Puppetdb安装
系统环境:selinux and iptables disabled
Rhel 6.5
Puppet 3.7.5
Ruby 1.8.7
简介:puppetdb是puppet的数据库,能够检索到已生成的数据。提高puppet执行效率
自带的HSQLDB适用在100节点内,所以用pgsql(*递归查询*)
两种方法:第一种复杂,第二种简单,但中间也会有各种问题,必须慢慢排查
一.安装包安装:
a. 安装pgsql数据库:yum install postgresql-server postgresql
b. 安装puppetdb:yum installpuppetdb puppetdb-terminus
[[email protected]]# cat /etc/yum.repos.d/yum.repo
[yum]
name=hello
baseurl=file:///var/www/html/yumsource
gpgcheck=0
[puppet]
name=puppet
baseurl=http://yum.puppetlabs.com/el/6Server/products/x86_64
gpgcheck=0
[ruby]
name=ruby
baseurl=http://yum.puppetlabs.com/el/6Server/dependencies/x86_64
gpgcheck=0
c. 初始化数据库
1)service postgresql initdb
2)sudo -u postgres sh
createuser –DRSP puppetdb
createdb –O puppetdb puppetdb
测试:psql -h localhost -U puppetdb-d puppetdb –W
3)[[email protected] modules]# tail /var/lib/pgsql/data/pg_hba.conf
local all all trust
# IPv4local connections:
host all all 127.0.0.1/32 trust
# IPv6local connections:
host all all ::1/128 trust
4)/etc/init.d/postgresqlrestart
d.配置pgsql
1)puppet config print hostcert
cp /etc/puppet/ssl/certs/server1.example.com.pem /var/lib/pgsql/data/server.crt
puppet config print hostprivkey
cp /etc/puppet/ssl/private_keys/server1.example.com.pem/var/lib/pgsql/data/server.key
chownpostgres.postgres /var/lib/pgsql/data/server.crt chownpostgres.postgres /var/lib/pgsql/data/server.crt
chmod 644 server.crt
chmod 600 server.key
2)打开pgsql的ssl:vimpostgresql.conf
ssl = on # (change requiresrestart)
e.初始化puppetdb,使与pgsql连接
1)[[email protected]]# pwd
/etc/puppetdb/conf.d
[[email protected] conf.d]# cat database.ini
[database]
# For the embedded DB: org.hsqldb.jdbcDriver
# For PostgreSQL: org.postgresql.Driver
# Defaults to embedded DB
classname =org.postgresql.Driver
# For the embedded DB: hsqldb
# For PostgreSQL: postgresql
# Defaults to embedded DB
subprotocol = postgresql
# For the embedded DB:file:/path/to/database;hsqldb.tx=mvcc;sql.syntax_pgs=true
# For PostgreSQL: //host:port/databaseName
# Defaults to embedded DB located in <vardir>/db
subname = //localhost:5432/puppetdb?true
# Connect as a specific user
username = puppetdb
# Use a specific password
password = puppetdb
2)
[[email protected] conf.d]# cat jetty.ini
[jetty]
# IP address or hostname to listen for clear-text HTTP. To avoidresolution
# issues, IP addresses are recommended over hostnames.
# Default is `localhost`.
host = server1.example.com
# Port to listen on for clear-text HTTP.
port = 8080
# The following are SSL specific settings. They can be configured
# automatically with the tool `puppetdb ssl-setup`, which isnormally
# ran during package installation.
# IP address to listen on for HTTPS connections. Hostnames can alsobe used
# but are not recommended to avoid DNS resolution issues. To listenon all
# interfaces, use `0.0.0.0`.
ssl-host = 0.0.0.0
# The port to listen on for HTTPS connections
ssl-port = 8081
# Private key path
ssl-key = /etc/puppetdb/ssl/private.pem
# Public certificate path
ssl-cert = /etc/puppetdb/ssl/public.pem
# Certificate authority path
ssl-ca-cert = /etc/puppetdb/ssl/ca.pem
如果上面有关的证书文件没有,可以用此命令生成:
/usr/sbin/puppetdb ssl-setup
F. 使puppdb结合puppetmaster
[[email protected]]# pwd
/etc/puppet
1)[[email protected] puppet]# cat puppetdb.conf
[main]
server = server1.example.com
port = 8081
2)[[email protected] puppet]# cat routes.yaml
---
master:
facts:
terminus: puppetdb #中间有个大大的空壳,不空就报错
cache: yaml
G.启动/重启各种服务:pgsql、puppetmaster、puppetdb
H.测试在agent上运行。看日志有各种和数据库交流的信息。看8080端口:
2015-04-25 16:52:36,854 INFO [c.p.p.command][e2d1d4aa-75ba-4158-97b4-81630384c80d] [replace facts] server2.example.com
2015-04-25 16:52:36,952 INFO [c.p.p.command][7de76142-baf8-4bd4-bfbd-e272dce9e248] [replace catalog] server2.example.com
二.模版安装最简单
a. 下载模板:puppet module installpuppetlabs/puppetdb
b. Puppet apply –e ‘includepuppetdb’ #安装puppetdb 配置服务,pgsql等
c. Puppet apply -e ‘include puppetdb::master::config’ 是puppetmaster使用puppetdb
d. 看日志检测