本文系统Client6.0
本文旨在安装puppet,并且测试OK;相关file,service,exec,user管理后面会推出;
master端:
[root@master ~]# hostnamemaster.lansgg.com[root@master ~]# cat /etc/hosts192.168.182.155 master.lansgg.com master192.168.182.142 client.lansgg.com client[root@master ~]# ifconfig eth0 |grep "inet addr" inet addr:192.168.182.155 Bcast:192.168.182.255 Mask:255.255.255.0
client端:
[root@client ~]# hostnameclient.lansgg.com[root@client ~]# cat /etc/hosts192.168.182.155 master.lansgg.com master192.168.182.142 client.lansgg.com client[root@client ~]# ifconfig eth0 |grep "inet addr" inet addr:192.168.182.142 Bcast:192.168.182.255 Mask:255.255.255.0
开始安装puppet(注意安装selinux和iptables)
master 端:
[root@master ~]# yum install puppetmaster -y[root@master ~]# vim /etc/puppet/puppet.conf autosign = true #新增自动签证client端的注册信息service puppetmaster start
client端:
[root@client ~]# yum install puppet -yservice puppet start
测试
[root@client puppet]# puppetd --test --server master.lansgg.com --verbose
PS:注意时间同步
到此说明通信OK了;
下面来个文件测试:
master端:
[root@master ~]# vim /etc/puppet/manifests/site.ppfile {"/tmp/lansgg.txt": content => "lansgg test,pass~\n";}
client端:
[root@client puppet]# puppetd --test --server master.lansgg.com --verbose
测试通过,文件已经下发;
关于在master端查看证书:
puppetca -s -a (签证所有client证书)
puppetca -s 某个client证书
puppetca -a -l 查看已经签证的证书
安装完毕,测试完毕