本文共 1980 字,大约阅读时间需要 6 分钟。
master------------agent 证书加密
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 | 192.168.2.130 puppet.hequan.lol puppet 192.168.2.131 station.hequan.lol station 安装 master: yum install puppet.noarch puppet-server.noarch agent: yum install puppet.noarch [root@puppet puppet] # ls auth.conf fileserver.conf manifests modules puppet.conf vim puppet.conf 1 [master] 2 certname=puppet.hequan.lol [root@puppet puppet] # puppet master [root@puppet puppet] # netstat -lntup | grep 8140 tcp 0 0 0.0.0.0:8140 0.0.0.0:* LISTEN 2580 /ruby [root@station ~] # puppet agent --server=puppet.hequan.lol --no-daemonize --verbose --onetime ##默认去找puppet [root@puppet puppet] # ll /var/lib/puppet/ssl/ca/requests/ -rw-r--r-- 1 puppet puppet 1598 8月 31 20:38 station.hequan.lol.pem [root@puppet puppet] # puppet cert --list "station.hequan.lol" (SHA256) 35:BD:28:6C:18:5D:58:3F:EF:60:F6:2D:6E:5D:5A:B7:16:02:36:84:48:08:31:32:28:DF:C7:BD:A6:65:9F:E9 puppet cert --sign station.hequan.lol ##all 签发 [root@puppet puppet] # ll /var/lib/puppet/ssl/ca/signed/ ##签发完成,建立联系 总用量 8 -rw-r--r-- 1 puppet puppet 2009 8月 31 20:34 puppet.hequan.lol.pem -rw-r--r-- 1 puppet puppet 1960 8月 31 20:41 station.hequan.lol.pem /etc/puppet/manifests ##管理服务器清单,这个目录里面需要一个文件, xxx.pp [root@puppet manifests] # ll -rw-r--r-- 1 root root 159 8月 31 20:58 node.pp -rw-r--r-- 1 root root 53 8月 31 20:48 site.pp [root@puppet manifests] # cat site.pp $puppetserver= "puppet.hequan.lol" import 'node.pp' [root@puppet manifests] # cat node.pp node 'station.hequan.lol' { #定义资源的方式: #资源类型{'资源名':属性1=>'值1'} package{ "system-config-date" :ensure=> 'present' } } package { 'nginx' : ensure => present, } file { "/root/aa1.txt" : ensure=> "present" , mode=> "0000" } [root@station puppet] # ll /root 总用量 4 ---------- 1 root root 0 8月 31 21:26 aa1.txt |