppet://node3.wanghaihao.cn/yum/",
??????? }
}

客戶端的配置：

?

tar zxvf facter-1.6.5.tar.gz cd facter-1.6.5 ruby install.rb cd .. tar zxvf puppet-2.6.13.tar.gz cd puppet-2.6.13 ruby install.rb cp conf/auth.conf /etc/puppet/ cp conf/namespaceauth.conf /etc/puppet/ cp conf/redhat/puppet.conf /etc/puppet/ cp conf/redhat/client.init /etc/init.d/puppet chmod +x /etc/init.d/puppet vi /etc/puppet/puppet.conf --- [agent] Listen = true

Server = testsns puppetmasterd --mkusers /etc/init.d/puppet start ?

namespaceauth.conf文件的配置：

[fileserver]
??? allow *

[puppetmaster]
??? allow *

[puppetrunner]
??? allow *

[puppetbucket]
??? allow *

[puppetreports]
??? allow *

[resource]
??? allow *

測試：

認證：

客戶端發送請求 Puppeted --test –server testsns 服務器查看 Puppetca –list 服務器端簽名 Puppetca –s –a//對所有客戶端全部簽名 Puppetca –s nfstest?//只簽名某個客戶端

認證報錯：時間問題，處理辦法：

客戶端：pppet --genconfig | grep certdir

rm -rf? /var/lib/puppet/ssl

puppetd --test -server? $hostname

服務端：

puppetca -l

puppetca -s $hostname

轉載于:https://blog.51cto.com/hhwong/1163883

總結

以上是生活随笔為你收集整理的puppet初探的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。