Puppet

安装

Server端

yum install -y puppetserver
service puppetserver start  # 有些用的是puppetmaster,如果启动报内存限制,那么修改配置/etc/sysconfig/puppetserver将 JAVA_ARGS="-Xms512m -Xmx512m"修改为JAVA_ARGS="-Xms2g -Xmx2g"

Client端

sudo rpm -Uvh https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm # 这里要注意版本是6还是7
yum install -y puppet-agent

dashboard的安装

参考文章

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# 首先得有数据库
create database puppetdash # 创建用户
grant all privileges on puppetdash.* to puppetdash@localhost identified by 'password';
flush privileges;

# 安装软件
rpm -ivh http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-1.noarch.rpm
yum -y install puppet-dashboard

# 修改puppet-dashboard配置
cp /usr/share/puppet-dashboard/config/settings.yml.example /usr/share/puppet-dashboard/config/settings.yml
vim /usr/share/puppet-dashboard/config/database.yml 内容如下:
/usr/share/puppet-dashboard/config/database.yml
production:
database: puppetdash
username: puppdash
password: motorrobot
encoding: utf8
adapter: mysql
development:
database: puppetdash
username: puppdash
password: motorrobot
encoding: utf8
adapter: mysql

# 生成数据
cd /usr/share/puppet-dashboard
rake db:migrate
/etc/init.d/puppet-dashboard start

# 修改puppet的配置
vim /etc/puppet/puppet.conf # 添加内容
report = true
[master]
reports = store, http
reporturl = http://192.168.99.1:3000/reports/upload

# 启动服务
puppetd -t
chown puppet-dashboard /usr/share/puppet-dashboard/log/
chkconfig puppet-dashboard on
chkconfig puppet-dashboard-workers on
chkconfig mysqld on
/etc/init.d/puppet-dashboard restart
/etc/init.d/puppet-dashboard-workers restart

Hello World举例

  1. 新建module

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    cd /opt/puppetlabs/puppet/modules/
    mkdir -p helloworld/manifests/

    vim helloworld/manifests/init.pp # 内容如下:
    class helloworld {
    notify { 'hello, world!': }
    }

    vim helloworld/manifests/motd.pp # 内容如下:
    class helloworld::motd {
    file { '/etc/motd':
    owner => 'root',
    group => 'root',
    mode => '0644',
    content => "hello, world!\n",
    }
    }
  2. 将module添加到主配置文件

    1
    2
    3
    4
    5
    6
    cd /etc/puppetlabs/code/environments/production/manifests
    vim site.pp # 内容如下:
    node default{
    class { 'helloworld': }
    class { 'helloworld::motd': }
    }

测试

分别在两个端启动puppet服务,然后客户端执行puppet agent -t

TroubleShooting

  • 客户端显示”no certificate found and waitforcert is disabled”,可以首先在server端puppet cert list看看是否有客户端的认证请求,如果有,就在服务器端执行puppet cert sign agent_name

  • 出现如下错误:

    Exception in thread "main" java.lang.IllegalStateException: Cannot initialize master with partial state; need all files or none.
    Found:
    /etc/puppetlabs/puppet/ssl/private_keys/puppet.novalocal.pem
    Missing:
    /etc/puppetlabs/puppet/ssl/certs/puppet.novalocal.pem
    

    这个问题一般是由于客户端比服务端先开启服务造成的
    rm -rf /etc/puppetlabs/puppet/ssl/*