author:JevonWei

版权声明:原创作品

blog:http://119.23.52.191/

master作为puppet模块的管理者,通过配置各agent节点的配置文件,使agent配置master的指定模块

环境

master    172.16.252.184

agent1    172.16.252.67

agent2    172.16.252.207

各主机时间同步及配置主机名互相通信

[root@master ~]# ntpdate 172.16.0.1

[root@master ~]# vim /etc/hosts

172.16.252.184 master

172.16.252.207 agent2

172.16.252.67 agent1

master定义puppet模块

编辑Tomcat模块

[root@master ~]# yum -y install puppet-server puppet

[root@master ~]# cd /etc/puppet/modeles

[root@master modules]# vim tomcat/manifests/init.pp

class tomcat {

    package{'tomcat':

    ensure  => latest,

    }

    package{'tomcat-webapps':

        ensure  => latest,

    }

    file{'tomcat':

        path    => '/etc/sysconfig/tomcat',

        source  => 'puppet:///modules/tomcat/tomcat',

        owner   => root,

        group   => root,

        mode    => '644',

        require => Package['tomcat'],

    }

    file{'server.xml':

        path    => '/etc/tomcat/server.xml',

        source  => 'puppet:///modules/tomcat/server.xml',

        owner   => root,

        group   => tomcat,

        mode    => '644',

        require => Package['tomcat'],

    }

    service{'tomcat':

        ensure  => running,

        enable  => true,

        subscribe => [ File['tomcat'], File['server.xml'] ],

    }

}

[root@master modules]# vim tomcat/manifests/manager.pp

class tomcat::manager inherits tomcat {

    package{'tomcat-admin-webapps':

        ensure => latest

    }

    file{'tomcat-users.xml':

        path  => '/etc/tomcat/tomcat-users.xml',

        source => 'puppet:///modules/tomcat/tomcat-users.xml',

        owner  => root,

        group => tomcat,

        mode  => '640',

        require => Package['tomcat']

    }

	Service['tomcat']{

        subscribe +> File['tomcat-users.xml']

    }

}

复制并编辑所需要的配置文件

[root@master modules]# scp  172.16.252.82:/etc/sysconfig/tomcat tomcat/files/

[root@master modules]# vim tomcat/files/tomcat    编辑修改tomcat的环境参数

JAVA_OPTS="-Xms512m -Xmx512M"   所使用的堆内存大小

[root@master modules]# scp  172.16.252.82:/etc/tomcat/{server.xml,tomcat-users.xml} tomcat/files/

[root@master modules]# vim tomcat/files/tomcat-users.xml  \\定义manager的管理界面

<role rolename="manager-gui"/>

<user username="tomcat" password="tomcat" roles="manager-gui"/>

编辑Nginx模块

[root@master modules]# vim nginx/manifests/init.pp

class nginx {

    package{'nginx':

        ensure => latest

    } ->

    service{'nginx':

        ensure => running,

        enable => true

    }

}

nginx的web页面模块

[root@master modules]# vim nginx/manifests/web.pp

[root@master modules]# vim nginx/manifests/web.pp

class nginx::web($port=8088)  inherits nginx {

    file{'web.conf':

        path   => '/etc/nginx/conf.d/web.conf',

        content => template('nginx/web.conf.erb')

    }

    file{'/ngxdata/html':

        ensure  => directory

    }

    file{'index.html':

        ensure => file,

        path   => '/ngxdata/html/index.html',

        source => 'puppet:///modules/nginx/index.html',

        require => File['/ngxdata/html']

    }

    Service['nginx'] {

        subscribe  => File['web.conf']

    }

}

nginx的proxy模块

[root@master modules]# vim nginx/manifests/proxy.pp

class nginx::proxy($proxy_port=8088)  inherits nginx {

    file{'proxy.conf':

        path   => '/etc/nginx/conf.d/proxy.conf',

        content => template('nginx/proxy.conf.erb'),

    }

    Service['nginx'] {

        subscribe  => File['proxy.conf']

    }

}

编辑Nginx web应用的配置文件的模板文件

[root@master modules]# vim nginx/templates/web.conf.erb

server {

    listen <%= @port %>;

    server_name <%= @fqdn %>;

    location /

        root /ngxdata/html;

    }

}

编辑web的测试页

[root@master modules]# vim nginx/files/index.html

<h1> Nginx ok </h1>

编辑Nginx proxy应用的配置文件的模板文件

[root@master modules]# vim nginx/templates/proxy.conf.erb

server {

    listen  <%= @proxy_port %>;

    server_name <%= @fqdn %>;

    location / {

        proxy_pass http://172.16.252.184:8080/;

    }

}

配置redis模块

[root@master modules]# mkdir redis/{manifests,files,templates} -pv

[root@master modules]# vim redis/manifests/init.pp

class redis {

    package{'redis':

        ensure => latest,

    }

    service{'redis':

        ensure => running,

        enable => true

    }

}

单环境配置

agent2安装jdk tomcat:manager模块

启动puppetmaster

以非守护进程运行master程序(可查看详细的启动过程)

[root@master ~]# puppet master --no-daemonize -d -v

或systemctl启动master进程

[root@master ~]# systemctl start puppetmaster.service

[root@master ~]# ss -ntl   查看8140端口是否监听

agent2启动puppetagent

[root@agent2 ~]# puppet agent --server master.danran.com --no-daemonize -v   非守护进程运行agent程序,安装jdk和tomcat::manager模块

    \\--server指定master server服务端,也可修改配置文件puppet config set server master.danran.com

或systemcal start puppetagent.service  启动agent进程

[root@agent2 ~]# systemctl start puppetagent.service

master签署证书和配置agent2节点

列出所有的带签署证书

[root@master ~]# puppet cert list

为agent2签署证书

[root@master ~]# puppet cert sign agent2.danran.com

Notice: Signed certificate request for agent2.danran.com

Notice: Removing file Puppet::SSL::CertificateRequest agent2.danran.com at '/var/lib/puppet/ssl/ca/requests/agent2.danran.com.pem'

[root@master ~]# puppet cert sign agent1.danran.com

Notice: Signed certificate request for agent1.danran.com

Notice: Removing file Puppet::SSL::CertificateRequest agent1.danran.com at '/var/lib/puppet/ssl/ca/requests/agent1.danran.com.pem'

定义agent2节点的配置

[root@master ~]# cd /etc/puppet/manifests/

[root@master manifests]# vim site.pp

node 'agent2.danran.com' {

    include jdk

    include tomcat::manager

}

因为agent2以puppet的身份去读取server.xml配置文件,故需要添加puppet用户读取server.xml的权限

[root@master files]# cd /etc/puppet/modules/tomcat/

[root@master files]# chmod o+r tomcat-users.xml

agent2查看模块安装结果

[root@agent2 ~]# ss -ntl   查看tomcat-manager的8080端口已监听

测试agent2的manager页面

浏览器输入http://172.16.252.207:8080/manager

agent1节点安装jdk nginx:proxy模块

master

master修改nginx的配置文件

[root@master ~]# cd /etc/puppet/modules/nginx/

[root@master nginx]# vim templates/proxy.conf.erb

server {

	listen  <%= @proxy_port %>;

	server_name <%= @fqdn %>;

	location / {

		proxy_pass http://agent2.danran.com:8080/;

	}

}

master编辑site.pp节点配置文件

[root@master manifests]# vim site.pp

node 'agent2.danran.com' {

    include jdk

    include tomcat::manager

}

node 'agent1.danran.com' {

    include nginx::proxy

}

agent1

agent1安装配置nginx::proxy模块

[root@agent1 ~]# yum -y install puppet

[root@agent1 ~]# systemctl start puppetagent  启动puppetagent程序

master签署证书

[root@master manifests]# puppet cert sign -a   签署所有的证书

agent1启动puppetagent

[root@agent1 ~]# systemctl restart puppetagent

[root@agent1 ~]# ps -aux   查看nginx服务是否启动

测试

浏览器访问http://172.16.252.67:8088测试代理是否正常

agent1 agent3安装redis模块

master

[root@master manifests]# vim /etc/puppet/manifests/site.pp

node '/agent[13]\.danran\.com/' {   \\agent1.danran.com和agent3.danran.com节点安装此配置

    include jdk

    include tomcat::manager

}

node 'agent2.danran.com' {

    include nginx::proxy

    include redis

}

agent1/3

[root@agent1 ~]# systemctl restart puppetagent

[root@agent1 ~]# ss -ntl   查看redis的端口6379是否监听

agent3继承agent1模块

  • 配置agent3继承agent1的配置

master

[root@master manifests]# vim /etc/puppet/manifests/site.pp

#node 'base' {   \\基本配置,各node都会配置

# include chrony

#}

node 'agent1.danran.com' {   \\agent1.danran.com和agent3.danran.com节点安装此配置

    include jdk

    include tomcat::manager

}

node 'agent2.danran.com' {

    include nginx::proxy

    include redis

}

node 'agent3.danran.com' inherits 'agent1.danran.com' {

    include redis

}

agent3

[root@agent3 ~]# systemctl restart puppetagent

agent修改server指向

agent2修改配置文件中的master服务端为master.danran.com

[root@agent2 ~]# puppet config set server master.danran.com

[root@agent2 ~]# puppet config print | grep server

ssl_server_ca_auth =

server_datadir = /var/lib/puppet/server_data

fileserverconfig = /etc/puppet/fileserver.conf

server = master.danran.com

ca_server = master.danran.com

report_server = master.danran.com

inventory_server = master.danran.com

archive_file_server = master.danran.com

smtpserver = none

dbserver = localhost

ldapserver = ldap

[root@agent2 ~]# cat /etc/puppet/puppet.conf

server = master.danran.com

多环境配置

[root@master ~]# mkdir /etc/puppet/enviroments  \\设置多环境的路径为/etc/puppet/enviroments

[root@master ~]# puppet config set environmentpath '$confdir'/enviroments/

[root@master ~]# puppet config print --section master | grep environ

environment = production

environmentpath = /etc/puppet/enviroments

environment_timeout = 0

[root@master ~]# cat /etc/puppet/puppet.conf

[main]

environmentpath = $confdir/enviroments/

[root@master ~]# systemctl restart puppetmaster  \\重启生效

创建production环境配置文件

[root@master ~]# cd /etc/puppet/enviroments/

[root@master enviroments]# mkdir production/{manifests,modules} -pv

[root@master enviroments]# cp -r /etc/puppet/modules/redis/ production/modules/

[root@master enviroments]# vim production/manifests/site.pp

node 'agent2.danran.com' {

		include redis

}

[root@master enviroments]# tree

.

└── production

	├── manifests

	│   └── site.pp

	└── modules

		└── redis

			├── files

			├── manifests

			│   └── init.pp

			└── templates

创建testing环境配置文件

[root@master enviroments]# mkdir testing/{manifests,modules} -pv

mkdir: created directory ‘testing’

mkdir: created directory ‘testing/manifests’

mkdir: created directory ‘testing/modules’

[root@master enviroments]# cp -r /etc/puppet/modules/jdk/ testing/modules/

[root@master enviroments]# vim testing/manifests/site.pp

node 'agent2.danran.com' {

		jdk

}

agent

非守护进程方式运行

[root@agent1 ~]# puppet agent -v --noop --no-daemonize --environment=testing  \\指定使用的环境配置为testing


[root@agent1 ~]# puppet config set environment testing --section=agent    修改配置文件中的环境指向配置

默认的为main段

[root@agent1 ~]# puppet config print environment

production

agent环境为testing

[root@agent1 ~]# puppet config print environment --section=agent

testing

[root@agent1 ~]# cat /etc/puppet/puppet.conf

[agent]

environment = testing

启动puppetagent程序

[root@agent1 ~]# systemctl start puppetagent

puppet kick

  • 通知推送机制

agent

[root@agent1 ~]# puppet config set listen true

[root@agent1 ~]# puppet config print listen

true	

[root@agent1 ~]# systemctl start puppetagent.service

[root@agent1 ~]# ss -ntl	 \\查看8139端口是否监听

[root@agent1 ~]# vim /etc/puppet/auth.conf

path /run

method save

auth any

allow master.danran.com

\\以上配置放在此默认配置之前

path /

auth any

[root@agent1 ~]# systemctl restart puppetagent.service

master推送通知

master为agent1先配置一个模块,agent1收到通知则立即安装新模块

[root@master puppet]# cd /etc/puppet/enviroments/testing/

[root@master testing]# cp /etc/puppet/modules/redis/ modules/ -r

[root@master testing]# vim manifests/site.pp

node 'agent2.danran.com' {

	jdk

	redis

}

puppet kick agent1.danran.com   将agent1的配置推送给agent1.danrana.com节点

agent查看模块是否安装

puppet实战之master-agent的更多相关文章

  1. puppet(5)-master/agent模式

    master/agent模式的工作流程 agent每隔固定时长会向master端发送nodename(自己的节点名,节点名至关重要)和 facts ,并且向服务器端请求自己的catalog. mast ...

  2. 部署puppet master/agent模型

    自己画的一个简单的架构图 agent端每隔30分钟到master端请求与自己相关的catalog. 各节点时间要同步. 依赖DNS,各节点能通过主机名能解析. 1.同步时间 # yum install ...

  3. Puppet基于Master/Agent模式实现LNMP平台部署

    前言 随着IT行业的迅猛发展,传统的运维方式靠大量人力比较吃力,运维人员面对日益增长的服务器和运维工作,不得不把很多重复的.繁琐的工作利用自动化处理.前期我们介绍了运维自动化工具ansible的简单应 ...

  4. puppet master/agent

    puppet master/agent 配置 安装 master: yum install puppet-server agent: yum install puppet 自动签名 puppet的ma ...

  5. 自动化运维工具之Puppet master/agent模型、站点清单和puppet多环境设定

    前文我们了解了puppe中模块的使用,回顾请参考https://www.cnblogs.com/qiuhom-1874/p/14086315.html:今天我来了解下puppet的master/age ...

  6. Puppet master/agent installation on RHEL7

    ==================================================================================================== ...

  7. CentOS7:Puppet推送Zabbix Agent

    创建zabbix模块目录: $ mkdir -p /etc/puppet/modules/zabbix/{manifests,templates} 创建init.pp清单: $ cat /etc/pu ...

  8. puppet实现主从部署各种软件实战参考模型

    puppet实现主从部署各种软件实战参考模型   实验要求:     1.我将准备三个节点 node2 , node3 , node4 2.我们想让节点node3部署ntp,nginx ;节点node ...

  9. 自动化运维工具——puppet详解(二)

    一.class 类 1)什么是类? 类是puppet中命名的代码模块,常用于定义一组通用目标的资源,可在puppet全局调用: 类可以被继承,也可以包含子类: 具体定义的语法如下: class NAM ...

随机推荐

  1. Missing map from Nullable`1 to String. Create using Mapper.CreateMap<Nullable`1, String>. 解决办法

    这是一个叫做AutoMapper的插件,主要功能是让两个类的内容进行映射,最常见的例子就是EF查询出的内容映射到一个实体类上去然后返回这个实体类例如: Mapper.CreateMap(); 如果这时 ...

  2. iOS开发遇到的坑之七--上传app Stroe被拒绝:The app references non-public symbols in : _UICreateCGImageFromIOSurface

    这是上学期遇到的问题了,突然查阅邮箱的时候发现了,遂在这里记录下来,希望大家以后注意这个问题 我上传App Store的时候,apple给我发的邮件原文: Dear developer, We hav ...

  3. MySql学习笔记01

    MySql01 课程介绍 数据库简介 之前通过流操作文件的方式存储数据弊端: 1. 效率低 2. 不管是存还是取都比较麻烦 3. 一般只能存储小量数据 4. 只能存储文本数据 什么是DB DataBa ...

  4. 项目十八-Hadoop+Hbase分布式集群架构“完全篇”

    本文收录在Linux运维企业架构实战系列 前言:本篇博客是博主踩过无数坑,反复查阅资料,一步步搭建,操作完成后整理的个人心得,分享给大家~~~ 1.认识Hadoop和Hbase 1.1 hadoop简 ...

  5. 配置vim nginx.conf高亮

    #!/bin/bashwget http://www.vim.org/scripts/download_script.php?src_id=14376 -O nginx.vimmv nginx.vim ...

  6. Java泛型和反射

    1. 字节码对象的三种获取方式 以String为例 Class<? extends String> strCls = "".getClass(); Class<S ...

  7. 揭密 Vue 的双向绑定

    Vue 中需要输入什么内容的时候,自然会想到使用 <input v-model="xxx" /> 的方式来实现双向绑定.下面是一个最简单的示例 剖析Vue原理& ...

  8. JZOJ 2137. 【GDKOI2004】城市统计 (Standard IO)

    2137. [GDKOI2004]城市统计 (Standard IO) Time Limits: 1000 ms  Memory Limits: 128000 KB  Detailed Limits  ...

  9. Missian指南三:创建一个Missian服务器(使用spring)

    在使用Missian时,spring是可选的,但是作者本人强烈推荐和Spring配合使用.Spring是一个伟大的项目,并且它不会对程序在运行时的效率带来任何损耗. Missian在服务器端依赖与Mi ...

  10. 通过uboot传参设置mtd分区流程源码分析

    因为公司同事反映他使用的开板无法将根目录下的ip_work目mounth成功,由于本人当时没有去现场查看问题,只是象征性的询问内核是否创建了/dev/mtdblock5设备节点,因为该开发板默认是挂载 ...