在CentOS 8 rhel 8上安装Puppet 6.x 服务器
时间:2020-02-23 14:45:30 来源:igfitidea点击:
Puppet在代理主机体系结构中运行,其中主节点控制群系代理节点的舰队的配置信息。
Puppet服务器执行主节点的角色。
Puppet Server是一个在Java虚拟机(JVM)上运行的Ruby和Clojure应用程序,并提供与经典Puppet 主应用程序相同的服务。
它主要通过在几个JRuby解释器中运行现有的Puppet Master代码来实现这一目标,但它替换了在Clojure中编写的新服务的经典应用程序的某些部分。
有两种版本的Puppet :
Puppet企业(PE)Puppet开源
如果我们要参加Puppet 企业版,其架构如下所示。
Puppet 平台包括以下组件:
| Puppet服务器 | Puppet服务器。这控制了管理代理节点队列的配置信息 |
| puppetdb | PuppetDB - 收集Puppet生成的数据。它可以使高级Puppet 功能与导出的资源相同。 |
| puppet-agent | Puppet,细曲,Hiera,PXP代理,根证书和Ruby和Augeas等准备工作。代理在Puppet集群中的任何节点上运行。 |
| puppetdb-termini | 插件将主掌握到PuppetDB |
在CentOS 8/Rhel 8上安装Puppet 6.x
有很多方法可以在CentOS 8 Linux系统上安装Puppet Master。
常见且最简单的方法是将yum存储库所需的封装拉动,由Puppet提供和维护。
第1步:更新CentOS机器
确保CentOS 8机器已更新:
sudo dnf -y update sudo dnf -y install wget curl vim bash-completion
随着更新包含最新的内核包,请考虑重新启动计算机,如果没有关键的应用程序。
sudo systemctl reboot
第2步:设置系统主机名和配置
为机器设置一个正确的主机名。
sudo hostnamectl set-hostname puppetmaster.example.com
确保主机名具有适当的DNS记录以及更新/etc/hosts文件。
echo "192.168.122.12 puppetmaster.example.com puppetmaster" | sudo tee -a /etc/hosts
其中:192.168.122.12是Puppet ServerPuppetMaster.example.com的IP地址是Puppet Server的FQDN
重新启动主机名服务。
sudo systemctl restart systemd-hostnamed
注销然后再次登录以确认主机名。
$exit $hostname puppetmaster.example.com
配置Chrony NTP.
$sudo dnf -y install chrony $sudo systemctl enable --now chronyd $sudo timedatectl set-timezone Africa/Nairobi --adjust-system-clock $sudo timedatectl set-ntp yes
确认日期和时间正确配置。
$timedatectl
Local time: Sat 2017-04-18 14:33:26 EAT
Universal time: Sat 2017-04-18 11:33:26 UTC
RTC time: Sat 2017-04-18 11:33:25
Time zone: Africa/Nairobi (EAT, +0300)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
第3步:添加Puppet Yum存储库
在终端中运行以下命令添加所需的存储库。
sudo dnf -y install https://yum.puppet.com/puppet-release-el-8.noarch.rpm
还要考虑添加epel存储库:
sudo dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
第4步:在CentOS 8/Rhel 8上安装Puppet Master/Server
使用所有预先进行的预先配置,我们可以在CentOS 8/Rhel 8 Linux上开始安装Puppet Master。
更新包列表缓存:
$sudo dnf makecache CentOS-8 - AppStream 4.2 kB/s | 4.3 kB 00:01 CentOS-8 - Base 5.7 kB/s | 3.8 kB 00:00 CentOS-8 - Extras 1.8 kB/s | 1.5 kB 00:00 CentOS-8 - PowerTools 7.0 kB/s | 4.3 kB 00:00 Extra Packages for Enterprise Linux 8 - x86_64 24 kB/s | 39 kB 00:01 Puppet Repository el 8 - x86_64 3.3 kB/s | 2.5 kB 00:00 Metadata cache created.
Puppet存储库应在系统中可用的存储库列表中。
$sudo dnf repolist Last metadata expiration check: 0:00:30 ago on Sat 18 Apr 2017 02:36:49 PM EAT. repo id repo name status AppStream CentOS-8 - AppStream 5,281 BaseOS CentOS-8 - Base 2,231 PowerTools CentOS-8 - PowerTools 1,533 *epel Extra Packages for Enterprise Linux 8 - x86_64 5,315 extras CentOS-8 - Extras 15 puppet Puppet Repository el 8 - x86_64 148
我们可以查询存储库上可用的Puppet包列表:
$sudo dnf search puppet Last metadata expiration check: 0:04:41 ago on Sat 18 Apr 2017 02:36:49 PM EAT. ============================================================ Name & Summary Matched: puppet ============================================================ puppetdb.noarch : Puppet Labs puppetdb puppetdb-termini.noarch : Termini for puppetdb puppetserver.noarch : Puppet Labs puppetserver puppet-release.noarch : Release packages for the Puppet repository puppet-release.noarch : Release packages for the Puppet repository puppet6-release.noarch : Release packages for the Puppet 6 repository python3-collectd_puppet.noarch : Collectd plugin to monitor puppet agents puppet-agent.x86_64 : The Puppet Agent package contains all of the elements needed to run puppet, including ruby, facter, and hiera. ================================================================= Name Matched: puppet ================================================================= puppet-bolt.x86_64 : Stand alone task runner =============================================================== Summary Matched: puppet ================================================================ pdk.x86_64 : Puppet Development Kit
在CentOS 8 Linux上安装Puppet Master Packages。
sudo dnf install puppetserver
Puppet代理将作为依赖安装:
Last metadata expiration check: 0:05:03 ago on Sat 18 Apr 2017 02:36:49 PM EAT. Dependencies resolved. ======================================================================================================================================================== Package Architecture Version Repository Size ======================================================================================================================================================== Installing: puppetserver noarch 6.10.0-1.el8 puppet 60 M Installing dependencies: copy-jdk-configs noarch 3.7-1.el8 AppStream 27 k java-1.8.0-openjdk-headless x86_64 1:1.8.0.242.b08-0.el8_1 AppStream 33 M javapackages-filesystem noarch 5.3.0-1.module_el8.0.0+11+5b8c10bd AppStream 30 k libjpeg-turbo x86_64 1.5.3-10.el8 AppStream 156 k lua x86_64 5.3.4-11.el8 AppStream 193 k tzdata-java noarch 2019c-1.el8 AppStream 189 k lksctp-tools x86_64 1.0.18-3.el8 BaseOS 100 k net-tools x86_64 2.0-0.51.20150912git.el8 BaseOS 323 k puppet-agent x86_64 6.14.0-1.el8 puppet 25 M Enabling module streams: javapackages-runtime 201601 Transaction Summary ======================================================================================================================================================== Install 10 Packages Total download size: 119 M Installed size: 208 M Is this ok [y/N]: y
在RHEL 8:
Dependencies resolved. ======================================================================================================================================================== Package Architecture Version Repository Size ======================================================================================================================================================== Installing: puppetserver noarch 6.10.0-1.el8 puppet 60 M Installing dependencies: puppet-agent x86_64 6.14.0-1.el8 puppet 25 M javapackages-filesystem noarch 5.3.0-1.module+el8+2447+6f56d9a6 rhel-8-for-x86_64-appstream-rpms 30 k copy-jdk-configs noarch 3.7-1.el8 rhel-8-for-x86_64-appstream-rpms 27 k tzdata-java noarch 2019c-1.el8 rhel-8-for-x86_64-appstream-rpms 189 k libjpeg-turbo x86_64 1.5.3-10.el8 rhel-8-for-x86_64-appstream-rpms 156 k lua x86_64 5.3.4-11.el8 rhel-8-for-x86_64-appstream-rpms 193 k java-1.8.0-openjdk-headless x86_64 1:1.8.0.242.b08-0.el8_1 rhel-8-for-x86_64-appstream-rpms 33 M lksctp-tools x86_64 1.0.18-3.el8 rhel-8-for-x86_64-baseos-rpms 100 k avahi-libs x86_64 0.7-19.el8 rhel-8-for-x86_64-baseos-rpms 63 k cups-libs x86_64 1:2.2.6-28.el8 rhel-8-for-x86_64-baseos-rpms 433 k Enabling module streams: javapackages-runtime 201601 Transaction Summary ======================================================================================================================================================== Install 11 Packages Total download size: 119 M Installed size: 208 M Is this ok [y/N]: y
提示时同意导入GPG键。
Total 2.4 MB/s | 119 MB 00:48 warning: /var/cache/dnf/puppet-caea408efb9b2853/packages/puppet-agent-6.14.0-1.el8.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID ef8d349f: NOKEY Puppet Repository el 8 - x86_64 1.6 MB/s | 1.6 kB 00:00 Importing GPG key 0xEF8D349F: Userid : "Puppet, Inc. Release Key (Puppet, Inc. Release Key) <Hyman@theitroad>" Fingerprint: 6F6B 1550 9CF8 E59E 6E46 9F32 7F43 8280 EF8D 349F From : /etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-release Is this ok [y/N]: y
确认包安装:
$rpm -qi puppetserver Name : puppetserver Version : 6.10.0 Release : 1.el8 Architecture: noarch Install Date: Sat 18 Apr 2017 02:44:33 PM EAT Group : System Environment/Daemons Size : 73314128 License : ASL 2.0 Signature : RSA/SHA256, Tue 07 Apr 2017 09:05:06 AM EAT, Key ID 7f438280ef8d349f Source RPM : puppetserver-6.10.0-1.el8.src.rpm Build Date : Tue 07 Apr 2017 09:04:04 AM EAT Build Host : mesos-jenkins-4061cacede444ca0b7c075972400ef86-worker-artifacto Relocations :/ Packager : Puppet Labs <Hyman@theitroad> Vendor : Puppet Labs <Hyman@theitroad> URL : http://puppet.com Summary : Puppet Labs puppetserver ....
第4步:在CentOS 8/Rhel 8上配置Puppet Master/Server
通过在CentOS 8上完成Puppet Master/Server的安装,是时候开始配置了。
定义Puppet Master FQDN和DNS替代名称:
$sudo vim /etc/puppetlabs/puppet/puppet.conf
在[Master]部分下添加DNS设置。
dns_alt_names=puppetmaster.example.com,puppetmaster,puppetserver [main] certname = puppetmaster.example.com server = puppetmaster.example.com environment = production runinterval = 1h
其中:puppetmaster.example.com是Puppet服务器的FQDN。
更新后,我的配置如下:
[master] vardir = /opt/puppetlabs/server/data/puppetserver logdir = /var/log/puppetlabs/puppetserver rundir = /var/run/puppetlabs/puppetserver pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid codedir = /etc/puppetlabs/code dns_alt_names=puppetmaster.example.com,puppetmaster,puppetserver [main] certname = puppetmaster.example.com server = puppetmaster.example.com environment = production runinterval = 1h
配置JVM内存分配
我们可以为JVM设置最小和最大内存的文件是:
$sudo vim /etc/sysconfig/puppetserver
默认情况下,它设置为2GB。
根据机器上可用的资源调整此项。
JAVA_ARGS="-Xms1g -Xmx1g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
在CentOS 8/Rhel 8上启动Puppet Server
在我们的基本Puppet 服务器配置之后,启动服务并将其设置为在系统启动时启动。
sudo systemctl enable --now puppetserver
如果我们早先开始,则修改后重新启动。
sudo systemctl restart puppetserver
检查服务状态以确认运行。
$systemctl status puppetserver
● puppetserver.service - puppetserver Service
Loaded: loaded (/usr/lib/systemd/system/puppetserver.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2017-04-18 14:56:58 EAT; 18s ago
Process: 4068 ExecStart=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver start (code=exited, status=0/SUCCESS)
Main PID: 4077 (java)
Tasks: 42 (limit: 4915)
Memory: 670.5M
CGroup: /system.slice/puppetserver.service
└─4077 /usr/bin/java -Xms1g -Xmx1g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger -XX:OnOutOfMemoryError=kill -9 %p -cp
在防火墙上打开服务端口
使用服务启动,打开防火墙上的端口,以便从网络访问服务器。
sudo firewall-cmd --add-service=puppetmaster --permanent sudo firewall-cmd --reload
确认Puppet 服务器正在使用CentOS 8上的Puppet客户端工作:
$sudo /opt/puppetlabs/bin/puppet agent --test --ca_server=puppetmaster.example.com Info: Using configured environment 'production' Info: Retrieving pluginfacts Info: Retrieving plugin Info: Retrieving locales Info: Caching catalog for puppetmaster.example.com Info: Applying configuration version '1587211455' Info: Creating state file /opt/puppetlabs/puppet/cache/state/state.yaml Notice: Applied catalog in 0.01 seconds
将Puppet二进制文件夹添加到$PATH
Puppet 二进制文件位于/opt/puppetlabs/bin中。
默认情况下,此目录不在$路径中。
可以用:
$ls /opt/puppetlabs/bin/ facter hiera puppet puppetserver $which puppet /usr/bin/which: no puppet in (/home/vagrant/.local/bin:/home/vagrant/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin)
将其添加到路径:
$vim ~/.bashrc export PATH=$PATH:/opt/puppetlabs/bin $source ~/.bashrc $which puppet /opt/puppetlabs/bin/puppet
