這篇文章主要講解了“如何在CentOS系統(tǒng)下安裝Puppet和Puppet Foreman”，文中的講解內(nèi)容簡單清晰，易于學(xué)習(xí)與理解，下面請(qǐng)大家跟著小編的思路慢慢深入，一起來研究和學(xué)習(xí)“如何在CentOS系統(tǒng)下安裝Puppet和Puppet Foreman”吧！

創(chuàng)新互聯(lián)-專業(yè)網(wǎng)站定制、快速模板網(wǎng)站建設(shè)、高性價(jià)比合浦網(wǎng)站開發(fā)、企業(yè)建站全套包干低至880元,成熟完善的模板庫,直接使用。一站式合浦網(wǎng)站制作公司更省心,省錢,快速模板網(wǎng)站建設(shè)找我們，業(yè)務(wù)覆蓋合浦地區(qū)。費(fèi)用合理售后完善，10余年實(shí)體公司更值得信賴。

一、系統(tǒng)環(huán)境:
 
Centos6.4 x86_64
 
192.168.6.171 puppet.domain.com
 
192.168.6.173 agent1.domian.com

二、關(guān)閉selinux 和 iptables(我這里是測試環(huán)境,也可以增加puppet端口8140)
 

代碼如下:

setenforce  0

/etc/init.d/iptables stop && chkconfig iptables off

三、更改主機(jī)名、使用host解析
 

代碼如下:

[root@test ~]# cat /etc/sysconfig/network   // # 192.168.6.171
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=puppet.domain.com

[root@test ~]# cat /etc/hosts
192.168.6.171 puppet.domain.com
192.168.6.173 agent1.domain.com

[root@test ~]cat /etc/sysconfig/network  // # 192.168.6.173
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=agent1.domain.com

[root@test ~]# cat /etc/hosts
192.168.6.171 puppet.domain.com
192.168.6.173 agent1.domain.com

四、安裝yum源

1、# 下載地址 https://lug.ustc.edu.cn/wiki/mirrors/help/centos

代碼如下:

[root@puppet yum.repos.d]# cat CentOS-Base.repo
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#

[base]
name=CentOS-$releasever - Base - mirrors.ustc.edu.cn
baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/os/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
gpgcheck=1
gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

#released updates
[updates]
name=CentOS-$releasever - Updates - mirrors.ustc.edu.cn
baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/updates/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
gpgcheck=1
gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - mirrors.ustc.edu.cn
baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/extras/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
gpgcheck=1
gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - mirrors.ustc.edu.cn
baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/centosplus/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
gpgcheck=1
enabled=0
gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib - mirrors.ustc.edu.cn
baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/contrib/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
gpgcheck=1
enabled=0
gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

2、安裝puppet官方y(tǒng)um源

代碼如下:

rpm -Uvh http://yum.puppetlabs.com/el/6Server/products/x86_64/puppetlabs-release-6-6.noarch.rpm

五、安裝ruby環(huán)境(master和agent端都要操作)
 

代碼如下:

yum -y install ruby ruby-libs ruby-shadow

 

[root@puppet yum.repos.d]# ruby -v   //# 檢查ruby版本
ruby 1.8.7 (2011-06-30 patchlevel 352) [x86_64-linux]

 
master:

代碼如下:

yum -y install puppet-server

 
 
 
agent:

代碼如下:

yum -y install puppet

六、puppet配置文件(看到外面很多的文檔又是［main］ ［agent］ ［master］ 把我都繞暈了 我就直接貼我的配置文件 很簡單要改的東西很少)

1、master端的配置文件

代碼如下:

[root@pupet ~]# cd /etc/puppet/

[root@pupet puppet]# cat puppet.conf

[main]

vardir = /var/lib/puppet // # 用來存放緩存數(shù)據(jù)、配置、客戶端返回的報(bào)告及文件備份

logdir = /var/log/puppet

rundir = /var/run/puppet

ssldir = $vardir/ssl    // #  簽發(fā)認(rèn)證文件目錄

 

[master]

reports = foreman,console,log   // # 發(fā)送報(bào)告至console,foreman,log

certname = puppet.domain.com  // # 配置主機(jī)名是puppet.domain.com

pluginsync = true    // # 開啟插件同步

environment = production // # 指定運(yùn)行環(huán)境是生產(chǎn)

# /etc/init.d/puppetmaster start  啟動(dòng)puppetmaster

2、agent端的配置文件

代碼如下:

[root@agent ~]# cd /etc/puppet/
[root@agent puppet]# cat puppet.conf
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
pluginsync = true

[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfigs
#runinterval = 300
listen = true
report = true
server = puppet.domain.com   // #指定server端

＃ /etc/init.d/puppet start  啟動(dòng)puppet agent

七、puppet驗(yàn)證

1、客戶端發(fā)起驗(yàn)證

代碼如下:

[root@agent1 yum.repos.d]# puppet agent --test --server puppet.domain.com

Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for agent1.domain.com
Info: Certificate Request fingerprint (SHA256): C0:BB:24:3B:4B:59:F1:63:3D:EA:C1:EB:5B:2D:84:68:23:BA:F3:3D:0A:E6:8C:0E:38:3F:9E:F3:40:24:9A:68
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled

2、服務(wù)端查看

代碼如下:

[root@puppet puppet]# puppet cert --list --all

"agent1.domain.com" (SHA256) C0:BB:24:3B:4B:59:F1:63:3D:EA:C1:EB:5B:2D:84:68:23:BA:F3:3D:0A:E6:8C:0E:38:3F:9E:F3:40:24:9A:68
+ "puppet.domain.com" (SHA256) AF:F9:25:75:0F:3A:C5:E2:B5:71:EE:4E:65:82:7A:C1:3E:20:74:EF:57:2D:2D:1D:E5:47:1D:03:76:A5:5C:07 (alt names: "DNS:puppet", "DNS:puppet.domain.com")

3、服務(wù)端完成驗(yàn)證(顯示+號(hào)代表添加進(jìn)來了 沒有的話是帶添加的主機(jī))

代碼如下:

[root@puppet puppet]# puppet cert sign agent1.domain.com

Notice: Signed certificate request for agent1.domain.com
Notice: Removing file Puppet::SSL::CertificateRequest agent1.domain.com at '/var/lib/puppet/ssl/ca/requests/agent1.domain.com.pem'

代碼如下:

[root@puppet puppet]# puppet cert --list --all

+ "agent1.domain.com" (SHA256) 70:00:4D:89:53:2B:A4:C4:16:C4:DA:F1:63:59:5A:7A:0C:26:47:3B:74:4D:1C:29:C3:1B:BF:2E:B1:F4:89:D5
+ "puppet.domain.com" (SHA256) AF:F9:25:75:0F:3A:C5:E2:B5:71:EE:4E:65:82:7A:C1:3E:20:74:EF:57:2D:2D:1D:E5:47:1D:03:76:A5:5C:07 (alt names: "DNS:puppet", "DNS:puppet.domain.com")

4、服務(wù)端自動(dòng)驗(yàn)證配置

代碼如下:

vi /etc/puppet/puppet.conf   // ＃ 添加自動(dòng)驗(yàn)證配置文件路徑并開啟

autosign = $confdir/autosign.conf { mode = 664 }
auto = true

vi /etc/puppet/autosign.conf   // # 指定所有以.domain.com結(jié)尾的主機(jī)名自動(dòng)添加驗(yàn)證

*.domain.com

5、master取消授權(quán)

代碼如下:

puppet cert --revoke agent1.domain.com

6、master刪除授權(quán)
 
在master端:

代碼如下:

puppet cert --clean agent1.domain.com

 
在agent端:

代碼如下:

find /var/lib/puppet/ssl/   -iname   'hostname'.pem   -exec   /bin/rm   –rf   {}

八、測試puppet文件推送功能
 
master端:

代碼如下:

# 定義一個(gè)test模塊

[root@puppet test]# pwd
/etc/puppet/modules/test
[root@puppet test]# ls
files manifests templates

＃ 自定資源文件

[root@puppet test]# cd manifests/
[root@puppet manifests]# ls
init.pp
[root@puppet manifests]# cat init.pp
class test {
file { "/tmp/$hostname.txt": content => "hello $hostname.txt"; }
}

# 對(duì)agent.domain.com節(jié)點(diǎn)倒入test模塊

[root@puppet nodes]# pwd
/etc/puppet/manifests/nodes
[root@puppet nodes]# cat agent.domain.com.pp
node 'agent.domain.com' {
include test
}

# 入口文件導(dǎo)入所有的節(jié)點(diǎn)

[root@puppet manifests]# pwd
/etc/puppet/manifests
[root@puppet manifests]# cat site.pp
import "nodes/*.domain.com.pp"

 
＃ agent 端

代碼如下:

[root@agent1 yum.repos.d]# puppet agent --test --server puppet.domain.com
Notice: Ignoring --listen on onetime run
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for agent1.domain.com
Info: Applying configuration version '1408524165'
Notice: /Stage[main]/Test/File[/tmp/agent1.txt]/ensure: defined content as '{md5}7509cca57ec6faec2d5dd2c76a68ea0b'
Notice: Finished catalog run in 0.10 seconds

# 驗(yàn)證文件

[root@agent1 yum.repos.d]# cat /tmp/agent1.txt
hello agent1.txt

安裝Puppet foreman

準(zhǔn)備工作:

1.在安裝foreman之前呢咱們需要安裝epel的源否則在執(zhí)行yum -y install foreman-installer 很多包是安裝不上的

代碼如下:

rpm -ivh http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm

一、安裝
 

代碼如下:

yum -y install http://yum.theforeman.org/releases/1.6/el6/x86_64/foreman-release.rpm  // 推薦使用官方的源自動(dòng)解決依賴問題

yum -y install foreman-installer  // # 開始安裝 如果發(fā)現(xiàn)有的包安裝報(bào)錯(cuò)需要仔細(xì)檢查是不是源的問題(推薦epel源) 或者 防火墻 和 selinux

二、運(yùn)行foreman安裝(以下二選其一即可,推薦非交互安裝方式)
 

代碼如下:

foreman-installer    // # 這里所有的過程都是自動(dòng)的 時(shí)間有點(diǎn)長，是太長了 好長...我又邪惡了～～

foreman-installer -i  // # 如果需要自定義安裝 可以使用 -i 選擇交互式安裝 詳情請(qǐng)參考官方手冊(cè)

＃ 貌似每次我安裝都會(huì)卡在這里,不知道什么原因 我每次都會(huì)把它結(jié)束掉重新執(zhí)行foreman-installer 就好了 無解。。

Installing             Debug: Package[foreman-postgresql](provider=yum):  [22%] [....................

5794 ?        Ss     0:04 /usr/bin/python /usr/bin/yum -d 0 -e 0 -y install foreman-postgresql  // 進(jìn)程一直卡在這里

＃ 安裝完后可以很清楚的看到httpd啟動(dòng)失敗 咱們這里需要手動(dòng)啟動(dòng)一下 /etc/init.d/httpd start 安裝兩次都是失敗不知道是不是個(gè)例

Could not start Service[httpd]: Execution of '/sbin/service httpd start' returned 1: Starting httpd: [FAILED]
/Stage[main]/Apache::Service/Service[httpd]/ensure: change from stopped to running failed: Could not start Service[httpd]: Execution of '/sbin/service httpd start' returned 1: Starting httpd: [FAILED]

# 啟動(dòng)foreman-proxy

/etc/init.d/foreman-proxy start

三、訪問web頁面
 
＃ 登錄web需要密碼這個(gè)密碼在安裝成功后終端會(huì)有顯示
 
* Foreman is running at https://puppet.domain.com
Initial credentials are admin / sFuCu73KydURMTbi
* Foreman Proxy is running at https://puppet.domain.com:8443
* Puppetmaster is running at port 8140
The full log is at /var/log/foreman-installer/foreman-installer.log

感謝各位的閱讀，以上就是“如何在CentOS系統(tǒng)下安裝Puppet和Puppet Foreman”的內(nèi)容了，經(jīng)過本文的學(xué)習(xí)后，相信大家對(duì)如何在CentOS系統(tǒng)下安裝Puppet和Puppet Foreman這一問題有了更深刻的體會(huì)，具體使用情況還需要大家實(shí)踐驗(yàn)證。這里是創(chuàng)新互聯(lián)，小編將為大家推送更多相關(guān)知識(shí)點(diǎn)的文章，歡迎關(guān)注！