master------------agent 证书加密
192.168.2.130 puppet.hequan.lol puppet
192.168.2.131 station.hequan.lol station
安装
master: yum install puppet.noarch puppet-server.noarch
agent: yum install puppet.noarch
[[email protected] puppet]# ls
auth.conf fileserver.conf manifests modules puppet.conf
vim puppet.conf
1 [master]
2 certname=puppet.hequan.lol
[[email protected] puppet]# puppet master
[[email protected] puppet]# netstat -lntup | grep 8140
tcp 0 0 0.0.0.0:8140 0.0.0.0:* LISTEN 2580/ruby
[[email protected] ~]# puppet agent --server=puppet.hequan.lol --no-daemonize --verbose --onetime ##默认去找puppet
[[email protected] puppet]# ll /var/lib/puppet/ssl/ca/requests/
-rw-r--r-- 1 puppet puppet 1598 8月 31 20:38 station.hequan.lol.pem
[[email protected] puppet]# puppet cert --list
"station.hequan.lol" (SHA256) 35:BD:28:6C:18:5D:58:3F:EF:60:F6:2D:6E:5D:5A:B7:16:02:36:84:48:08:31:32:28:DF:C7:BD:A6:65:9F:E9
puppet cert --sign station.hequan.lol ##all 签发
[[email protected] puppet]# ll /var/lib/puppet/ssl/ca/signed/ ##签发完成,建立联系
总用量 8
-rw-r--r-- 1 puppet puppet 2009 8月 31 20:34 puppet.hequan.lol.pem
-rw-r--r-- 1 puppet puppet 1960 8月 31 20:41 station.hequan.lol.pem
/etc/puppet/manifests ##管理服务器清单,这个目录里面需要一个文件, xxx.pp
[[email protected] manifests]# ll
-rw-r--r-- 1 root root 159 8月 31 20:58 node.pp
-rw-r--r-- 1 root root 53 8月 31 20:48 site.pp
[[email protected] manifests]# cat site.pp
$puppetserver="puppet.hequan.lol"
import ‘node.pp‘
[[email protected] manifests]# cat node.pp
node ‘station.hequan.lol‘ {
#定义资源的方式:
#资源类型{‘资源名‘:属性1=>‘值1‘}
package{"system-config-date":ensure=>‘present‘}
}
package {‘nginx‘:
ensure => present,
}
file {"/root/aa1.txt":
ensure=>"present",
mode=>"0000"
}
[[email protected] puppet]# ll /root
总用量 4
---------- 1 root root 0 8月 31 21:26 aa1.txt
时间: 2024-08-08 09:40:32