puppet-master-agent杂记
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了puppet-master-agent杂记相关的知识,希望对你有一定的参考价值。
puppet-agentagent
1、查看agent环境
[[email protected] ~]# puppet config print environment
production
[[email protected] ~]#
[[email protected] ~]# puppet agent --configprint environment
production
2、自动签署证书
[[email protected] puppet]# vim autosign.conf
*.com
重启服务:[[email protected] puppet]# systemctl restart puppetmaster
清除证书:
[[email protected] puppet]# puppet cert clean master2.com
客户端删除证书:
[[email protected] ~]# rm -rf /var/lib/puppet/ssl/*
客户端连接:
[[email protected] ~]# puppet agent --server=master1.com --no-daemonize --verbose
Info: Creating a new SSL key for master2.com
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for master2.com
Info: Certificate Request fingerprint (SHA256): 0C:E7:25:E3:C3:62:26:F3:A7:35:65:10:9E:53:0F:F0:A1:18:22:AC:D7:AE:EF:6D:C0:78:DE:B1:FB:77:93:5D
Info: Caching certificate for master2.com
Info: Caching certificate_revocation_list for ca
Info: Caching certificate for ca
Notice: Starting Puppet client version 3.8.4
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for master2.com
Info: Applying configuration version ‘1514001433‘
Notice: Finished catalog run in 2.33 seconds
3、puppet kick模式
3.1 agent拉取数据默认是关闭的
[[email protected] ~]# puppet config print | grep listen
listen = false
开启:
[[email protected] ~]# vim /etc/puppet/puppet.conf
[agent]
listen = true
重启服务:
[[email protected] ~]# systemctl restart puppetagent
[[email protected] ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:8139 *:*
3.2 agent端设置允许master触发列表
[[email protected] ~]# vim /etc/puppet/namespaceauth.conf
[[email protected] ~]# vim /etc/puppet/namespaceauth.conf
[puppetrunner]
allow master1.com
[[email protected] ~]# vim /etc/puppet/auth.conf
path /run
method save
allow master1.com
# deny everything else; this ACL is not strictly necessary, but
# illustrates the default policy.
path /
auth any
[[email protected] ~]# systemctl restart puppetagent
3.3 mastere重新定义模块
[[email protected] puppet]# mkdir -pv /etc/puppet/modules/varnish/{manifests,files,templates,lib,tests,spec}
mkdir: created directory ‘/etc/puppet/modules/varnish’
mkdir: created directory ‘/etc/puppet/modules/varnish/manifests’
mkdir: created directory ‘/etc/puppet/modules/varnish/files’
mkdir: created directory ‘/etc/puppet/modules/varnish/templates’
mkdir: created directory ‘/etc/puppet/modules/varnish/lib’
mkdir: created directory ‘/etc/puppet/modules/varnish/tests’
mkdir: created directory ‘/etc/puppet/modules/varnish/spec’
[[email protected] puppet]# vim /etc/puppet/modules/varnish/manifests/init.pp
class varnish {
package{‘varnish‘:
ensure => latest,
}
}
在master端的站点清单申明新定义的类:
[[email protected] puppet]# vim /etc/puppet/manifests/site.pp
node "master2.com" {
include varnish
include nginx::proxy
}
重启服务:
[[email protected] puppet]# systemctl restart puppetmaster
3.4 mastere端推送
[[email protected] puppet]# puppet kick master2.com
Warning: Puppet kick is deprecated. See http://links.puppetlabs.com/puppet-kick-deprecation
Warning: Failed to load ruby LDAP library. LDAP functionality will not be available
Triggering master2.com
Getting status
status is success
master2.com finished with exit code 0
Finished
3.5 agent日志查看
[[email protected] ~]# tail /var/log/puppet/http.log
20:07:ab:88:68:a9:cd:ba:86:c2:70:d9:22:5d:e8:3a:ad:1e:
d4:ab:f2:f1:a5:04:43:a7:29:75:24:f0:56:84:dc:e0:77:1c:
43:a3:5f:2e:37:28:d4:90:9f:14:3c:30:c1:e0:cf:72:68:a3:
ba:2a:c8:c6:db:68:b9:67:9d:de:63:f1:89:50:b9:07:d7:93:
85:e7:84:29:cb:fa:61:31:52:05:5d:e0:ca:36:2d:eb:f0:3e:
03:72:7d:03:8f:a4:e5:2e:b3:c3:ee:5c:f0:4d:7d:ce:e2:65:
86:4d:f6:cb:e4:49:bc:f2
[2017-12-23 12:28:21] INFO WEBrick::HTTPServer#start: pid=3737 port=8139
[2017-12-23 12:30:08] 10.201.106.131 - - [23/Dec/2017:12:30:08 CST] "PUT /production/run/master2.com HTTP/1.1" 200 84
[2017-12-23 12:30:08] - -> /production/run/master2.com
[[email protected] ~]#
以上是关于puppet-master-agent杂记的主要内容,如果未能解决你的问题,请参考以下文章