puppet 简单的安装及配置

系统环境：Centos 6.7 

根据系统加入PuppetLabs官方源

wget http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-7.noarch.rpmrpm -ivh puppetlabs-release-6-7.noarch.rpm

master端安装

yum install -y ruby facter puppet-server[main]    # The Puppet log directory.    # The default value is '$vardir/log'.    logdir = /var/log/puppet    # Where Puppet PID files are kept.    # The default value is '$vardir/run'.    rundir = /var/run/puppet    # Where SSL certificates are kept.    # The default value is '$confdir/ssl'.    ssldir = $vardir/ssl[agent]    # The file in which puppetd stores a list of the classes    # associated with the retrieved configuratiion.  Can be loaded in    # the separate ``puppet`` executable using the ``--loadclasses``    # option.    # The default value is '$confdir/classes.txt'.    classfile = $vardir/classes.txt    # Where puppetd caches the local configuration.  An    # extension indicating the cache format is added automatically.    # The default value is '$confdir/localconfig'.    localconfig = $vardir/localconfig    server  = puppet# 服务器名称[master]    certname = puppet# puppetmaster认证服务器名称#修改配置vim /etc/puppet/puppet.conf启动服务service puppet startservice puppetmaster start加入开启启动chkconfig  puppet onchkconfig  puppetmaster on[root@puppet ~]# puppet cert --list -all# 带“+”表明注册成功+ "puppet"      (SHA256) 41:CB:D2:51:8D:B1:48:6E:6E:97:CD:EE:5A:36:DB:F8:66:9B:F9:BB:57:F9:18:4C:11:3D:4E:0A:4E:9C:8F:04

安装Agent客户端

#绑定hostsvim /etc/hosts192.168.0.1 puppetyum install -y puppet facter[main]    # The Puppet log directory.    # The default value is '$vardir/log'.    logdir = /var/log/puppet    # Where Puppet PID files are kept.    # The default value is '$vardir/run'.    rundir = /var/run/puppet    # Where SSL certificates are kept.    # The default value is '$confdir/ssl'.    ssldir = $vardir/ssl[agent]    # The file in which puppetd stores a list of the classes    # associated with the retrieved configuratiion.  Can be loaded in    # the separate ``puppet`` executable using the ``--loadclasses``    # option.    # The default value is '$confdir/classes.txt'.    classfile = $vardir/classes.txt    # Where puppetd caches the local configuration.  An    # extension indicating the cache format is added automatically.    # The default value is '$confdir/localconfig'.    localconfig = $vardir/localconfig    server = puppet# 设置puppetmaster

# Agent发送身份验证 [root@api ~]# puppet agent -tInfo: Creating a new SSL key for apiInfo: Caching certificate for caInfo: csr_attributes file loading from /etc/puppet/csr_attributes.yamlInfo: Creating a new SSL certificate request for apiInfo: Certificate Request fingerprint (SHA256): 1B:71:9D:C6:09:F6:84:14:A2:23:3F:89:77:4F:16:DB:20:CD:B8:F7:1A:F0:90:54:13:ED:5A:9B:8E:AD:40:3EInfo: Caching certificate for caExiting; no certificate found and waitforcert is disabled# Master 查看请求验证[root@puppet ~]# puppet cert --sign --list  "api" (SHA256) 1B:71:9D:C6:09:F6:84:14:A2:23:3F:89:77:4F:16:DB:20:CD:B8:F7:1A:F0:90:54:13:ED:5A:9B:8E:AD:40:3E  # Master 通过客户端认证[root@puppet ~]# puppet cert --sign apiNotice: Signed certificate request for apiNotice: Removing file Puppet::SSL::CertificateRequest api at '/var/lib/puppet/ssl/ca/requests/api.pem'# 查看 Master 认证机器[root@puppet ~]# puppet cert list --all+ "api"    (SHA256) 6C:A7:50:6A:29:CD:09:A9:CA:0E:0F:84:81:33:97:34:C9:0E:CC:D2:A3:2D:52:F5:25:64:C3:98:A0:02:E6:07+ "puppet"      (SHA256) 41:CB:D2:51:8D:B1:48:6E:6E:97:CD:EE:5A:36:DB:F8:66:9B:F9:BB:57:F9:18:4C:11:3D:4E:0A:4E:9C:8F:04# Agent 测试认证后结果[root@api ~]# puppet agent -tInfo: Caching certificate for apiInfo: Caching certificate_revocation_list for caInfo: Caching certificate for apiWarning: Unable to fetch my node definition, but the agent run will continue:Warning: undefined method `include?' for nil:NilClassInfo: Retrieving pluginfactsInfo: Retrieving pluginInfo: Caching catalog for apiInfo: Applying configuration version '1510131350'Info: Creating state file /var/lib/puppet/state/state.yamlNotice: Finished catalog run in 0.03 seconds