Puppet+foreman 本地yum安裝手冊
Puppet+foreman 本地yum安裝手冊
server:
192.168.9.248 szpuppet.server.com
agent:
192.168.9.143 zabbix
作業系統:CentOS6.4
本地yum
[root@szpuppet yum.repos.d]# cat rhle64_centos.repo
[foreman]
name=Foreman
baseurl=file:///root/foreman-repo-master/foreman
enabled=1
gpgcheck=0
[puppet]
name=puppet
baseurl=file:///root/foreman-repo-master/puppet-el6
enabled=1
gpgcheck=0
[rhel]
name=Red Hat Enterprise Linux Server
baseurl=file:///var/ftp/pub/Server
enabled=1
gpgcheck=0
採用hosts解析,所以要修改/etc/hosts
*******************************************************************************
安裝puppetmaster (伺服器端)
安裝puppetmaster,並生成CA和證書
# yum install puppet puppet-server facter
# vi /etc/puppet/puppet.conf
[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
server = szpuppet.server.com
certname = szpuppet.server.com
pluginsync = false
[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
server = szpuppet.server.com
pluginsync = false
[master]
environmentpath = /etc/puppet/environments
basemodulepath = /etc/puppet/modules:/usr/share/puppet/modules
environment_timeout = 10
# /etc/init.d/puppetmaster start
Starting puppetmaster: [ OK ]
# puppet cert --list --all
+ "puppetmaster162.kisspuppet.com" (SHA256) 2E:B3:73:4F:CD:EE:0C:64:2C:DF:24:E6:D3:62:F3:1C:AC:A3:28:60:67:1D:0C:8C:C5:CA:68:5B:4B:2F:49:B9 (alt names: "DNS:puppet", "DNS:puppet.kisspuppet.com", "DNS:puppetmaster162.kisspuppet.com")
測試puppetmaster是否能夠正常使用
# puppet agent -t
Info: Caching catalog for szpuppet.server.com
Info: Applying configuration version '1435911393'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.02 seconds
*******************************************************************************
安裝puppet agent (客戶端)
# yum install puppet
# vi /etc/puppet/puppet.conf
[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
server = szpuppet.server.com
pluginsync = false
[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
server = szpuppet.server.com
pluginsync = false
# puppet agent
# ps -ef | grep puppet
root 15447 1 1 16:25 ? 00:00:02 /usr/bin/ruby /usr/bin/puppet agent
root 15510 15277 0 16:28 pts/0 00:00:00 grep puppet
# puppet agent -t
Exiting; no certificate found and waitforcert is disabled
未授權證書
*******************************************************************************
證書認證
相server申請證書
客戶端執行:
# puppet agent --server szpuppet.server.com
伺服器端執行:
(單個授權證書)
# puppet cert sign zabbix
Notice: Signed certificate request for zabbix
Notice: Removing file Puppet::SSL::CertificateRequest zabbix at '/var/lib/puppet/ssl/ca/requests/zabbix.pem'
(全部授權證書)
#puppet cert sign --all
(檢視所有證書)
# puppet cert -all
+ "szpuppet.server.com" (SHA256) 12:19:BA:72:5E:AB:7B:FA:2F:DD:38:6D:62:34:E7:38:B3:EA:E0:F9:03:35:84:BE:09:96:14:26:C4:F7:86:C1 (alt names: "DNS:puppet", "DNS:puppet.server.com", "DNS:szpuppet.server.com")
+ "zabbix" (SHA256) 46:E0:6F:0B:14:64:0C:C3:ED:4D:AA:A0:7B:78:C6:CE:EB:91:C4:9F:24:6A:DD:1D:CA:AD:1D:1E:06:BF:06:8C
*******************************************************************************
驗證通訊:
server端:
# cd /etc/puppet/manifests/
# ll
total 0
# vi site.pp
node default{
file { "/tmp/test.txt":
content => "Hello,agent,this is puppet test!n"}
#/etc/init.d/puppetmaster restart
agent端:
# puppet agent --server szpuppet.server.com --test
Info: Caching catalog for zabbix
Info: Applying configuration version '1436146178'
Notice: /Stage[main]/Main/Node[default]/File[/tmp/test.txt]/content:
--- /tmp/test.txt 2015-07-03 16:43:33.144433003 +0800
+++ /tmp/puppet-file20150706-10930-1ipgx7i-0 2015-07-06 09:29:38.775285552 +0800
@@ -0,0 +1 @@
+Hello,agent,this is puppet test!n
\ No newline at end of file
Info: /Stage[main]/Main/Node[default]/File[/tmp/test.txt]: Filebucketed /tmp/test.txt to puppet with sum d41d8cd98f00b204e9800998ecf8427e
Notice: /Stage[main]/Main/Node[default]/File[/tmp/test.txt]/content: content changed '{md5}d41d8cd98f00b204e9800998ecf8427e' to '{md5}fda5a8abd3ca710bc39ce6c90b25cb73'
Notice: Finished catalog run in 0.14 seconds
更多應用舉例,請參考puppet配置一文
*******************************************************************************
安裝Foreman
透過foreman-installer安裝foreman
# yum install foreman-installer
foreman預設安裝選擇的資料庫為postgresql,這裡選用mysql進行安裝。
注意:openssl版本要升級到1.0.1e版本
安裝包
# rpm -ivh ruby193-runtime-1-6.el6.x86_64.rpm
# rpm -ivh centos-release-SCL-6-5.el6.centos.x86_64.rpm
保證只有原來一個yum
#rm -rf /etc/yum.repos.d/CentOS-SCL.repo
# yum install foreman mod_passenger mod_ssl ruby193-rubygem-passenger-native mysql mysql-server foreman-mysql2
#
...
Updated:
openssl.x86_64 0:1.0.1e-15.el6
Replaced:
ruby193-v8.x86_64 1:3.14.5.10-2.el6
Complete!
安裝foreman-proxy及依賴包
# yum install tftp-server syslinux foreman-proxy
只代理puppet和puppetCA,可以透過以下方式安裝
#foreman-installer --enable-foreman --enable-foreman-proxy --enable-puppet --puppet-server=true --foreman-proxy-puppetrun=true --foreman-proxy-puppetca=true --foreman-configure-epel-repo=false --foreman-proxy-register-in-foreman=false
Could not start Service[httpd]: Execution of '/sbin/service httpd start' returned 1: Starting httpd: [Mon Jul 06 10:33:12 2015] [warn] module passenger_module is already loaded, skipping
/Stage[main]/Apache::Service/Service[httpd]/ensure: change from stopped to running failed: Could not start Service[httpd]: Execution of '/sbin/service httpd start' returned 1: Starting httpd: [Mon Jul 06 10:33:12 2015] [warn] module passenger_module is already loaded, skipping
Installing --- /etc/foreman-proxy/settings.d/puppet.ymlser[f2014- [99%] [.............................................Installing Done [100%] [..............................................]
Something went wrong! Check the log for ERROR-level output
* Foreman is running at
Initial credentials are admin / krz9RbinLp4jasAe
* Foreman Proxy is running at :8443
* Puppetmaster is running at port 8140
The full log is at /var/log/foreman-installer/foreman-installer.log
httpd啟動失敗,埠被佔用了
修改一下埠
代理TFTP, DNS, DHCP, Puppet, and Puppet CA,並且puppetmaster會以apache+passenger的方式安裝執行。
#foreman-installer --enable-foreman --enable-foreman-proxy --enable-puppet --puppet-server=true --foreman-proxy-puppetrun=true --foreman-proxy-puppetca=true --foreman-proxy-dhcp=true --foreman-proxy-tftp=true --foreman-proxy-dns=true --foreman-proxy-dns-interface=eth0 --foreman-proxy-dns-zone=kisspuppet.com --foreman-proxy-dns-reverse=10.168.192.in-addr.arpa --foreman-proxy-dns-forwarders=8.8.8.8 --foreman-proxy-dns-forwarders=8.8.4.4 --foreman-configure-epel-repo=false --foreman-proxy-register-in-foreman=false
安裝完成之後,透過火狐或者谷歌瀏覽器訪問看是否安裝成功https://192.168.9.248
檢查foreman、foreman-proxy、puppetmaster是否安裝成功
# /etc/init.d/httpd status
httpd (pid 25433) is running...
# /etc/init.d/foreman-proxy status
foreman-proxy (pid 25605) is running...
# netstat -naltp | grep 8443
tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN 25605/ruby
# netstat -naltp | grep 80
tcp 0 0 :::80 :::* LISTEN 25433/httpd
# netstat -naltp | grep 8140
tcp 0 0 :::8140 :::* LISTEN 25433/httpd
基本上安裝完成!!
yum包地址:(百度網盤地址)
server:
192.168.9.248 szpuppet.server.com
agent:
192.168.9.143 zabbix
作業系統:CentOS6.4
本地yum
[root@szpuppet yum.repos.d]# cat rhle64_centos.repo
[foreman]
name=Foreman
baseurl=file:///root/foreman-repo-master/foreman
enabled=1
gpgcheck=0
[puppet]
name=puppet
baseurl=file:///root/foreman-repo-master/puppet-el6
enabled=1
gpgcheck=0
[rhel]
name=Red Hat Enterprise Linux Server
baseurl=file:///var/ftp/pub/Server
enabled=1
gpgcheck=0
採用hosts解析,所以要修改/etc/hosts
*******************************************************************************
安裝puppetmaster (伺服器端)
安裝puppetmaster,並生成CA和證書
# yum install puppet puppet-server facter
# vi /etc/puppet/puppet.conf
[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
server = szpuppet.server.com
certname = szpuppet.server.com
pluginsync = false
[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
server = szpuppet.server.com
pluginsync = false
[master]
environmentpath = /etc/puppet/environments
basemodulepath = /etc/puppet/modules:/usr/share/puppet/modules
environment_timeout = 10
# /etc/init.d/puppetmaster start
Starting puppetmaster: [ OK ]
# puppet cert --list --all
+ "puppetmaster162.kisspuppet.com" (SHA256) 2E:B3:73:4F:CD:EE:0C:64:2C:DF:24:E6:D3:62:F3:1C:AC:A3:28:60:67:1D:0C:8C:C5:CA:68:5B:4B:2F:49:B9 (alt names: "DNS:puppet", "DNS:puppet.kisspuppet.com", "DNS:puppetmaster162.kisspuppet.com")
測試puppetmaster是否能夠正常使用
# puppet agent -t
Info: Caching catalog for szpuppet.server.com
Info: Applying configuration version '1435911393'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.02 seconds
*******************************************************************************
安裝puppet agent (客戶端)
# yum install puppet
# vi /etc/puppet/puppet.conf
[main]
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
server = szpuppet.server.com
pluginsync = false
[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
server = szpuppet.server.com
pluginsync = false
# puppet agent
# ps -ef | grep puppet
root 15447 1 1 16:25 ? 00:00:02 /usr/bin/ruby /usr/bin/puppet agent
root 15510 15277 0 16:28 pts/0 00:00:00 grep puppet
# puppet agent -t
Exiting; no certificate found and waitforcert is disabled
未授權證書
*******************************************************************************
證書認證
相server申請證書
客戶端執行:
# puppet agent --server szpuppet.server.com
伺服器端執行:
(單個授權證書)
# puppet cert sign zabbix
Notice: Signed certificate request for zabbix
Notice: Removing file Puppet::SSL::CertificateRequest zabbix at '/var/lib/puppet/ssl/ca/requests/zabbix.pem'
(全部授權證書)
#puppet cert sign --all
(檢視所有證書)
# puppet cert -all
+ "szpuppet.server.com" (SHA256) 12:19:BA:72:5E:AB:7B:FA:2F:DD:38:6D:62:34:E7:38:B3:EA:E0:F9:03:35:84:BE:09:96:14:26:C4:F7:86:C1 (alt names: "DNS:puppet", "DNS:puppet.server.com", "DNS:szpuppet.server.com")
+ "zabbix" (SHA256) 46:E0:6F:0B:14:64:0C:C3:ED:4D:AA:A0:7B:78:C6:CE:EB:91:C4:9F:24:6A:DD:1D:CA:AD:1D:1E:06:BF:06:8C
*******************************************************************************
驗證通訊:
server端:
# cd /etc/puppet/manifests/
# ll
total 0
# vi site.pp
node default{
file { "/tmp/test.txt":
content => "Hello,agent,this is puppet test!n"}
#/etc/init.d/puppetmaster restart
agent端:
# puppet agent --server szpuppet.server.com --test
Info: Caching catalog for zabbix
Info: Applying configuration version '1436146178'
Notice: /Stage[main]/Main/Node[default]/File[/tmp/test.txt]/content:
--- /tmp/test.txt 2015-07-03 16:43:33.144433003 +0800
+++ /tmp/puppet-file20150706-10930-1ipgx7i-0 2015-07-06 09:29:38.775285552 +0800
@@ -0,0 +1 @@
+Hello,agent,this is puppet test!n
\ No newline at end of file
Info: /Stage[main]/Main/Node[default]/File[/tmp/test.txt]: Filebucketed /tmp/test.txt to puppet with sum d41d8cd98f00b204e9800998ecf8427e
Notice: /Stage[main]/Main/Node[default]/File[/tmp/test.txt]/content: content changed '{md5}d41d8cd98f00b204e9800998ecf8427e' to '{md5}fda5a8abd3ca710bc39ce6c90b25cb73'
Notice: Finished catalog run in 0.14 seconds
更多應用舉例,請參考puppet配置一文
*******************************************************************************
安裝Foreman
透過foreman-installer安裝foreman
# yum install foreman-installer
foreman預設安裝選擇的資料庫為postgresql,這裡選用mysql進行安裝。
注意:openssl版本要升級到1.0.1e版本
安裝包
# rpm -ivh ruby193-runtime-1-6.el6.x86_64.rpm
# rpm -ivh centos-release-SCL-6-5.el6.centos.x86_64.rpm
保證只有原來一個yum
#rm -rf /etc/yum.repos.d/CentOS-SCL.repo
# yum install foreman mod_passenger mod_ssl ruby193-rubygem-passenger-native mysql mysql-server foreman-mysql2
#
...
Updated:
openssl.x86_64 0:1.0.1e-15.el6
Replaced:
ruby193-v8.x86_64 1:3.14.5.10-2.el6
Complete!
安裝foreman-proxy及依賴包
# yum install tftp-server syslinux foreman-proxy
只代理puppet和puppetCA,可以透過以下方式安裝
#foreman-installer --enable-foreman --enable-foreman-proxy --enable-puppet --puppet-server=true --foreman-proxy-puppetrun=true --foreman-proxy-puppetca=true --foreman-configure-epel-repo=false --foreman-proxy-register-in-foreman=false
Could not start Service[httpd]: Execution of '/sbin/service httpd start' returned 1: Starting httpd: [Mon Jul 06 10:33:12 2015] [warn] module passenger_module is already loaded, skipping
/Stage[main]/Apache::Service/Service[httpd]/ensure: change from stopped to running failed: Could not start Service[httpd]: Execution of '/sbin/service httpd start' returned 1: Starting httpd: [Mon Jul 06 10:33:12 2015] [warn] module passenger_module is already loaded, skipping
Installing --- /etc/foreman-proxy/settings.d/puppet.ymlser[f2014- [99%] [.............................................Installing Done [100%] [..............................................]
Something went wrong! Check the log for ERROR-level output
* Foreman is running at
Initial credentials are admin / krz9RbinLp4jasAe
* Foreman Proxy is running at :8443
* Puppetmaster is running at port 8140
The full log is at /var/log/foreman-installer/foreman-installer.log
httpd啟動失敗,埠被佔用了
修改一下埠
代理TFTP, DNS, DHCP, Puppet, and Puppet CA,並且puppetmaster會以apache+passenger的方式安裝執行。
#foreman-installer --enable-foreman --enable-foreman-proxy --enable-puppet --puppet-server=true --foreman-proxy-puppetrun=true --foreman-proxy-puppetca=true --foreman-proxy-dhcp=true --foreman-proxy-tftp=true --foreman-proxy-dns=true --foreman-proxy-dns-interface=eth0 --foreman-proxy-dns-zone=kisspuppet.com --foreman-proxy-dns-reverse=10.168.192.in-addr.arpa --foreman-proxy-dns-forwarders=8.8.8.8 --foreman-proxy-dns-forwarders=8.8.4.4 --foreman-configure-epel-repo=false --foreman-proxy-register-in-foreman=false
安裝完成之後,透過火狐或者谷歌瀏覽器訪問看是否安裝成功https://192.168.9.248
檢查foreman、foreman-proxy、puppetmaster是否安裝成功
# /etc/init.d/httpd status
httpd (pid 25433) is running...
# /etc/init.d/foreman-proxy status
foreman-proxy (pid 25605) is running...
# netstat -naltp | grep 8443
tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN 25605/ruby
# netstat -naltp | grep 80
tcp 0 0 :::80 :::* LISTEN 25433/httpd
# netstat -naltp | grep 8140
tcp 0 0 :::8140 :::* LISTEN 25433/httpd
基本上安裝完成!!
yum包地址:(百度網盤地址)
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/29500582/viewspace-1724261/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- linux配置本地yum安裝--FTP yumLinuxFTP
- 本地yum庫製作及本地安裝DockerDocker
- RedHat Linux 本地Yum源安裝RedhatLinux
- 配置本地yum源及安裝必要的包
- RHEL6.5使用安裝光碟搭建本地YUM
- 12C安裝及本地YUM源配置
- Hbase安裝手冊
- Hive安裝手冊Hive
- RAC安裝手冊
- yum如何解除安裝已安裝的rpm並安裝本地rpm包
- yum之如何手動建立本地yum倉庫
- Erlang安裝手冊-windowsWindows
- GP完整安裝手冊
- RHEL7安裝本地離線yum源倉庫
- yum安裝
- mysql安裝 (yum 安裝)MySql
- 搭建本地yum源,使用安裝光碟的rpm作為yum源的檔案
- Discoverer Desktop安裝手冊
- Oracle VM Server安裝手冊OracleServer
- 求petstore的安裝手冊?
- FVWM安裝完全手冊(轉)
- ORACLE FOR SUN SOLARIS 安裝手冊Oracle
- Rational ClearCase Windows安裝手冊Windows
- PHPNuke完全安裝手冊(轉)PHP
- yum 安裝 PHPPHP
- mysql yum 安裝MySql
- yum安裝nginxNginx
- yum安裝lampLAMP
- yum安裝mysqlMySql
- 【Linux】Linux軟體安裝管理2 使用安裝光碟配置本地yum倉庫Linux
- Go語言快速安裝手冊Go
- gitlab服務安裝手冊Gitlab
- MySql安裝及整合Hive手冊MySqlHive
- GOLDENGATE安裝和配置手冊Go
- RH9安裝手冊,很好!
- linux 安裝yum 安裝phpLinuxPHP
- Centos 安裝yum,安裝ansibleCentOS
- yum安裝ansible