Puppet 是著名的开源配置管理工具,使系统管理员能够自动执行重复性任务并确保整个基础架构的一致性。通过自动化配置和管理,Puppet 有助于减少错误,并允许 IT 团队高效扩展。
在AlmaLinux 9上安装Puppet
第 1 步。在开始安装过程之前,请确保您的 AlmaLinux 9 系统是最新的。在终端中运行以下命令:
<span class="pln">sudo dnf update</span>
第 2 步。安装基本软件包。
为了顺利安装Puppet,你需要一些基本的软件包。使用以下命令安装它们:
<span class="pln">sudo dnf install wget curl</span>
第 3 步。设置主机名和域名。
使用以下命令配置系统的主机名和域名:
<span class="pln">sudo hostnamectl </span><span class="kwd">set</span><span class="pun">-</span><span class="pln">hostname puppet</span><span class="pun">-</span><span class="pln">master sudo echo </span><span class="str">"127.0.0.1 puppet-master"</span> <span class="pun">>></span> <span class="str">/etc/</span><span class="pln">hosts</span>
第 4 步。在AlmaLinux 9上安装Puppet。
要安装 Puppet,您需要将 Puppet 存储库添加到您的系统中并导入 Puppet GPG 密钥:
<span class="pln">sudo rpm </span><span class="pun">-</span><span class="typ">Uvh</span><span class="pln"> https</span><span class="pun">:</span><span class="com">//yum.puppet.com/puppet7-release-el-9.noarch.rpm</span>
要确保已成功添加存储库,请运行:
<span class="pln">sudo dnf repolist</span>
导入傀儡 GPG 密钥以验证包的真实性:
<span class="pln">sudo rpm </span><span class="pun">--</span><span class="kwd">import</span><span class="pln"> https</span><span class="pun">:</span><span class="com">//yum.puppet.com/RPM-GPG-KEY-puppet</span>
现在,让我们安装 Puppet 服务器软件包:
<span class="pln">sudo dnf install puppetserver</span>
第5步。配置傀儡服务器。
- 设置木偶主主机名
编辑文件并添加以下行以配置 Puppet Master 主机名:/etc/puppetlabs/puppet/puppet.conf
<span class="pun">[</span><span class="pln">main</span><span class="pun">]</span><span class="pln"> certname </span><span class="pun">=</span><span class="pln"> puppet</span><span class="pun">-</span><span class="pln">master</span>
- 配置 Puppet Master DNS
确保正确配置了傀儡主机的 DNS。验证文件:/etc/resolv.conf
<span class="pln">cat </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">resolv</span><span class="pun">.</span><span class="pln">conf</span>
要启动 Puppet 服务并使其在启动时启动,请运行:
<span class="pln">sudo systemctl start puppetserver sudo systemctl enable puppetserver</span>
第 6 步。安装傀儡代理。
现在,让我们安装 Puppet 代理包:
<span class="pln">sudo dnf install puppet</span><span class="pun">-</span><span class="pln">agent</span>
步骤 7.配置傀儡代理
- 设置傀儡代理主机名
编辑代理节点上的文件并添加以下行以配置 Puppet 代理主机名:/etc/puppetlabs/puppet/puppet.conf
<span class="pun">[</span><span class="pln">main</span><span class="pun">]</span><span class="pln"> certname </span><span class="pun">=</span><span class="pln"> puppet</span><span class="pun">-</span><span class="pln">agent</span>
- 配置傀儡代理 DNS
确保正确配置了傀儡代理的 DNS。还要验证代理节点上的文件。/etc/resolv.conf
要启动 Puppet 代理服务并使其能够在启动时启动,请运行:
<span class="pln">sudo systemctl start puppet sudo systemctl enable puppet</span>
第8步。傀儡 SSL 证书设置。
Puppet依靠SSL证书在主服务器和代理程序之间进行安全通信。让我们设置 SSL 证书。
在傀儡主节点上,运行以下命令生成SSL证书:
<span class="pln">sudo </span><span class="pun">/</span><span class="pln">opt</span><span class="pun">/</span><span class="pln">puppetlabs</span><span class="pun">/</span><span class="pln">bin</span><span class="pun">/</span><span class="pln">puppetserver ca setup</span>
在傀儡大师上,签署代理的证书请求:
<span class="pln">sudo </span><span class="pun">/</span><span class="pln">opt</span><span class="pun">/</span><span class="pln">puppetlabs</span><span class="pun">/</span><span class="pln">bin</span><span class="pun">/</span><span class="pln">puppetserver ca si</span>
<span class="pln">sudo </span><span class="pun">/</span><span class="pln">opt</span><span class="pun">/</span><span class="pln">puppetlabs</span><span class="pun">/</span><span class="pln">bin</span><span class="pun">/</span><span class="pln">puppetserver ca sign </span><span class="pun">--</span><span class="pln">all</span>
要检查证书状态,请运行:
<span class="pln">sudo </span><span class="pun">/</span><span class="pln">opt</span><span class="pun">/</span><span class="pln">puppetlabs</span><span class="pun">/</span><span class="pln">bin</span><span class="pun">/</span><span class="pln">puppetserver ca list </span><span class="pun">--</span><span class="pln">all</span>
第9步。傀儡配置文件
Puppet配置文件在定义Puppet环境的行为方面起着至关重要的作用。以下是一些重要配置文件的概述:
/etc/puppetlabs/puppet/puppet.conf:主木偶配置文件。/etc/puppetlabs/code/environments/production/manifests/site.pp:主木偶清单文件。
您可以修改这些文件以根据您的特定要求自定义您的 Puppet 设置。
第10步。测试木偶。
在我们继续之前,必须验证Puppet是否正常工作。
- 应用示例木偶清单
例如,创建一个简单的 Puppet 清单文件,其中包含以下内容:/etc/puppetlabs/code/environments/production/manifests/test.pp
<span class="pln">file </span><span class="pun">{</span> <span class="str">'/tmp/testfile'</span><span class="pun">:</span>
<span class="kwd">ensure</span> <span class="pun">=></span><span class="pln"> present</span><span class="pun">,</span><span class="pln">
content </span><span class="pun">=></span> <span class="str">'Hello, Puppet!'</span><span class="pun">,</span>
<span class="pun">}</span>
使用以下命令应用此清单:puppet apply
<span class="pln">sudo </span><span class="pun">/</span><span class="pln">opt</span><span class="pun">/</span><span class="pln">puppetlabs</span><span class="pun">/</span><span class="pln">bin</span><span class="pun">/</span><span class="pln">puppet apply </span><span class="pun">/</span><span class="pln">etc</span><span class="pun">/</span><span class="pln">puppetlabs</span><span class="pun">/</span><span class="pln">code</span><span class="pun">/</span><span class="pln">environments</span><span class="pun">/</span><span class="pln">production</span><span class="pun">/</span><span class="pln">manifests</span><span class="pun">/</span><span class="pln">test</span><span class="pun">.</span><span class="pln">pp</span>
验证 Puppet 代理是否可以通过运行以下命令与主服务器通信:
<span class="pln">sudo </span><span class="pun">/</span><span class="pln">opt</span><span class="pun">/</span><span class="pln">puppetlabs</span><span class="pun">/</span><span class="pln">bin</span><span class="pun">/</span><span class="pln">puppet agent </span><span class="pun">--</span><span class="pln">test</span>
检查是否已在代理节点上创建:/tmp/testfile
<span class="pln">cat </span><span class="pun">/</span><span class="pln">tmp</span><span class="pun">/</span><span class="pln">testfile</span>
感谢您使用本教程在您的 AlmaLinux 9 系统上安装 Puppet。有关其他帮助或有用信息,我们建议您查看 Puppet 官方网站。
