puppet4 passenger布署
来源:互联网 发布:测试bpm软件 编辑:程序博客网 时间:2024/04/28 17:41
puppet4 passenger布署
本文参考自puppetlabs官方passenger布署文档,增加了一些细节的处理,比官方文档更详细。本文测试环境为centos6.2,puppet4.3。
安装apache
yum install httpd httpd-devel
卸载系统自带ruby
由于puppet4.3已经自带了2.1的ruby,可能会与系统自带版本冲突,所以卸载掉比较安全,免得ruby环境太混乱了。
yum remove ruby
将puppet下的bin目录加到PATH里去,再执行ruby -v看到的ruby版本就是puppet自带的版本了。
export PATH=$PATH:/opt/puppetlabs/puppet/binruby -v ruby 2.1.7p400 (2015-08-18 revision 51632) [x86_64-linux]
用gem安装puppet代码
如果默认gem源用不了,就用http的源试下。
gem sources --remove https://rubygems.org/gem sources -a http://rubygems.org/gem install -V puppet -v 4.3.1
安装Rack/Passenger
注意,修改passenger-install-apache2-module的ruby路径为puppet自带ruby路径:/opt/puppetlabs/puppet/bin/ruby。
gem install -V rack passengervim /usr/bin/passenger-install-apache2-module#!/opt/puppetlabs/puppet/bin/ruby passenger-install-apache2-module
将以下代码拷贝至apache配置文件里,不同的环境配置可能不同,按照passenger-install-apache2-module的提示来。最后回车就搞定了。
LoadModule passenger_module /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/passenger-5.0.27/buildout/apache2/mod_passenger.so <IfModule mod_passenger.c> PassengerRoot /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/passenger-5.0.27 PassengerDefaultRuby /opt/puppetlabs/puppet/bin/ruby </IfModule>
安装Puppet Master Rack
找到config.ru文件,这个文件应该在puppet代码下面,
# locate config.ru /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/puppet-4.3.1/ext/rack/config.ru
然后给应用程序建目录,并把刚刚找到的config.ru文件拷贝过去,将config.ru属主权限改成puppet,
$ sudo mkdir -p /usr/share/puppet/rack/puppetmasterd$ sudo mkdir /usr/share/puppet/rack/puppetmasterd/public /usr/share/puppet/rack/puppetmasterd/tmp$ sudo cp /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/puppet-4.3.1/ext/rack/config.ru /usr/share/puppet/rack/puppetmasterd/$ sudo chown puppet:puppet /usr/share/puppet/rack/puppetmasterd/config.ru
最终目录结构如下:
# tree /usr/share/puppet/usr/share/puppet└── rack └── puppetmasterd ├── config.ru ├── public └── tmp4 directories, 1 file
配置apache
在/etc/httpd/conf.d新建puppetmaster.conf文件,将下面内容拷贝进去。将SSL文件路径修改成自己的实际路径。
# You'll need to adjust the paths in the Passenger config depending on which OS# you're using, as well as the installed version of Passenger.# Debian/Ubuntu:#LoadModule passenger_module /var/lib/gems/1.8/gems/passenger-4.0.x/ext/apache2/mod_passenger.so#PassengerRoot /var/lib/gems/1.8/gems/passenger-4.0.x#PassengerRuby /usr/bin/ruby1.8# RHEL/CentOS:#LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-4.0.x/ext/apache2/mod_passenger.so#PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-4.0.x#PassengerRuby /usr/bin/ruby# And the passenger performance tuning settings:# Set this to about 1.5 times the number of CPU cores in your master:PassengerMaxPoolSize 12# Recycle master processes after they service 1000 requestsPassengerMaxRequests 1000# Stop processes if they sit idle for 10 minutesPassengerPoolIdleTime 600Listen 8140<VirtualHost *:8140> # Make Apache hand off HTTP requests to Puppet earlier, at the cost of # interfering with mod_proxy, mod_rewrite, etc. See note below. PassengerHighPerformance On SSLEngine On # Only allow high security cryptography. Alter if needed for compatibility. SSLProtocol ALL -SSLv2 -SSLv3 SSLCipherSuite EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA SSLHonorCipherOrder on SSLCertificateFile /etc/puppetlabs/puppet/ssl/certs/puppet-server.example.com.pem SSLCertificateKeyFile /etc/puppetlabs/puppet/ssl/private_keys/puppet-server.example.pem SSLCertificateChainFile /etc/puppetlabs/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile /etc/puppetlabs/puppet/ssl/ca/ca_crt.pem SSLCARevocationFile /etc/puppetlabs/puppet/ssl/ca/ca_crl.pem SSLCARevocationCheck chain SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +ExportCertData # Apache 2.4 introduces the SSLCARevocationCheck directive and sets it to none # which effectively disables CRL checking. If you are using Apache 2.4+ you must # specify 'SSLCARevocationCheck chain' to actually use the CRL. # These request headers are used to pass the client certificate # authentication information on to the Puppet master process RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e DocumentRoot /usr/share/puppet/rack/puppetmasterd/public <Directory /usr/share/puppet/rack/puppetmasterd/> Options None AllowOverride None # Apply the right behavior depending on Apache version. <IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> <IfVersion >= 2.4> Require all granted </IfVersion> </Directory> ErrorLog /var/log/httpd/puppet-server.example.com_ssl_error.log CustomLog /var/log/httpd/puppet-server.example.com_ssl_access.log combined</VirtualHost>
重启apache,到这里安装应该是完成了,到客户端执行puppet agent -t试下,结果抛出一堆错误,查看apahce错误日志,发现/bin/uname这个东西puppet没有执行权限,加上权限,再来。
message from application: Permission denied - /bin/uname (Errno::EACCES) chmod +x /bin/uname /etc/init.d/httpd restart
很不幸,依然报错,那就继续排错。花了不小力气,最后发现居然是/var/log/puppetlabs/puppetmaster这个路径没有建立导致。建好目录后,就一切ok了,最后附图一张。
- puppet4 passenger布署
- 布署
- Puppet4学习笔记:RHEL7下安装puppet4.3
- passenger + apache
- Phusion Passenger
- weblogic布署
- tomcat 布署
- Phusion Passenger apache配置
- Phusion Passenger design & architecture
- passenger安装nginx
- puppet 使用Apache+passenger
- passenger nginx相关资料
- rails nginx + passenger
- Timus 1885 Passenger Comfort
- Passenger 和 Nginx
- Passenger + Nginx 部署Rails
- Passenger Comfort URAL
- Passenger + Nginx 部署Rails
- PB字符串处理函数
- iOS开发——纯代码界面(自定义UITableViewCell)
- [数论 CRT] BZOJ 2976 [Poi2002]出圈游戏
- 初见《一个操作系统的实现》
- 23个硬币的问题
- puppet4 passenger布署
- 多个设备同一个驱动
- A. Link/Cut Tree
- 黑客动画吧-黑客闯关之古墓探秘攻略
- 深入理解Java 8 Lambda(语言篇——lambda,方法引用,目标类型和默认方法)
- 数组
- 机器学习中的各种相似度度量
- Android进程保活方法
- 二维数组和三维数组