puppet自动化部署
puppet 实现运维自动化管理的软件。
官方网站: http://puppetlabs.com/ pupptet下载链接:http://downloads.puppetlabs.com/puppet/
环境:192.168.16.63 服务器端 系统:centos6.5
192.168.16.64 客户端 系统:centos6.5
准备工作:
FQDN:
[root@tiandong64 ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.16.63 tiandong63 tiandong63.cn
192.168.16.64 tiandong64 tiandong64.cn
[root@tiandong63 ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.16.63 tiandong63 tiandong63.cn
192.168.16.64 tiandong64 tiandong64.cn
时间同步:
[root@tiandong63 ~]# ntpdate time.windows.com
[root@tiandong64 ~]# ntpdate time.windows.com
关闭防火墙
工作模式和端口
服务的对象,都是Server
C/S模式 8140端口
facter-1.6.7.tar 探测服务器上一些信息,http://downloads.puppetlabs.com/
puppet-2.7.3.tar puppet这个软件包,包括了puppetmaster服务器软件和puppetd客户端。
搭建Puppet服务器和客户端
服务端依赖解决
[root@tiandong63 ~]# yum install -y openssl openssl-devel ruby
[root@tiandong64 ~]# yum install -y openssl openssl-devel ruby
服务器端安装软件:
[root@tiandong63 ~]# tar -xvf facter-1.6.1.tar.gz
[root@tiandong63 ~]# cd facter-1.6.1
[root@tiandong63 facter-1.6.1]# ruby install.rb
[root@tiandong63 puppet-2.7.1]# ruby install.rb
服务端配置文件生成
[root@tiandong63 puppet-2.7.1]# cp conf/auth.conf /etc/puppet/auth.conf //Client访问Puppet服务器的ACL
cp: overwrite `/etc/puppet/auth.conf'? y
[root@tiandong63 puppet-2.7.1]#
[root@tiandong63 puppet-2.7.1]# cp -n conf/redhat/fileserver.conf /etc/puppet/ //Puppet作为文件服务器的ACL
[root@tiandong63 puppet-2.7.1]#cp -n conf/redhat/puppet.conf /etc/puppet/ //Puppet服务器配置文件
服务端配置启动
[root@tiandong63 puppet-2.7.1]#cp conf/redhat/server.init /etc/init.d/puppetmaster //启动文件
[root@tiandong63 puppet-2.7.1]# chmod +x /etc/init.d/puppetmaster
[root@tiandong63 puppet-2.7.1]# chkconfig puppetmaster on //开机自启动
[root@tiandong63 puppet-2.7.1]# mkdir /etc/puppet/mainfests // Puppet脚本主文件目录
[root@tiandong63 puppet-2.7.1]# cd /etc/puppet/
[root@tiandong63 puppet]# ll
total 16
-rw-r--r-- 1 root root 2443 Apr 19 21:57 auth.conf
-rw-r--r-- 1 root root 381 Apr 19 21:59 fileserver.conf
drwxr-xr-x 2 root root 4096 Apr 19 22:06 mainfests
-rw-r--r-- 1 root root 853 Apr 19 22:00 puppet.conf
服务端puppet用户和服务启动
[root@tiandong63 puppet]# grep puppet /etc/passwd //一开始是没有puppet用户的
[root@tiandong63 puppet]# puppetmasterd --mkusers //特殊的puppet用户创建方式
[root@tiandong63 puppet]# grep puppet /etc/passwd
puppet:x:501:501::/home/puppet:/bin/bash
//Client访问Puppet服务器的ACL