puppet学习
一.安装
配置yum源:公司自己的yum源
vim /etc/yum.repos.d/puppet.repo
[Funcity-yum]
name=Funcity-yum
baseurl=http://115.182.60.66/yum/centos/$releasever/$basearch
enabled=1
gpgcheck=0
name=Funcity-yum
baseurl=http://115.182.60.66/yum/centos/$releasever/$basearch
enabled=1
gpgcheck=0
C端和S端都要安装ruby,因为puppet是ruby写的。
yum install -y ruby ruby-libs ruby-shadow
S端安装:yum -y install puppet puppet-server facter
C端安装:yum -y install puppet
这样puppet的服务端和客户端就安装好了
二.准备工作
修改C端主机名 Vim /etc/sysconfig/network
C和S端时间校正 两端都运行
yum install -y ntp
time.nist.gov
三.配置
在将C主机名修改为固定规则后,在S端配置自动签名
在S端的puppet.conf文件里配置
autosign=true
autosign=/etc/puppet/autosign.conf
autosign=/etc/puppet/autosign.conf
在autosign.conf里设置自动验证主机名的规则
这样C端的规则主机名的主机就可以自动验证而不需要S端手动签名
S端结构
[root@localhost puppet]# tree -d
.
|-- manifests
|-- modules
| |-- cron
| | |-- files
| | `-- manifests
| |-- jxqy
| | |-- files
| | | `-- script
| | | `-- log
| | `-- manifests
| |-- mysql
| | |-- files
| | `-- manifests
| `-- system
| |-- files
| | `-- yum.repos.d
| `-- manifests
`-- ssl
|-- ca
| |-- private
| |-- requests
| `-- signed
|-- certificate_requests
|-- certs
|-- private
|-- private_keys
`-- public_keys
.
|-- manifests
|-- modules
| |-- cron
| | |-- files
| | `-- manifests
| |-- jxqy
| | |-- files
| | | `-- script
| | | `-- log
| | `-- manifests
| |-- mysql
| | |-- files
| | `-- manifests
| `-- system
| |-- files
| | `-- yum.repos.d
| `-- manifests
`-- ssl
|-- ca
| |-- private
| |-- requests
| `-- signed
|-- certificate_requests
|-- certs
|-- private
|-- private_keys
`-- public_keys
主要是manifests和modules两个目录
[root@localhost puppet]# cat manifests/site.pp
$puppet_server="192.168.65.128"
$puppet_server="192.168.65.128"
Exec
{
path=>["/bin","/sbin","/usr/bin","/usr/sbin"],
}
{
path=>["/bin","/sbin","/usr/bin","/usr/sbin"],
}
node /^test/ ##定义符合此节点的C端执行以下模块
{
include system::selinux
include system::yum-repo
include mysql::server
include cron
include jxqy
}
{
include system::selinux
include system::yum-repo
include mysql::server
include cron
include jxqy
}
selinux和yum模块:
两个模块是定义在系统这一块的,所以放在一起了
进入system目录后,建接口文件init.pp
class system::selinux
{
file
{
"config":
path=>"/etc/selinux/config",
source=>"puppet://$puppet_server/system/config",
}
}
{
file
{
"config":
path=>"/etc/selinux/config",
source=>"puppet://$puppet_server/system/config",
}
}
class system::yum-repo
{
exec
{
"clean yum cache":
command => "yum clean all",
}
file
{
"yum.repos.d":
path=>"/etc/yum.repos.d",
source=>"puppet://$puppet_server/system/yum.repos.d",
ensure=>"directory",
purge=>"true",
recurse=>"true",
require=>Exec["clean yum cache"],
}
}
{
"yum.repos.d":
path=>"/etc/yum.repos.d",
source=>"puppet://$puppet_server/system/yum.repos.d",
ensure=>"directory",
purge=>"true",
recurse=>"true",
require=>Exec["clean yum cache"],
}
}
在files目录建config和yum的文件
[root@localhost system]# ls
files manifests
[root@localhost system]# cd files/
[root@localhost files]# ls
config profile yum.repos.d
files manifests
[root@localhost system]# cd files/
[root@localhost files]# ls
config profile yum.repos.d
这样,这两个模块就完成了。
安装软件vixie-cron和mysql-server
[root@localhost cron]# cat manifests/init.pp
class cron
{
package
{
"vixie-cron":
ensure=>"installed",
require=>File["yum.repos.d"],
}
}
class cron
{
package
{
"vixie-cron":
ensure=>"installed",
require=>File["yum.repos.d"],
}
}
[root@localhost modules]# cat mysql/manifests/init.pp
class mysql::server
{
package
{
"mysql-server":
ensure=>"installed",
require=>File["yum.repos.d"],
}
class mysql::server
{
package
{
"mysql-server":
ensure=>"installed",
require=>File["yum.repos.d"],
}
}
C端主机执行puppetd --test --server $puppetserver
文件和软件都会按要求OK