Puppet 实战

本文主要是介绍Puppet 实战，希望对大家解决编程问题提供一定的参考价值，需要的开发者们随着小编来一起学习吧！

官方网址：https://www.puppet.com/
架构：https://www.puppet.com/docs/puppet/5.5/architecture.html
用途：自动化运维
库：https://forge.puppet.com/

📠样例：安装Apache

这里使用Amazon Lightsail两台机器去演示，其中Server为master节点，Node为slave节点

样例步骤

Server中执行 设置一些基础信息

$ sudo hostnamectl set-hostname puppet
$ hostname
puppet

必须让两个主机可以通信，你可以通过命令关闭防火墙，如果你正在使用云产品，也可以在界面中进行配置（不同云厂商在不同位置，一般在安全组进行配置）
Server中执行 安装

$ sudo rpm -Uvh https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm
$ sudo yum install -y puppetserver

Server中执行 修改一些配置，根据你当前的需求进行配置

/etc/sysconfig/puppetserver

Server中执行 启动（如果无法启动可能是因为你的服务器资源不满足，请修改上述配置文件）

$ sudo systemctl start puppetserver
$ sudo systemctl status puppetserver
● puppetserver.service - puppetserver ServiceLoaded: loaded (/usr/lib/systemd/system/puppetserver.service; disabled; vendor preset: disabled)Active: active (running) since Sun 2023-12-17 07:02:10 UTC; 20s agoProcess: 1713 ExecStart=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver start (code=exited, status=0/SUCCESS)Main PID: 1722 (java)CGroup: /system.slice/puppetserver.service└─1722 /usr/bin/java -Xms512m -Xmx512m -XX:MaxPermSize=256m -Djava.security.egd=/dev/ur...Dec 17 07:01:22 puppet systemd[1]: Starting puppetserver Service...
Dec 17 07:01:22 puppet puppetserver[1713]: OpenJDK 64-Bit Server VM warning: ignoring option Ma...8.0
Dec 17 07:02:10 puppet systemd[1]: Started puppetserver Service.
Hint: Some lines were ellipsized, use -l to show in full.
$ sudo systemctl enable puppetserver
Created symlink from /etc/systemd/system/multi-user.target.wants/puppetserver.service to /usr/lib/systemd/system/puppetserver.service.

Node中执行 vi /etc/hosts文件中添加

[puppetserver-IP] puppet puppet-master

Node中执行 安装


$ sudo rpm -Uvh https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm
$ sudo yum install -y puppet-agent

Node中执行 启动,同时生成SSL认证

$ sudo /opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true
Notice: /Service[puppet]/ensure: ensure changed 'stopped' to 'running'
service { 'puppet':ensure => 'running',enable => 'true',
}$ hostname
ip-172-26-8-25.ap-southeast-1.compute.internal

Server中执行

$ sudo /opt/puppetlabs/bin/puppet cert list"ip-172-26-8-25.ap-southeast-1.compute.internal" (SHA256) AA:C7:01:DE:70:6A:95:84:E6:84:6C:AD:4E:5D:4E:45:B3:47:06:FB:99:9F:32:C7:BA:7F:06:5A:6C:1F:44:C1

Server中执行 签署认证

$sudo /opt/puppetlabs/bin/puppet cert sign ip-172-26-8-25.ap-southeast-1.compute.internal
Signing Certificate Request for:"ip-172-26-8-25.ap-southeast-1.compute.internal" (SHA256) AA:C7:01:DE:70:6A:95:84:E6:84:6C:AD:4E:5D:4E:45:B3:47:06:FB:99:9F:32:C7:BA:7F:06:5A:6C:1F:44:C1
Notice: Signed certificate request for ip-172-26-8-25.ap-southeast-1.compute.internal
Notice: Removing file Puppet::SSL::CertificateRequest ip-172-26-8-25.ap-southeast-1.compute.internal at '/etc/puppetlabs/puppet/ssl/ca/requests/ip-172-26-8-25.ap-southeast-1.compute.internal.pem'

Server中执行

$ sudo touch /etc/puppetlabs/code/environments/production/manifests/smaple.pp

Node中执行 查看

$ /opt/puppetlabs/bin/puppet agent --test
Info: Caching certificate for ip-172-26-8-25.ap-southeast-1.compute.internal
Info: Caching certificate_revocation_list for ca
Info: Caching certificate for ip-172-26-8-25.ap-southeast-1.compute.internal
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Notice: /File[/home/centos/.puppetlabs/opt/puppet/cache/facts.d]/mode: mode c
hanged '0775' to '0755'
Info: Retrieving plugin
Info: Caching catalog for ip-172-26-8-25.ap-southeast-1.compute.internal
Info: Applying configuration version '1702800941'
Info: Creating state file /home/centos/.puppetlabs/opt/puppet/cache/state/sta
te.yaml
Notice: Applied catalog in 0.01 seconds

Server中执行 编辑模板参考 https://www.puppet.com/docs/puppet/5.5/lang_template.html

/etc/puppetlabs/code/environments/production/manifests/smaple.pp

node 'ip-172-26-8-25.ap-southeast-1.compute.internal' {
package{ 'httpd' :
ensure=> installed,
}
}

Node中执行 执行

$ sudo /opt/puppetlabs/bin/puppet agent --test
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for ip-172-26-8-25.ap-southeast-1.compute.internal
Info: Applying configuration version '1702801388'
Notice: /Stage[main]/Main/Node[ip-172-26-8-25.ap-southeast-1.compute.internal
]/Package[httpd]/ensure: created
Notice: Applied catalog in 6.58 seconds
#打开apache服务
$ sudo apachectl start