在CentOS系统下安装Puppet和Puppet Foreman的教程(centos安装软件教程)

推荐整理分享在CentOS系统下安装Puppet和Puppet Foreman的教程(centos安装软件教程)，希望有所帮助，仅作参考，欢迎阅读内容。

文章相关热门搜索词:centos 安装chia,centos中如何安装软件,centos安装软件教程,centos中如何安装软件,centos 安装,centos安装软件教程,centos安装软件教程,centos直接安装,内容如对您有帮助，希望把文章链接给更多的朋友！

一、系统环境: Centos6.4 x_ ..6. puppet.domain.com ..6. agent1.domian.com

二、关闭selinux 和 iptables(我这里是测试环境,也可以增加puppet端口) 复制代码代码如下:setenforce 0 /etc/init.d/iptables stop && chkconfig iptables off

三、更改主机名、使用host解析 复制代码代码如下:[root@test ~]# cat /etc/sysconfig/network // # ..6.NETWORKING=yesNETWORKING_IPV6=noHOSTNAME=puppet.domain.com [root@test ~]# cat /etc/hosts..6. puppet.domain.com..6. agent1.domain.com [root@test ~]cat /etc/sysconfig/network // # ..6.NETWORKING=yesNETWORKING_IPV6=noHOSTNAME=agent1.domain.com [root@test ~]# cat /etc/hosts..6. puppet.domain.com..6. agent1.domain.com

四、安装yum源

1、# 下载地址 复制代码代码如下:[root@puppet yum.repos.d]# cat CentOS-Base.repo# CentOS-Base.repo## The mirror system uses the connecting IP address of the client and the# update status of each mirror to pick mirrors that are updated to and# geographically close to the client. You should use this for CentOS updates# unless you are manually picking other mirrors.## If the mirrorlist= does not work for you, as a fall back you can try the# remarked out baseurl= line instead.## [base]name=CentOS-$releasever - Base - mirrors.ustc.edu.cnbaseurl= #released updates[updates]name=CentOS-$releasever - Updates - mirrors.ustc.edu.cnbaseurl= #additional packages that may be useful[extras]name=CentOS-$releasever - Extras - mirrors.ustc.edu.cnbaseurl= #additional packages that extend functionality of existing packages[centosplus]name=CentOS-$releasever - Plus - mirrors.ustc.edu.cnbaseurl= #contrib - packages by Centos Users[contrib]name=CentOS-$releasever - Contrib - mirrors.ustc.edu.cnbaseurl= 复制代码代码如下:rpm -Uvh 复制代码代码如下:yum -y install ruby ruby-libs ruby-shadow [root@puppet yum.repos.d]# ruby -v //# 检查ruby版本ruby 1.8.7 (-- patchlevel ) [x_-linux] master:复制代码代码如下:yum -y install puppet-server agent:复制代码代码如下:yum -y install puppet

六、puppet配置文件(看到外面很多的文档又是［main］ ［agent］ ［master］ 把我都绕晕了 我就直接贴我的配置文件 很简单要改的东西很少)

1、master端的配置文件 复制代码代码如下:[root@pupet ~]# cd /etc/puppet/ [root@pupet puppet]# cat puppet.conf [main] vardir = /var/lib/puppet // # 用来存放缓存数据、配置、客户端返回的报告及文件备份 logdir = /var/log/puppet rundir = /var/run/puppet ssldir = $vardir/ssl // # 签发认证文件目录 [master] reports = foreman,console,log // # 发送报告至console,foreman,log certname = puppet.domain.com // # 配置主机名是puppet.domain.com pluginsync = true // # 开启插件同步 environment = production // # 指定运行环境是生产 # /etc/init.d/puppetmaster start 启动puppetmaster

2、agent端的配置文件 复制代码代码如下:[root@agent ~]# cd /etc/puppet/[root@agent puppet]# cat puppet.conf[main]logdir = /var/log/puppetrundir = /var/run/puppetssldir = $vardir/sslpluginsync = true [agent]classfile = $vardir/classes.txtlocalconfig = $vardir/localconfigs#runinterval = listen = truereport = trueserver = puppet.domain.com // #指定server端 ＃ /etc/init.d/puppet start 启动puppet agent

七、puppet验证

1、客户端发起验证 复制代码代码如下:[root@agent1 yum.repos.d]# puppet agent --test --server puppet.domain.comInfo: Caching certificate for caInfo: csr_attributes file loading from /etc/puppet/csr_attributes.yamlInfo: Creating a new SSL certificate request for agent1.domain.comInfo: Certificate Request fingerprint (SHA): C0:BB::3B:4B::F1::3D:EA:C1:EB:5B:2D::::BA:F3:3D:0A:E6:8C:0E::3F:9E:F3:::9A:Info: Caching certificate for caExiting; no certificate found and waitforcert is disabled

2、服务端查看 复制代码代码如下:[root@puppet puppet]# puppet cert --list --all"agent1.domain.com" (SHA) C0:BB::3B:4B::F1::3D:EA:C1:EB:5B:2D::::BA:F3:3D:0A:E6:8C:0E::3F:9E:F3:::9A:+ "puppet.domain.com" (SHA) AF:F9:::0F:3A:C5:E2:B5::EE:4E:::7A:C1:3E:::EF::2D:2D:1D:E5::1D:::A5:5C: (alt names: "DNS:puppet", "DNS:puppet.domain.com")

3、服务端完成验证(显示+号代表添加进来了 没有的话是带添加的主机) 复制代码代码如下:[root@puppet puppet]# puppet cert sign agent1.domain.comNotice: Signed certificate request for agent1.domain.comNotice: Removing file Puppet::SSL::CertificateRequest agent1.domain.com at '/var/lib/puppet/ssl/ca/requests/agent1.domain.com.pem'复制代码代码如下:[root@puppet puppet]# puppet cert --list --all+ "agent1.domain.com" (SHA) ::4D:::2B:A4:C4::C4:DA:F1:::5A:7A:0C:::3B::4D:1C::C3:1B:BF:2E:B1:F4::D5+ "puppet.domain.com" (SHA) AF:F9:::0F:3A:C5:E2:B5::EE:4E:::7A:C1:3E:::EF::2D:2D:1D:E5::1D:::A5:5C: (alt names: "DNS:puppet", "DNS:puppet.domain.com")

4、服务端自动验证配置 复制代码代码如下:vi /etc/puppet/puppet.conf // ＃ 添加自动验证配置文件路径并开启 autosign = $confdir/autosign.conf { mode = }auto = true vi /etc/puppet/autosign.conf // # 指定所有以.domain.com结尾的主机名自动添加验证 *.domain.com

5、master取消授权 复制代码代码如下:puppet cert --revoke agent1.domain.com

6、master删除授权 在master端: 复制代码代码如下:puppet cert --clean agent1.domain.com 在agent端: 复制代码代码如下:find /var/lib/puppet/ssl/ -iname 'hostname'.pem -exec /bin/rm –rf {}

八、测试puppet文件推送功能 master端: 复制代码代码如下:# 定义一个test模块 [root@puppet test]# pwd/etc/puppet/modules/test[root@puppet test]# lsfiles manifests templates ＃ 自定资源文件 [root@puppet test]# cd manifests/[root@puppet manifests]# lsinit.pp[root@puppet manifests]# cat init.ppclass test {file { "/tmp/$hostname.txt": content => "hello $hostname.txt"; }} # 对agent.domain.com节点倒入test模块 [root@puppet nodes]# pwd/etc/puppet/manifests/nodes[root@puppet nodes]# cat agent.domain.com.ppnode 'agent.domain.com' {include test} # 入口文件导入所有的节点 [root@puppet manifests]# pwd/etc/puppet/manifests[root@puppet manifests]# cat site.ppimport "nodes/*.domain.com.pp" ＃ agent 端 复制代码代码如下:[root@agent1 yum.repos.d]# puppet agent --test --server puppet.domain.comNotice: Ignoring --listen on onetime runInfo: Retrieving pluginfactsInfo: Retrieving pluginInfo: Caching catalog for agent1.domain.comInfo: Applying configuration version ''Notice: /Stage[main]/Test/File[/tmp/agent1.txt]/ensure: defined content as '{md5}ccaec6faec2d5dd2caea0b'Notice: Finished catalog run in 0. seconds # 验证文件 [root@agent1 yum.repos.d]# cat /tmp/agent1.txthello agent1.txt

安装Puppet foreman

准备工作:

1.在安装foreman之前呢咱们需要安装epel的源否则在执行yum -y install foreman-installer 很多包是安装不上的

复制代码代码如下:rpm -ivh 复制代码代码如下:yum -y install // 推荐使用官方的源自动解决依赖问题 yum -y install foreman-installer // # 开始安装 如果发现有的包安装报错需要仔细检查是不是源的问题(推荐epel源) 或者 防火墙 和 selinux

二、运行foreman安装(以下二选其一即可,推荐非交互安装方式) 复制代码代码如下:foreman-installer // # 这里所有的过程都是自动的 时间有点长，是太长了 好长...我又邪恶了～～ foreman-installer -i // # 如果需要自定义安装 可以使用 -i 选择交互式安装 详情请参考官方手册 ＃ 貌似每次我安装都会卡在这里,不知道什么原因 我每次都会把它结束掉重新执行foreman-installer 就好了 无解。。 Installing Debug: Package[foreman-postgresql](provider=yum): [%] [.................... ? Ss 0: /usr/bin/python /usr/bin/yum -d 0 -e 0 -y install foreman-postgresql // 进程一直卡在这里 ＃ 安装完后可以很清楚的看到httpd启动失败 咱们这里需要手动启动一下 /etc/init.d/httpd start 安装两次都是失败不知道是不是个例 Could not start Service[httpd]: Execution of '/sbin/service httpd start' returned 1: Starting httpd: [FAILED]/Stage[main]/Apache::Service/Service[httpd]/ensure: change from stopped to running failed: Could not start Service[httpd]: Execution of '/sbin/service httpd start' returned 1: Starting httpd: [FAILED] # 启动foreman-proxy /etc/init.d/foreman-proxy start

三、访问web页面 ＃ 登录web需要密码这个密码在安装成功后终端会有显示 * Foreman is running at credentials are <strong>admin / sFuCuKydURMTbi</strong>* Foreman Proxy is running at Puppetmaster is running at port The full log is at /var/log/foreman-installer/foreman-installer.log

CentOS系统中使用EPEL源的方法 国内的yum源貌似没几个全的，尤其是网易，速度虽然快，但是很不全，很多东西都没有就连ipython的都没有，每次装写软件，都要自己去wget包，想省点心

在CentOS系统上简单安装配置XRDP服务器 第一步安装fedora的源1.因为CentOS6.3默认是不带XRDP服务器的复制代码代码如下:[root@s~]#

在CentOS系统的服务器上用ss5配置socket5代理的教程 第一步下载安装ss.安装系统必要的包复制代码代码如下:[root@e2fsck~]#yuminstallgccautomakemake2.安装socks5必要的包复制代码代码如下:[root@e2fsck~]#yum-yinstallpam-dev