puppet

标签：puppet   部署   

[root@node1 puppet]# ls 

 facter-2.4.4-1.el7.x86_64.rpm puppet-server-3.8.4-1.el7.noarch.rpm puppet-3.8.4-1.el7.noarch.rpm 

 [root@node1 puppet]# yum localinstall puppet-3.8.4-1.el7.noarch.rpm puppet-server-3.8.4-1. el7.noarch.rpm facter-2.4.4-1.el7.x86_64.rpm 

 [root@node1 puppet]# puppet master --genconfig > /etc/puppet/puppet.conf.new 

 [root@node1 puppet]# puppet master --verbose --no-daemonize  

###首次启动puppet服务进程可以以非守护进程方式进行，调试目的

Info: Creating a new SSL key for ca

Info: Creating a new SSL certificate request for ca

Info: Certificate Request fingerprint (SHA256): B5:0B:84:57:76:A8:24:7A:26:15:0A:CC:1F:6B:

02:F5:BC:08:07:CF:B8:6E:3C:98:59:79:62:82:93:10:E2:34Notice: Signed certificate request for ca

Info: Creating a new certificate revocation list

Info: Creating a new SSL key for node1.xiao.com

Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml

Info: Creating a new SSL certificate request for node1.xiao.com

Info: Certificate Request fingerprint (SHA256): 4A:6B:97:18:65:8A:BF:E5:1A:17:9D:6D:53:27:

1F:C8:3B:7A:85:1D:1B:7D:7C:B0:57:9B:00:72:E6:DF:6B:5FNotice: node1.xiao.com has a waiting certificate request

Notice: Signed certificate request for node1.xiao.com

Notice: Removing file Puppet::SSL::CertificateRequest node1.xiao.com at ‘/var/lib/puppet/s

sl/ca/requests/node1.xiao.com.pem‘Notice: Removing file Puppet::SSL::CertificateRequest node1.xiao.com at ‘/var/lib/puppet/s

sl/certificate_requests/node1.xiao.com.pem‘Notice: Starting Puppet master version 3.8.4

###测试启动没有问题，可中止当前的启动后将之启动守护进程了

[root@node1 puppet]# systemctl start puppetmaster.service

 [root@node1 puppet]# ss -tnl 

 State Recv-Q Send-Q Local Address:Port Peer Address:Port

LISTEN 0 128 *:8140 :

客户端： [root@node2 dylan]# yum localinstall puppet-3.8.4-1.el7.noarch.rpm facter-2.4.4-1.el7.x86_ 64.rpm

[root@node2 dylan]# puppet agent --server=node1.xiao.com --no-daemonize --verbose --test  ###首次启动puppet agent服务进程可以以非守护进程方式进行，调试目的

[root@node2 dylan]# puppet agent --server=node1.xiao.com --no-daemonize --verbose

Info: Creating a new SSL key for node2.xiao.com

Info: Caching certificate for ca

Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml

Info: Creating a new SSL certificate request for node2.xiao.com

Info: Certificate Request fingerprint (SHA256): E2:F8:60:A7:B8:3D:38:64:17:D2:91:AE:70:B9:

11:85:1D:C3:06:9E:C8:18:93:72:95:6A:D7:4F:A3:90:D8:3EInfo: Caching certificate for ca

在master端 签发证书

[root@node1 puppet]# puppet cert sign node2.xiao.com

Notice: Signed certificate request for node2.xiao.com

Notice: Removing file Puppet::SSL::CertificateRequest node2.xiao.com at ‘/var/lib/puppet/s

sl/ca/requests/node2.xiao.com.pem‘

agent端会接收证书

Notice: Starting Puppet client version 3.8.4

Info: Caching certificate_revocation_list for ca

Info: Retrieving pluginfacts

Info: Retrieving plugin

Info: Caching catalog for node2.xiao.com

Info: Applying configuration version ‘1507957920‘

Notice: Finished catalog run in 0.02 seconds

###测试启动没有问题，可中止当前的启动后将之启动守护进程了

[root@node2 dylan]# systemctl start puppetagent.service

puppet

标签：puppet   部署   

原文地址：http://rylan.blog.51cto.com/11290766/1972396