«А чего дома сидеть?»
Пошаговая становка и настройка Puppet на двух Ubuntu хостах.


MASTER

cd ~; wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb
sudo dpkg -i puppetlabs-release-trusty.deb
sudo apt-get update
sudo apt-get install puppetmaster-passenger
sudo service apache2 stop
sed -e '/templatedir/ s/^#*/#/' -i.back /etc/puppet/puppet.conf
puppet help | tail -n 1
sudo nano /etc/apt/preferences.d/00-puppet.pref

	# /etc/apt/preferences.d/00-puppet.pref
	Package: puppet puppet-common puppetmaster-passenger
	Pin: version 3.6*
	Pin-Priority: 501

sudo rm -rf /var/lib/puppet/ssl

sudo nano /etc/puppet/puppet.conf

	[main]
	logdir=/var/log/puppet
	vardir=/var/lib/puppet
	ssldir=/var/lib/puppet/ssl
	rundir=/var/run/puppet
	factpath=$vardir/lib/facter
	#templatedir=$confdir/templates
	certname = puppet
	# server.us-west-1.compute.amazonaws.com - FQDN name
dns_alt_names = puppet,server.us-west-1.compute.amazonaws.com
[master] # These are needed when the puppetmaster is run by passenger # and can safely be removed if webrick is used. ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY sudo puppet master --verbose --no-daemonize sudo puppet cert list -all sudo cat /etc/puppet/puppet.conf sudo touch /etc/puppet/manifests/site.pp sudo service apache2 start AGENT cd ~; wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb sudo dpkg -i puppetlabs-release-trusty.deb sudo apt-get update sudo apt-get install puppet sudo nano /etc/default/puppet START=yes sudo nano /etc/apt/preferences.d/00-puppet.pref # /etc/apt/preferences.d/00-puppet.pref Package: puppet puppet-common Pin: version 3.6* Pin-Priority: 501 sudo nano /etc/puppet/puppet.conf [agent] server = server.us-west-1.compute.amazonaws.com sudo service puppet start MASTER sudo puppet cert list #When the puppetmaster server certificates are generated they are named puppet.pem #in stead of puppetmaster.domain.tld.pem because the certname = puppet in #/etc/puppet/puppet.conf. nano /etc/apache2/sites-enabled/puppetmaster.conf sudo puppet cert sign client.us-west-1.compute.internal or sudo puppet cert sign --all facter AGENT sudo puppet agent --test MASTER sudo puppet module install puppetlabs-apache sudo nano /etc/puppet/manifests/site.pp file {'/tmp/example-ip': # resource type file and filename ensure => present, # make sure it exists mode => 0644, # file permissions content => "Here is my Public IP Address: ${ipaddress_eth0}.\n", # note the ipaddress_eth0 fact } node 'client.us-west-1.compute.internal' { # applies to client.us-west-1.compute.internal node class { 'apache': } # use apache module apache::vhost { 'example.com': # define vhost resource port => '80', docroot => '/var/www/html' } } node default {} # applies to nodes that aren't explicitly defined AGENT sudo puppet agent --test

Добавить комментарий


Защитный код
Обновить