真实的国产乱ⅩXXX66竹夫人,五月香六月婷婷激情综合,亚洲日本VA一区二区三区,亚洲精品一区二区三区麻豆

成都創(chuàng)新互聯(lián)網(wǎng)站制作重慶分公司

52.puppet自動(dòng)化運(yùn)維工具

puppet自動(dòng)化運(yùn)維工具

創(chuàng)新互聯(lián)建站主營(yíng)遂平網(wǎng)站建設(shè)的網(wǎng)絡(luò)公司,主營(yíng)網(wǎng)站建設(shè)方案,手機(jī)APP定制開發(fā),遂平h5微信小程序定制開發(fā)搭建,遂平網(wǎng)站營(yíng)銷推廣歡迎遂平等地區(qū)企業(yè)咨詢

Puppet是一款運(yùn)維自動(dòng)化工具,在一些大型的互聯(lián)網(wǎng)企業(yè),它可以針對(duì)多臺(tái)服務(wù)器進(jìn)行統(tǒng)一操作,如統(tǒng)一部署軟件,進(jìn)行統(tǒng)一上線維護(hù)等,意思就是說(shuō)在一臺(tái)linux服務(wù)器上所部署的操作,會(huì)通過puppet同步到其他linux服務(wù)器的一款強(qiáng)大工具。

Puppet使用的端口是8139

 

 

搭建puppetmaster:

規(guī)劃服務(wù)器主機(jī)名

# vim /etc/sysconfig/network

修改內(nèi)容:

NETWORKING=yes

HOSTNAME=master.test.cn

# vim /etc/hosts

添加解析記錄:

1.1.1.128       master.test.cn

1.1.1.129       client.test.cn

# hostname master.test.cn

# bash

服務(wù)器時(shí)間同步

#vim /etc/ntp.com

添加兩行:

server 127.127.1.0

fudge 127.127.1.0 stratum 8

# yum -y install ntpdate

#service ntpd restart

#chkconfig ntpd on

安裝ruby

# yum -y install ruby

#ruby -v

安裝puppet和facter

# useradd -s /sbin/nologin puppet

# tar xzvf facter-1.7.1.tar.gz

# cd facter-1.7.1

# ruby install.rb

# tar xzvf puppet-2.7.21.tar.gz

# cd puppet-2.7.21

# ruby install.rb

# cp conf/redhat/fileserver.conf   /etc/puppet/

# cp conf/redhat/puppet.conf  /etc/puppet/

# cp conf/redhat/server.init /etc/init.d/puppetmaster

# chmod +x /etc/init.d/puppetmaster

# mkdir /etc/puppet/manifests

# mkdir /etc/puppet/modules

Puppet服務(wù)證書與簽名

# iptables -F

# vim /etc/puppet/puppet.conf

在main行添加:

ssldir = $vardir/ssl

modulepath = /etc/puppet/modules:/usr/share/puppet/modules

# /etc/init.d/puppetmaster start

搭建client客戶端:

規(guī)劃服務(wù)器主機(jī)名

# vim /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=client.test.cn

# vim /etc/hosts

1.1.1.128       master.test.cn

1.1.1.129       client.test.cn

# hostname client.test.cn

# bash

同步服務(wù)時(shí)間

# ntpdate 1.1.1.128

安裝ruby安裝工具

# yum -y install ruby

# ruby -v

安裝puppet和facter

#useradd -s /sbin/nologin  puppet

# tar xzvf facter-1.7.1.tar.gz

# cd facter-1.7.1

# ruby install.rb

# tar xzvf puppet-2.7.2

# cd puppet-2.7.21

# ruby install.rb

# cp conf/redhat/puppet.conf /etc/puppet

# cp conf/redhat/client.init  /etc/init.d/puppetclient

# chmod +x /etc/init.d/puppetclient

# iptables -F

# vim /etc/puppet/puppet.conf

在main項(xiàng)添加內(nèi)容 :

ssldir = $vardir/ssl

server = master.test.cn

在client端申請(qǐng)與注冊(cè)

# puppet agent --server=master.test.cn --no-daemonize --verbose

在master端提交注冊(cè)信息

# puppet cert --list                     查看申請(qǐng)列表

# puppet cert sign --all                  提交注冊(cè)信息,會(huì)在下面目錄中創(chuàng)建證書

#ll /var/lib/puppet/ssl/ca/signed          查看client端的注冊(cè)信息文件

 

 

 

 

 

 

 

 

案例需求:需要將ssh服務(wù)的端口統(tǒng)一更改為9922

節(jié)點(diǎn)入口存放目錄:/etc/puppet/manifests/nodes

模塊存放目錄:/etc/puppet/modules

Puppet分發(fā)部署:

創(chuàng)建必要目錄

#mkdir -p /etc/puppet/modules/ssh/{manifests,templates,files}

#mkdir  /etc/puppet/modules/ssh/files/ssh

#mkdir  /etc/puppet/manifests/nodes

#chown -R puppet /etc/puppet/modules/

#ll /etc/puppet/modules/ssh

注:ssh/manifests目錄是ssh模塊配置文件目錄,ssh/files是ssh模塊的文件發(fā)布目錄

創(chuàng)建模塊配置文件

# vim /etc/puppet/modules/ssh/manifests/install.pp     確定客戶端是否安裝ssh服務(wù)

class  ssh::install{

package{ "openssh":

         ensure => present,

  }

}

# vim /etc/puppet/modules/ssh/manifests/config.pp     配置需要同步的文件

class ssh::config{                                  定義類

file { "/etc/ssh/sshd_config":                         文件路徑

        ensure => present,                         確定客戶端此文件存在

        owner =>"root",                           文件所屬用戶

        group =>"root",                           文件所屬組

        mode =>"0600",                           文件屬性

        source =>"puppet://$puppetserver/modules/ssh/ssh/sshd_config",從服務(wù)器同步文件

        require => Class["ssh::install"],               調(diào)用ssh::install類

        notify => Class["ssh::service"],              如果config.pp發(fā)生變化通知service.pp

   }

}

# vim /etc/puppet/modules/ssh/manifests/service.pp

class ssh::service {                              定義類

        service {"sshd":                        

        ensure=>running,                       確定ssh在運(yùn)行

        hasstatus=>true,                        查看ssh服務(wù)狀態(tài)

        hasrestart=>true,                       重啟ssh服務(wù)

        enable=>ture,                          服務(wù)器是否開機(jī)

        require=>Class["ssh::config"]              調(diào)用ssh::config類

      }

}

# vim /etc/puppet/modules/ssh/manifests/init.pp    模塊主配置文件

class ssh{

     include  ssh::install,ssh::config,ssh::service    調(diào)用上面三個(gè)類

}

復(fù)制已修改好的ssh的配置文件到默認(rèn)目錄

# cp /etc/ssh/sshd_config  /etc/puppet/modules/ssh/files/ssh/

#chown puppet /etc/puppet/modules/ssh/files/ssh/sshd_config

創(chuàng)建節(jié)點(diǎn)配置文件

# vim /etc/puppet/manifests/nodes/ssh.pp        

node 'client.test.cn' {                            定義客戶端入口

     include ssh

}

# vim /etc/puppet/manifests/nodes/site.pp          配置節(jié)點(diǎn)位置

import "nodes/ssh.pp"

同步方法:

客戶端主動(dòng)拉取

#puppet agent -t

服務(wù)器推送同步

客戶端

# echo "listen = true" >> /etc/puppet/puppet.conf

# echo "allow *" >> /etc/puppet/auth.conf

#/etc/init.d/puppetclient restart

#vim /etc/ssh/sshd_config

#netstat -lnupt |grep ssh

服務(wù)端

#puppet kick client.test.cn

 


本文名稱:52.puppet自動(dòng)化運(yùn)維工具
標(biāo)題來(lái)源:http://weahome.cn/article/jjjeih.html

其他資訊

在線咨詢

微信咨詢

電話咨詢

028-86922220(工作日)

18980820575(7×24)

提交需求

返回頂部