Erinevus lehekülje "Puppet kasutamine Debianiga" redaktsioonide vahel
(→Puppet kliendi ettevalmistamine) |
|||
| 270. rida: | 270. rida: | ||
facter (1.5.7) | facter (1.5.7) | ||
puppet (0.24.7) | puppet (0.24.7) | ||
| + | |||
| + | ===FreeBSD | ||
| + | |||
| + | Installime ruby-gems paketi /devel/ruby-gems/ | ||
| + | Ja anname käsu | ||
| + | |||
| + | gem install puppet | ||
===Kasulikud lisamaterjalid=== | ===Kasulikud lisamaterjalid=== | ||
Redaktsioon: 16. veebruar 2010, kell 18:20
Sisukord
Sissejuhatus
Puppet (ingl. k. nukk) http://reductivelabs.com/products/puppet/ võimaldab korraldada arvutite tarkvara ja seadistuste automatiseeritud haldust.
_____
| | puppetmasterd
|_____|
|
|
---|----|-------|------------|---
| | |
__|__ __|__ __|__
| | | | | | puppetd
|_____| |_____| |_____| ....
smtp1 smtp2 squid
puppet kliendid
Puppetmaster'is (ingl. k. nukujuht) on kirjeldatud klientide tarkvara ja seadistused. Puppetmasteri ja klientide andmevahetus toimub üle 8140/tcp pordi.
Tarkvara paigaldamine
Operatsioonisüsteemi paketihaldusest
Puppet serverile ehk puppetmasterile tuleb paigadada pakett puppetmaster
# apt-get install puppetmaster
Puppet kliendile tuleb paigaldada pakett puppet
# apt-get install puppet
Ruby paketihaldusest
# apt-get install rubygems
Gems süsteemi kasutamise kohta näeb näiteid öeldes
# gem help examples
Puppet paigaldamiseks sobib öelda
# gem install puppet
Puppetmasteri ettevalmistamine
Puppetmasteri protsess töötab privilegeerimata kasutajana ja tema tööd juhivad seadistusfailid
- /etc/puppet/puppet.conf
[main] logdir=/var/log/puppet vardir=/var/lib/puppet ssldir=/var/lib/puppet/ssl rundir=/var/run/puppet factpath=$vardir/lib/facter pluginsync=false [puppetmasterd] templatedir=/var/lib/puppet/templates
- /etc/puppet/fileserver.conf
[files] path /etc/puppet/files allow 192.168.10.0/24
Moodulid
# find /etc/puppet/modules -type f /etc/puppet/modules/sudo/files /etc/puppet/modules/sudo/files/sudoers /etc/puppet/modules/sudo/manifests /etc/puppet/modules/sudo/manifests/init.pp
kus
- /etc/puppet/modules/sudo/files/sudoers fail sisaldab väljajagatava /etc/sudoers faili sisu
- /etc/puppet/modules/sudo/manifests/init.pp sisaldab sudo mooduliga seotud metaandmeid
# /etc/puppet/modules/sudo/manifests/init.pp
class sudo {
package { sudo: ensure => latest }
file { "/etc/sudoers":
owner => "root",
group => "root",
mode => 440,
source => "puppet:///sudo/sudoers",
require => Package["sudo"],
}
}
Puppeti seadistused
Moodulid ja node'id ühendab kokku kolm faili
# find /etc/puppet/manifests -type f /etc/puppet/manifests/modules.pp /etc/puppet/manifests/nodes.pp /etc/puppet/manifests/site.pp
kus
- /etc/puppet/manifests/modules.pp
# /etc/puppet/manifests/modules.pp import "sudo"
- /etc/puppet/manifests/nodes.pp
# /etc/puppet/manifests/nodes.pp
node basenode {
include sudo
}
node 'puppet-1.auul' inherits basenode {
}
- /etc/puppet/manifests/site.pp
# /etc/puppet/manifests/site.pp
import "modules"
import "nodes"
# The filebucket option allows for file backups to the server
filebucket { main: server => 'puppet-master.auul' }
# Set global defaults - including backing up all files to the main filebucket and adds a global path
File { backup => main }
Exec { path => "/usr/bin:/usr/sbin/:/bin:/sbin" }
Puppet kliendi ettevalmistamine
Selleks, et Puppeti kliendi protsess saaks teha vajalikke muudatusi töötab ta juurkasutajana ja tema tööd juhivad sellised failid
- /etc/puppet/puppet.conf
[main] logdir=/var/log/puppet vardir=/var/lib/puppet ssldir=/var/lib/puppet/ssl rundir=/var/run/puppet factpath=$vardir/lib/facter pluginsync=false server=puppet-master.auul [puppetmasterd] templatedir=/var/lib/puppet/templates
- /etc/puppet/namespaceauth.conf
[fileserver]
allow *
[pelementserver]
allow *
[puppetrunner]
allow *
[puppetbucket]
allow *
[puppetreports]
allow *
Kliendi registreerimine
# puppetca -l puppet-1.auul
Signeerimiseks tuleb öelda
# puppetca -s puppet-1.auul Signed puppet-1.auul
Puppetmaster ja puppet kliendid hoiavad oma andmeid kataloogis
/var/lib/puppet
Selleks, et klient küsiks puppetmasterilt oma seadistusi
puppet-1:~# ps aux | grep pup root 8161 4.0 10.0 36652 25472 ? Ssl 15:28 0:14 ruby /usr/sbin/puppetd -w 5 puppet-1:~# kill -SIGUSR1 8161
Kliendi eemaldamiseks sobib öelda
# puppetca --clean puppet-1.auul Removing /var/lib/puppet/ssl/ca/signed/puppet-1.auul.pem
ralsh
# ralsh user ntp
user { 'ntp':
password => '*',
shell => '/bin/false',
uid => '106',
home => '/home/ntp',
gid => '110',
ensure => 'present'
}
puppetrun
Selleks, et töötaks, tuleb /usr/sbin/puppetrun failis teha real 240
if Puppet[:node_terminus] = "ldap"
asendus = -> ==
if Puppet[:node_terminus] == "ldap"
# puppetrun -d --host puppet-3.auul Failed to load ruby LDAP library. LDAP functionality will not be available debug: Parsing /etc/puppet/puppet.conf debug: Puppet::Network::Client::Runner: defining puppetrunner.run Triggering puppet-3.auul debug: Calling puppetrunner.run puppet-3.auul finished with exit code 0 Finished
Facter
# facter architecture => amd64 domain => auul facterversion => 1.5.1 fqdn => puppet-1.auul hardwareisa => unknown hardwaremodel => x86_64 hostname => puppet-1 id => root interfaces => eth0 ipaddress => 192.168.10.181 ipaddress_eth0 => 192.168.10.181 kernel => Linux kernelrelease => 2.6.26-2-amd64 kernelversion => 2.6.26 macaddress => 70:01:68:01:01:81 macaddress_eth0 => 70:01:68:01:01:81 ...
OpenBSD
OpenBSD 4.6 jaoks on olemas binaarse paketina Puppet tarkvara v. 0.24.4, mille paigaldamiseks sobib öelda
# pkg_add ruby-puppet ruby-1.8.6.369p0: complete ruby-facter-1.5.0: complete ruby-puppet-0.24.4p1: complete
Tulemusena paigaldatakse
- /etc/puppet - seadistusfailid
- /usr/local/share/examples/ruby-puppet - näited
Ruby Gems süsteemi abil tarkvara paigaldamine
# gem query --local *** LOCAL GEMS *** facter (1.5.7) puppet (0.24.7)
===FreeBSD
Installime ruby-gems paketi /devel/ruby-gems/ Ja anname käsu
gem install puppet
