当前位置: > CentOS > CentOS教程 >

CentOS6.5 64位下安装配置puppet服务器

时间:2015-08-27 13:27来源:linux.it.net.cn 作者:IT

我们先准备三台centos 6.5 x86_64机器,做好安装前的工作。

    OS: Centos 6.5 x86_64

    Puppet master: master.com (192.168.37.72)

    Puppet clients: client1.com (192.168.37.83)

    Puppet clients: client2.com (192.168.37.82)

一、先做好安装的准备工作:

  1. 在master和client均关闭selinux,iptables:

    停止iptables

    [root@master ~]# service iptables stop
    iptables:清除防火墙规则:                                 [确定]
    iptables:正在卸载模块:                                    [确定]
    [root@master ~]# chkconfig --list |grep iptables

    iptables           0:关闭    1:关闭    2:启用    3:启用    4:启用    5:启用    6:关闭

    [root@master ~]# chkconfig  ptables off

    关闭selinux

    [root@master ~]# vim /etc/selinux/config


    # This file controls the state of SELinux on the system.
    # SELINUX= can take one of these three values:
    #     enforcing - SELinux security policy is enforced.
    #     permissive - SELinux prints warnings instead of enforcing.
    #     disabled - No SELinux policy is loaded.
    SELINUX=enforcing 改成 SELINUX=disabled
    # SELINUXTYPE= can take one of these two values:
    #     targeted - Targeted processes are protected,
    #     mls - Multi Level Security protection.
    SELINUXTYPE=targeted

  2. 为了保证能向master主机申请到正确的有效证书,建议master和client设置ntp:

    [root@master ~]#  yum -y install ntp

    [root@master ~]#  ntpdate pool.ntp.org

    [root@master ~]#  chkconfig ntpd on

    [root@master ~]# chkconfig --list|grep ntp

    ntpd               0:关闭    1:关闭    2:启用    3:启用    4:启用    5:启用    6:关
    ntpdate            0:关闭    1:关闭    2:关闭    3:关闭    4:关闭    5:关闭    6:关闭

    [root@master ~]# service ntpd start
    正在启动 ntpd:                                            [确定]

  3. 在master和client端设置hosts

    Puppet 要求所有机器有完整的域名,如果没有 DNS 服务器提供域名的话,可以在机器上设置主机名(注意:要先安装 Puppet之前设置主机名,因为安装 Puppet 时会把主机名写入证书,客户端和服务端通信需要这个证书),为了简化安装过程我配置了/etc/hosts。

    [root@master ~]# vim /etc/hosts

    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    192.168.37.72 master.com
    192.168.37.83 client1.com
    192.168.37.82 client2.com

  4.  安装puppet官方源

    [root@master ~]# wget http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-7.noarch.rpm

    [root@master ~]# rpm -ivh puppetlabs-release-6-7.noarch.rpm

    [root@master ~]# yum update

二、Master端安装配置

  1. 安装 puppet-server

    [root@master ~]# yum -y install puppet-server

  2. 添加自动签发证书

    编辑 /etc/puppet/puppet.conf 文件, 在[main]段内加入 autosign = true,server = master.com

    [root@master ~]# vim /etc/puppet/puppet.conf

    [main]
        # The Puppet log directory.
        # The default value is '$vardir/log'.
        logdir = /var/log/puppet

        # Where Puppet PID files are kept.
        # The default value is '$vardir/run'.
        rundir = /var/run/puppet

        # Where SSL certificates are kept.
        # The default value is '$confdir/ssl'.
        ssldir = $vardir/ssl
        autosign = true
        server = master.com

  3. 启动Puppetmaster

    [root@master ~]# service puppetmaster start

    启动 puppetmaster:                                        [确定]

    [root@master ~]#  netstat -tunlp | grep :8140

    tcp        0      0 0.0.0.0:8140                0.0.0.0:*                   LISTEN      9148/ruby

  4. 开机启动

    [root@master ~]# chkconfig --list |grep puppet
    puppet             0:关闭    1:关闭    2:关闭    3:关闭    4:关闭    5:关闭    6:关闭
    puppetmaster       0:关闭    1:关闭    2:关闭    3:关闭    4:关闭    5:关闭    6:关闭

    [root@master ~]# chkconfig puppetmaster on

    [root@master ~]# chkconfig --list |grep puppet
    puppet             0:关闭    1:关闭    2:关闭    3:关闭    4:关闭    5:关闭    6:关闭
    puppetmaster       0:关闭    1:关闭    2:启用    3:
    启用    4:启用    5:启用    6:关闭

三、客户端安装配置

  1.  puppet 安装

    [root@client1 ~]# yum -y install puppet

  2. 为客户端指定puppet服务器,并开启Master的推送功能

    编辑 /etc/puppet/puppet.conf 文件,在[agent]段内加入 listen = true,server = master.com

    [root@client1 ~]# vim /etc/puppet/puppet.conf

    [agent]
        # The file in which puppetd stores a list of the classes
        # associated with the retrieved configuratiion.  Can be loaded in
        # the separate ``puppet`` executable using the ``--loadclasses``
        # option.
        # The default value is '$confdir/classes.txt'.
        classfile = $vardir/classes.txt

        # Where puppetd caches the local configuration.  An
        # extension indicating the cache format is added automatically.
        # The default value is '$confdir/localconfig'.
        localconfig = $vardir/localconfig
        listen = true
        server = master.com

    编辑 /etc/puppet/auth.conf 文件, 在 auth / 最下面加入以下语句

    [root@client1 ~]# vim /etc/puppet/auth.conf

    path /run
    method save
    allow master.com

  3. 启动client

    [root@client1 ~]# service puppet start
    Starting puppet agent:                                     [确定]

    [root@client1 ~]#  netstat -tunlp | grep :8139
    tcp        0      0 0.0.0.0:8139                0.0.0.0:*                   LISTEN      15038/ruby 

     

  4. 开机启动

    [root@client1 ~]# chkconfig puppet on

     

    [root@client1 ~]# chkconfig --list |grep puppet

    puppet             0:关闭    1:关闭    2:启用    3:启用    4:启用    5:启用    6:关闭

(责任编辑:IT)
------分隔线----------------------------
栏目列表
推荐内容