ubuntu Puppet

最新推荐文章于 2024-07-20 17:31:06 发布

凌乱小风

最新推荐文章于 2024-07-20 17:31:06 发布

阅读量405

点赞数

分类专栏：工作文章标签： puppet

本文链接：https://blog.youkuaiyun.com/u013480495/article/details/51244887

版权

工作专栏收录该内容

24 篇文章

订阅专栏

本文详细介绍了在Ubuntu环境下使用Puppet进行服务器与客户端的部署过程，包括安装、配置、启动服务、验证及模块创建等步骤，并解决了部署过程中可能遇到的问题，如证书验证错误的解决方法。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

环境：ubuntu
安装
server

echo -e "deb http://apt.puppetlabs.com/ lucid main\ndeb-src http://apt.puppetlabs.com/ lucid main"
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 4BD6EC30
apt-get update
apt-get install puppetmaster

client

echo -e "deb http://apt.puppetlabs.com/ lucid main\ndeb-src http://apt.puppetlabs.com/ lucid main"
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 4BD6EC30
apt-get update
apt-get install puppet -y

启动

server

/etc/init.d/puppetmaster {start|stop|status|restart|force-reload}

client

/etc/init.d/puppet {start|stop|status|restart|force-reload}

配置

修改host

1.server&&client
vi /etc/hosts
2.修改主机
server

iptables -A INPUT -p tcp --dport 8140 -j ACCEPT

3.修改site.pp

sudo vim /etc/puppet/manifests/site.pp

node default { file { "/tmp/puppettest1.txt": content => "Hello,First Puppet test"; } }

4.客户端验证
client

puppet agent --server hadoop01 --test

可以将server参量加到配置文件中

vi /etc/puppet/puppet.conf

[main]
server=hadoop01

之后可以用

puppet agent  --test

其中test为测试模式
如果想在客户端输出详细的日志

--no-daemonize
--verbose
--debug

5.服务端完成验证
server

puppet cert --list
puppet cert sign hadoop02

client

puppet agent  --test

6.查看发过去的文件
client

more /tmp/puppettest1.txt

显示

Hello,First Puppet test

创建模块

1.master

sudo mkdir -p /etc/puppet/modules/test/{manifests,templates,files}

class test {
file { "/tmp/$hostname.txt": content => "Hello World!"; }
}

这里有个变量$hostname，主机名变量是通过factor获取的
需要将该变量传到erb文件中
创建erb文件

vim /etc/puppet/modules/test/templates/test.erb

hostname <%= fqdn %>

FQDN：(Fully Qualified Domain Name)完全合格域名/全称域名，是指主机名加上全路径，全路径中列出了序列中所有域成员

创建测试节点
mkdir /etc/puppet/manifests/nodes
vim /etc/puppet/manifests/nodes/hadoop02.pp

node 'hadoop02' {
#加载test类
include test
}

测试节点载⼊到Puppet
vim /etc/puppet/manifests/site.pp

import "nodes/hadoop02.pp"

之后检测配置文件
server

#检测modules
puppet parser validate /etc/puppet/modules/test/manifests/init.pp

client

puppet agent --test --noop

出现问题

Info: Caching certificate for ca
Info: Caching certificate for hadoop02
Error: Could not request certificate: The certificate retrieved from the master does not match the agent's private key.
Certificate fingerprint: 86:F9:69:9E:4A:2B:87:1A:7F:79:3C:38:BF:7E:03:94:1A:54:A5:63:F5:10:58:70:0B:1F:DB:91:C4:34:3C:9B
To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate.
On the master:
  puppet cert clean hadoop02
On the agent:
  rm -f /home/hadoop02/.puppet/ssl/certs/hadoop02.pem
  puppet agent -t

Exiting; failed to retrieve certificate and waitforcert is disabled

p32 自动认证？？？？？？？？？？？？
server

puppet cert clean hadoop02

client

rm -f /home/hadoop02/.puppet/ssl/certs/hadoop02.pem

这回继续
client

puppet agent --test --server hadoop01 --noop

server

 puppet cert sign hadoop02

验证没问题
客户端可以执行
client

puppet agent --test --server hadoop01

查看结果

 more /tmp/hadoop02.txt