Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to install Puppet and Puppet Foreman under the CentOS system". The content of the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "how to install Puppet and Puppet Foreman in the CentOS system".

1. System environment:

Centos6.4 x86_64

192.168.6.171 puppet.domain.com

192.168.6.173 agent1.domian.com

2. Close selinux and iptables (here is the test environment, you can also add puppet port 8140)

The code is as follows:

Setenforce 0

/ etc/init.d/iptables stop & & chkconfig iptables off

Third, change the hostname and use host to resolve

The code is as follows:

[root@test] # cat / etc/sysconfig/network / / # 192.168.6.171

NETWORKING=yes

NETWORKING_IPV6=no

HOSTNAME=puppet.domain.com

[root@test ~] # cat / etc/hosts

192.168.6.171 puppet.domain.com

192.168.6.173 agent1.domain.com

[root@test ~] cat / etc/sysconfig/network / / # 192.168.6.173

NETWORKING=yes

NETWORKING_IPV6=no

HOSTNAME=agent1.domain.com

[root@test ~] # cat / etc/hosts

192.168.6.171 puppet.domain.com

192.168.6.173 agent1.domain.com

Fourth, install yum source

1. # download address https://lug.ustc.edu.cn/wiki/mirrors/help/centos

The code is as follows:

[root@puppet yum.repos.d] # cat CentOS-Base.repo

# CentOS-Base.repo

#

# The mirror system uses the connecting IP address of the client and the

# update status of each mirror to pick mirrors that are updated to and

# geographically close to the client. You should use this for CentOS updates

# unless you are manually picking other mirrors.

#

# If the mirrorlist= does not work for you, as a fall back you can try the

# remarked out baseurl= line instead.

#

#

[base]

Name=CentOS-$releasever-Base-mirrors.ustc.edu.cn

Baseurl= http://mirrors.ustc.edu.cn/centos/$releasever/os/$basearch/

# mirrorlist= http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os

Gpgcheck=1

Gpgkey= http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

# released updates

[updates]

Name=CentOS-$releasever-Updates-mirrors.ustc.edu.cn

Baseurl= http://mirrors.ustc.edu.cn/centos/$releasever/updates/$basearch/

# mirrorlist= http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates

Gpgcheck=1

Gpgkey= http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

# additional packages that may be useful

[extras]

Name=CentOS-$releasever-Extras-mirrors.ustc.edu.cn

Baseurl= http://mirrors.ustc.edu.cn/centos/$releasever/extras/$basearch/

# mirrorlist= http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras

Gpgcheck=1

Gpgkey= http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

# additional packages that extend functionality of existing packages

[centosplus]

Name=CentOS-$releasever-Plus-mirrors.ustc.edu.cn

Baseurl= http://mirrors.ustc.edu.cn/centos/$releasever/centosplus/$basearch/

# mirrorlist= http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus

Gpgcheck=1

Enabled=0

Gpgkey= http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

# contrib-packages by Centos Users

[contrib]

Name=CentOS-$releasever-Contrib-mirrors.ustc.edu.cn

Baseurl= http://mirrors.ustc.edu.cn/centos/$releasever/contrib/$basearch/

# mirrorlist= http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib

Gpgcheck=1

Enabled=0

Gpgkey= http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

2. Install the official yum source

The code is as follows:

Rpm-Uvh http://yum.puppetlabs.com/el/6Server/products/x86_64/puppetlabs-release-6-6.noarch.rpm

5. Install the ruby environment (both master and Aentend need to operate)

The code is as follows:

Yum-y install ruby ruby-libs ruby-shadow

[root@puppet yum.repos.d] # ruby-v / / # check the ruby version

Ruby 1.8.7 (2011-06-30 patchlevel 352) [x86_64-linux]

Master:

The code is as follows:

Yum-y install puppet-server

Agent:

The code is as follows:

Yum-y install puppet

6. Puppet configuration file (seeing a lot of documents outside and [main] [agent] [master] made me dizzy, I posted my configuration file directly. It's very simple and there are few things to change.)

1. Configuration file on masterside

The code is as follows:

[root@pupet ~] # cd / etc/puppet/

[root@pupet puppet] # cat puppet.conf

[main]

Vardir = / var/lib/puppet / / # is used to store cached data, configuration, reports returned by the client and file backups

Logdir = / var/log/puppet

Rundir = / var/run/puppet

Ssldir = $vardir/ssl / / # directory of certification documents issued

[master]

Reports = foreman,console,log / / # send the report to console,foreman,log

Certname = puppet.domain.com / / # configuration hostname is puppet.domain.com

Pluginsync = true / / # enable plug-in synchronization

Environment = production / / # specifies that the running environment is production

# / etc/init.d/puppetmaster start starts puppetmaster

2. Configuration file on the agent side

The code is as follows:

[root@agent ~] # cd / etc/puppet/

[root@agent puppet] # cat puppet.conf

[main]

Logdir = / var/log/puppet

Rundir = / var/run/puppet

Ssldir = $vardir/ssl

Pluginsync = true

[agent]

Classfile = $vardir/classes.txt

Localconfig = $vardir/localconfigs

# runinterval = 300

Listen = true

Report = true

Server = puppet.domain.com / / # specify the server side

# / etc/init.d/puppet start starts puppet agent

VII. Puppet verification

1. Client initiates verification

The code is as follows:

[root@agent1 yum.repos.d] # puppet agent-test-server puppet.domain.com

Info: Caching certificate for ca

Info: csr_attributes file loading from / etc/puppet/csr_attributes.yaml

Info: Creating a new SSL certificate request for agent1.domain.com

Info: Certificate Request fingerprint (SHA256): C0:BB:24:3B:4B:59:F1:63:3D:EA:C1:EB:5B:2D:84:68:23:BA:F3:3D:0A:E6:8C:0E:38:3F:9E:F3:40:24:9A:68

Info: Caching certificate for ca

Exiting; no certificate found and waitforcert is disabled

2. Server view

The code is as follows:

[root@puppet puppet] # puppet cert-list-all

"agent1.domain.com" (SHA256) C0:BB:24:3B:4B:59:F1:63:3D:EA:C1:EB:5B:2D:84:68:23:BA:F3:3D:0A:E6:8C:0E:38:3F:9E:F3:40:24:9A:68

+ "puppet.domain.com" SHA256) AF:F9:25:75:0F:3A:C5:E2:B5:71:EE:4E:65:82:7A:C1:3E:20:74:EF:57:2D:2D:1D:E5:47:1D:03:76:A5:5C:07 (alt names: "DNS:puppet", "DNS:puppet.domain.com")

3. The server completes the verification (the + sign indicates that it has been added, if not, it is the added host)

The code is as follows:

[root@puppet puppet] # puppet cert sign agent1.domain.com

Notice: Signed certificate request for agent1.domain.com

Notice: Removing file Puppet::SSL::CertificateRequest agent1.domain.com at'/ var/lib/puppet/ssl/ca/requests/agent1.domain.com.pem'

The code is as follows:

[root@puppet puppet] # puppet cert-list-all

+ "agent1.domain.com" (SHA256) 70:00:4D:89:53:2B:A4:C4:16:C4:DA:F1:63:59:5A:7A:0C:26:47:3B:74:4D:1C:29:C3:1B:BF:2E:B1:F4:89:D5

+ "puppet.domain.com" SHA256) AF:F9:25:75:0F:3A:C5:E2:B5:71:EE:4E:65:82:7A:C1:3E:20:74:EF:57:2D:2D:1D:E5:47:1D:03:76:A5:5C:07 (alt names: "DNS:puppet", "DNS:puppet.domain.com")

4. The server automatically verifies the configuration

The code is as follows:

Vi / etc/puppet/puppet.conf / / # add automatic verification profile path and open

Autosign = $confdir/autosign.conf {mode = 664}

Auto = true

Vi / etc/puppet/autosign.conf / / # specifies that all hostnames ending in .domain.com automatically add validation

* .domain.com

5. Master cancels authorization

The code is as follows:

Puppet cert-revoke agent1.domain.com

6. Master delete authorization

On the master side:

The code is as follows:

Puppet cert-clean agent1.domain.com

On the agent side:

The code is as follows:

Find / var/lib/puppet/ssl/-iname 'hostname'.pem-exec / bin/rm-rf {}

8. Test the puppet file push function

Master side:

The code is as follows:

# define a test module

[root@puppet test] # pwd

/ etc/puppet/modules/test

[root@puppet test] # ls

Files manifests templates

# Custom resource files

[root@puppet test] # cd manifests/

[root@puppet manifests] # ls

Init.pp

[root@puppet manifests] # cat init.pp

Class test {

File {"/ tmp/$hostname.txt": content = > "hello $hostname.txt";}

}

# pour test module into agent.domain.com node

[root@puppet nodes] # pwd

/ etc/puppet/manifests/nodes

[root@puppet nodes] # cat agent.domain.com.pp

Node 'agent.domain.com' {

Include test

}

# Import file to all nodes

[root@puppet manifests] # pwd

/ etc/puppet/manifests

[root@puppet manifests] # cat site.pp

Import "nodes/*.domain.com.pp"

# agent end

The code is as follows:

[root@agent1 yum.repos.d] # puppet agent-test-server puppet.domain.com

Notice: Ignoring-- listen on onetime run

Info: Retrieving pluginfacts

Info: Retrieving plugin

Info: Caching catalog for agent1.domain.com

Info: Applying configuration version '1408524165'

Notice: / stage [main] / Test/ File [/ tmp/agent1.txt] / ensure: defined content as'{md5} 7509cca57ec6faec2d5dd2c76a68ea0b'

Notice: Finished catalog run in 0.10 seconds

# verify the file

[root@agent1 yum.repos.d] # cat / tmp/agent1.txt

Hello agent1.txt

Install Puppet foreman

Preparatory work:

1. Before installing foreman, we need to install the source of epel, otherwise many packages of yum-y install foreman-installer cannot be installed.

The code is as follows:

Rpm-ivh http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm

I. installation

The code is as follows:

Yum-y install http://yum.theforeman.org/releases/1.6/el6/x86_64/foreman-release.rpm / / recommends using an official source to automatically resolve dependency issues

Yum-y install foreman-installer / / # start installation if you find any package installation errors need to be carefully checked to see if it is the source (recommended Epel source) or firewall and selinux

2. Run foreman installation (either of the two below is OK, non-interactive installation is recommended)

The code is as follows:

Foreman-installer / / # all the processes here are automatic for a long time, too long. I'm evil again.

Foreman-installer-I / / # if you need custom installation, you can use-I to choose interactive installation details, please refer to the official manual

# it seems that every time I install it, it will get stuck here. For some reason, I will finish it every time and execute foreman-installer again.

Installing Debug: Package [foreman-postgresql] (provider=yum): [22%] [.

5794? Ss 0:04 / usr/bin/python / usr/bin/yum-d 0-e 0-y install foreman-postgresql / / the process has been stuck here

# after installation, you can clearly see the failure of httpd startup. We need to manually start / etc/init.d/httpd start installation twice. I don't know if it is an isolated case.

Could not start Service [httpd]: Execution of'/ sbin/service httpd start' returned 1: Starting httpd: [FAILED]

/ stage [main] / Apache::Service/ Service [httpd] / ensure: change from stopped to running failed: Could not start Service [httpd]: Execution of'/ sbin/service httpd start' returned 1: Starting httpd: [FAILED]

# start foreman-proxy

/ etc/init.d/foreman-proxy start

Visit the web page

# password is required to log in to web. This password will be displayed on the terminal after successful installation.

* Foreman is running at https://puppet.domain.com

Initial credentials are admin / sFuCu73KydURMTbi

* Foreman Proxy is running at https://puppet.domain.com:8443

* Puppetmaster is running at port 8140

The full log is at / var/log/foreman-installer/foreman-installer.log

Thank you for your reading, the above is the content of "how to install Puppet and Puppet Foreman under the CentOS system". After the study of this article, I believe you have a deeper understanding of how to install Puppet and Puppet Foreman under the CentOS system. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.