puppet源碼編譯安裝

puppet最新源碼詳細安裝：

在網上找了不少相關puppet的，有不少用yum安裝，安裝雖然成功了。可是有客戶端相關過來請求，仍是會有問題。最佳的仍是源碼安裝。

1、下載地址：

puppet下載地址：
http://downloads.puppetlabs.com/puppet/puppet-2.7.13.tar.gz

facter下載地址：
http://downloads.puppetlabs.com/facter/facter-1.6.7.tar.gz
ruby下載地址：
http://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7.tar.gz

2、環境準備：

一、時間必須一致:

crontab -e

 

*/2  *    *    *    *   /usr/sbin/ntpdate clock.nc.fukuoka-u.ac.jp >/dev/null 2>&1

二、首先gcc相關可用yum安裝

yum install gcc-c++  

yum install openssl*

三、服務器及客戶端名字：

[root@server bin]# more /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
#127.0.0.1              localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6
192.168.1.231      server.cbcv.net        server
192.168.1.232      client.cbcv.net        client
[root@server bin]# more /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=server.cbcv.net

<客戶端也是相似同樣，略......>
3、安裝應用軟件
一、首先安裝ruby
tar -zxvf ruby-1.8.7.tar.gz
cd ruby-1.8.7
./configure --prefix=/usr/local/ruby
make
make install
操做系統PATH路徑:

vi  /etc/profile
export PATH=/usr/local/ruby/bin:$PATH

查看ruby --version版本

二、安裝facter
tar -zxvf facter-1.6.7.tar.gz
cd facter-1.6.7            
ruby install.rb

三、安裝puppet

tar -zxvf puppet-2.7.9.tar.gz

cd puppet-2.7.9/
ruby install.rb
[root@server puppet-2.7.9]# cp conf/auth.conf /etc/puppet/
[root@server puppet-2.7.9]# cp conf/namespaceauth.conf /etc/puppet/
[root@server puppet-2.7.9]# cp conf/redhat/puppet.conf /etc/puppet/
[root@server puppet-2.7.9]# cp conf/redhat/server.init /etc/init.d/puppetmaster
[root@server puppet-2.7.9]# chmod +x /etc/init.d/puppetmaster
[root@server puppet-2.7.9]# /etc/init.d/puppetmaster start
Starting puppetmaster: /bin/bash: /usr/sbin/puppetmasterd: No such file or directory
                                                           [FAILED]

[root@server puppet-2.7.9]# cp sbin/puppetmasterd /usr/sbin/
[root@server puppet-2.7.9]# chmod -R 777 /usr/sbin/puppetmasterd
[root@server puppet-2.7.9]# cp sbin/puppetmasterd /bin/puppetmasterd
[root@server puppet-2.7.9]# chmod -R 777 /bin/puppetmasterd
[root@server puppet-2.7.9]# /etc/init.d/puppetmaster start
Starting puppetmaster: /usr/bin/env: ruby: No such file or directory
                                                           [FAILED]
[root@server puppet-2.7.9]# ln -s /usr/local/ruby/bin/
erb         filebucket  pi          puppetdoc   rdoc        ruby
facter      irb         puppet      ralsh       ri          testrb
[root@server puppet-2.7.9]# ln -s /usr/local/ruby/bin/ruby /usr/bin/
[root@server puppet-2.7.9]# /etc/init.d/puppetmaster start
Starting puppetmaster: Could not prepare for execution: Got 6 failure(s) while initializing: change from absent to directory failed: Could not set 'directory on ensure: Could not find group puppet; change from absent to directory failed: Could not set 'directory on ensure: Could not find group puppet; change from absent to directory failed: Could not set 'directory on ensure: Could not find group puppet; change from absent to directory failed: Could not set 'directory on ensure: Could not find group puppet; change from absent to directory failed: Could not set 'directory on ensure: Could not find group puppet; change from absent to directory failed: Could not set 'directory on ensure: Could not find group puppet
                                                           [FAILED]
[root@server puppet-2.7.9]# useradd puppet
[root@server puppet-2.7.9]# /etc/init.d/puppetmaster start
Starting puppetmaster:                                     [  OK  ]

[root@server sbin]# pwd
/usr/local/src/puppet-2.7.9/sbin
cp -r * /usr/sbin/


[root@server manifests]# chkconfig --add puppetmaster
[root@server manifests]# chkconfig puppetmaster on

客戶端其它安裝和服務器安裝相同，除了用cp conf/redhat/client.init /etc/init.d/puppet

  
  
  
  

   
   
   
   
tar -zxvf puppet-2.7.9.tar.gz 
   
   
   
   
 
   
   
   
   
cd puppet-2.7.9/ 
   
   
   
   
ruby install.rb 

  
  
  
  

[root@localhost puppet-2.7.9]# cp conf/auth.conf /etc/puppet/
[root@localhost puppet-2.7.9]# cp conf/namespaceauth.conf /etc/puppet/
[root@localhost puppet-2.7.9]# cp conf/redhat/puppet.conf /etc/puppet/
[root@localhost puppet-2.7.9]# cp conf/redhat/client.init /etc/init.d/puppet
[root@localhost puppet-2.7.9]# chmod +x /etc/init.d/puppet
[root@localhost puppet-2.7.9]# service puppet start
Starting puppet: /bin/bash: /usr/sbin/puppetd: No such file or directory
                                                           [FAILED]
[root@localhost puppet-2.7.9]# cp sbin/puppetd /usr/sbin/puppetd
[root@localhost puppet-2.7.9]# service puppet start
Starting puppet: /usr/bin/env: ruby: No such file or directory
                                                           [FAILED]
[root@localhost puppet-2.7.9]# chmod +x /usr/sbin/puppetd
[root@localhost puppet-2.7.9]# service puppet start
Starting puppet: /usr/bin/env: ruby: No such file or directory
                                                           [FAILED]
[root@localhost puppet-2.7.9]# ln -s /usr/local/ruby/bin/ruby /usr/bin/
[root@localhost puppet-2.7.9]# /etc/init.d/puppet start
Starting puppet:                                           [  OK  ]

安裝完畢後進行測試：

在服務器端執行：
 puppetca --list
應該是無
在客戶端執行 puppetd --server server.cbcv.net  --test
再到服務器端執行：
puppetca –s client.cbcv.net
 clinet.cbcv.net (BF:5D:58:D0:F2:06:8C:FB:5C:AA:08:80:87:DC:92:20)

若是看到了客戶端的證書請求，
針對客戶端請求爲
puppetca –s client.cbcv.net
用下面的命令對全部證書請求籤名：
 puppetca -s –a

在主服務器上/etc/puppet/manifests

vi /etc/puppet/manifests/site.pp
node default{
   file { "/tmp/test.txt":
           content=> "hello, Test";
}
}

再重啓一下服務器service puppetmaster restart 和客戶端service puppet restart
再執行puppetd --server server.cbcv.net  --test
看/tmp下面是否是有test.txt文件了
 

增長多個site.pp

能夠先在site.pp中增長

import "test.pp"

而後再在裏面執行須要操做的內容。

可用puppetd --server server.cbcv.net  --test進行測試。

若是有報錯：notice: Ignoring --listen on onetime run
notice: Skipping run of Puppet configuration client; administratively disabled; use 'puppet Puppet configuration client --enable' to re-enable.

那麼須要在客戶端執行puppet agent --enable便可。

puppet agent --disable爲關閉。

 

記得重啓puppetmaster和puppet
如下爲參考內容，感受很是不錯：
默認時間vim /etc/puppet/puppet.con
runinterval =1800 ###默認是30分鐘，能夠修改此處的值，單位爲秒
有的時間修改了這個沒有用，是什麼緣由呢：
我也曾修改過屢次，沒效果，後在客戶端的配置文件再加了一句server = server.cbcv.net
而後重啓
在客戶端修改便可！最好重啓一下server puppet restart

puppet 如何全客戶端自動簽名 
a.vim /etc/puppet/puppet.conf 
[puppetmaster]
autosign=true      #增長這兩行
autosing=/etc/puppet/autosign.conf  
#增長這兩行添加 
* 表示全部，或者添加域名,IP或者網段。舉例：
b.再編輯 /etc/puppet/autosign.conf**.test.com192.168.0.1/24




錯誤總結<此錯誤是由於用了yum去安裝。看到別人寫的OK......>：
第一次認證的時候報下邊的錯誤：
[root@client ~]# puppetd --server server.cbcv.net  --test
err: Could not retrieve catalog from remote server: certificate verify failed
我作測試發現的緣由有三種：
第一：是hostname沒有設置好，在安裝前必定要把hostname設置好，設置好以後儘可能重啓機器。實在不行就刪了從新安裝。
第二：時間不一樣步，時間不一樣步也會報認證失敗的錯誤，能夠用date設置時間，只要不是差得太多就沒事。
第三：是ssl的問題，在你用的這個客戶端puppet已經作過其餘的機器的客戶端的狀況下，由於已經生成的有證書，可能會和如今的衝突，把/var/lib/puppet/ssl這個文件夾刪掉以後就好了。


1.3配置c/s模式的puppet的實驗環境
Puppet的的客戶端和服務端是靠ssl連接的，在服務端有一個自簽名的根證書，在安裝軟件的時候自動生成。每一個客戶端的證書要通過根證書籤名才能和服務器鏈接。因此首先要在客戶端執行下面的命令來請求服務器簽名證書。
puppetd --server server.cbcv.net --test