Deployment and application of puppet

Keywords: Linux vsftpd yum Unix

brief introduction

Puppet is a centralized configuration management system for Linux, Unix and windows platforms. It uses its own puppet description language to manage configuration files, users, cron tasks, software packages, system services, etc. These system entities are called resources by puppet. The design goal of puppet is to simplify the management of these resources and properly handle the dependency between resources.
Puppet adopts the C/S star structure, all clients interact with one or several servers. Each client cycle (default half an hour) sends a request to the server to obtain its latest configuration information and ensure synchronization with the configuration information. Every puppet client connects to the server every half an hour (can be set), downloads the latest configuration file, and configures the client strictly according to the configuration file. After configuration, the puppet client can feed back a message to the server. If there is an error, it will also feed back a message to the server.
The puppet client will first connect to the puppet server, and send the basic configuration information of the client to the server through the factor tool. The server analyzes the host name of the client, finds the configuration code of the host through the node definition, compiles the configuration code, and sends the compiled configuration code back to the client, The client executes the code to complete the configuration, and feeds back the code execution to the puppet server
Common resources
Common resources include notify (debug and output), file (configuration file), package (software installation), service (Service Management), exec (execute command), cron (timing script), user (user), group (user group)

preparation in advance

Prepare two Centos7 virtual machines, one for server and one for agent. Configure IP address and hostname (strictly match FQDN format), synchronization time, turn off firewall and selinux, and configure IP address and hostname mapping

hostname ip

Download the official rpm package and configure the yum source
Download address:

Deploy Puppet Master

#Install software
[root@puppet-master ~]# yum install puppet-server puppet -y
#Start service
[root@puppet-master ~]#systemctl start puppetmaster start
#View startup status
[root@puppet-master ~]# netstat -tnlp |grep 8140

Modify profile

[root@puppet-master ~]# vi /etc/puppet/puppet.conf #Define the name of your own signature authentication, that is, your own host name

Deploy puppet agent

#Install software
[root@puppet-agent ~]# yum install puppet -y

Modify profile

[root@puppet-agent ~]# vi /etc/puppet/puppet.conf #Define the name of your own signature authentication, that is, your own host name #Specify puppetmaster
runinterval=60 #Define how often an agent actively pulls resources from the master

Realize the authentication connection between master and agent

agent tries to send registration application

[root@puppet-agent ~]# puppet agent -t

Authentication connection at the master end

#View authentication request 
[root@puppet-master ~]# puppet cert --list 
#Issue certification
[root@puppet-master ~]# puppet cert sign --all  

agent sends registration application again

[root@puppet-agent ~]# puppet agent -t
#Generate Certificate in / var/lib/puppet/ssl

Application cases

1. Create file

#Edit profile
[root@puppet-master ~]# vi /etc/puppet/manifests/site.pp
#Create a file
#Set deployment node
node ''{
    #Format: file resource {'title': attribute = > value,}
    #title can be named by itself
        #Specify path
        path => "/tmp/puppet.txt",
        #Add file content
        content => "Hello puppet agent";
#Pull resources manually at agent end
[root@puppet-agent ~]# puppet agent -t
#View execution
[root@puppet-agent ~]# cat /tmp/puppet.txt 
Hello puppet agent[root@puppet-agent ~]#

2. Create users kawhi and www

#Edit profile
[root@puppet-master ~]# vi /etc/puppet/manifests/site.pp
node ''{
        name => kawhi,
        #present: must exist
        ensure => present,
        uid => 1024;
        name => www,
        ensure => present,
        uid => 1056;
#Wait for 60s, the agent automatically pulls resources
#View execution
[root@puppet-agent ~]# id kawhi
uid=1024(kawhi) gid=1024(kawhi) group=1024(kawhi)
[root@puppet-agent ~]# id www
uid=1056(www) gid=1056(www) group=1056(www)

3. Install vsftpd in agent

#Create software module catalog
#The manifest directory is the function code directory of the module
#The files directory is the resource directory
[root@puppet-master ~]# mkdir -pv /etc/puppet/modules/vsftpd/{manifests,files}
#Write module core file
[root@puppet-master ~]# vi /etc/puppet/modules/vsftpd/manifests/init.pp
class vsftpd{
    #Configure yum source
    yumrepo {"Server":
        descr => "Server repo",
        #Resources need to be attached to the agent in advance 
        baseurl => "file:///media/CentOS_6.10_Final",
        gpgcheck => "0",
        enabled => "1";
    #Processing package
    package {"vsftpd":
        ensure => installed,
        #The first letter needs to be capitalized when associating yum resources
        require => Yumrepo["Server"];
    #Configure services
    service {"vsftpd":
        #Open service
        ensure => running;
#Call module
#Edit profile
[root@puppet-master ~]# vi /etc/puppet/manifests/site.pp
node ''{
    include vsftpd
#Check configuration syntax
[root@puppet-master ~]# puppet parser validate /etc/puppet/modules/vsftpd/manifests/init.pp
[root@puppet-master ~]# puppet parser validate /etc/puppet/manifests/site.pp
#Pull resources manually at agent end
[root@puppet-agent ~]# puppet agent -t
#View service status
[root@puppet-agent ~]# netstat -tnlp |grep vsftpd
tcp        0      0        *                   LISTEN      2404/vsftpd   

Posted by nareshrevoori on Fri, 05 Jun 2020 03:36:06 -0700