puppet客户端快速部署
先改主机名 /etc/hosts 改完用hostname临时生效一下
修改hosts,添加server到hosts列表 同时添加client的主机名到server的hosts列表
echo '10.10.10.10 server.example.com'>>/etc/hosts
安装client程序
yum install ruby puppet -y
修改配置文件 /etc/puppet/puppet.conf
在[main]子项后追加server主机名和主动触发侦听开关:
server = server.example.com
listen = true
environment = apptest
新建配置文件 /etc/puppet/namespaceauth.conf
内容为:
allow server.example.com
修改配置文件 /etc/puppet/auth.conf
追加一行:
allow *
建立认证
client端: puppet agent --server server.example.com --no-daemonize --verbose ##双-
server端:
puppet cert list #待签证列表
puppet cert sign client001.com #签名证书
若此client已认证过,server会提示重新认证
先删除server认证秘钥
rm -rf /var/lib/puppet/ssl/ca/signed/client1.pem
在客户端执行:
rm -fr /var/lib/puppet/ssl/* #删除证书
然后重新认证
启动客户端:
puppet agent -v --no-client ##双-
Error: Could not retrieve catalog; skipping run‘
/usr/share/ruby/vendor_ruby/puppet/agent.rb:87:in `exit’: no implicit conversion from nil to integer (TypeError)
from /usr/share/ruby/vendor_ruby/puppet/agent.rb:87:in `block in run_in_fork’
from /usr/share/ruby/vendor_ruby/puppet/agent.rb:84:in `fork’
from /usr/share/ruby/vendor_ruby/puppet/agent.rb:84:in `run_in_fork’
from /usr/share/ruby/vendor_ruby/puppet/agent.rb:43:in `block in run’
from /usr/share/ruby/vendor_ruby/puppet/application.rb:179:in `call’
from /usr/share/ruby/vendor_ruby/puppet/application.rb:179:in `controlled_run’
from /usr/share/ruby/vendor_ruby/puppet/agent.rb:41:in `run’
from /usr/share/ruby/vendor_ruby/puppet/daemon.rb:163:in `block in run_event_loop’
from /usr/share/ruby/vendor_ruby/puppet/scheduler/job.rb:49:in `call’
from /usr/share/ruby/vendor_ruby/puppet/scheduler/job.rb:49:in `run’
from /usr/share/ruby/vendor_ruby/puppet/scheduler/scheduler.rb:39:in `block in run_ready’
from /usr/share/ruby/vendor_ruby/puppet/scheduler/scheduler.rb:34:in `each’
from /usr/share/ruby/vendor_ruby/puppet/scheduler/scheduler.rb:34:in `run_ready’
from /usr/share/ruby/vendor_ruby/puppet/scheduler/scheduler.rb:11:in `run_loop’
from /usr/share/ruby/vendor_ruby/puppet/daemon.rb:179:in `run_event_loop’
from /usr/share/ruby/vendor_ruby/puppet/daemon.rb:142:in `start’
from /usr/share/ruby/vendor_ruby/puppet/application/agent.rb:377:in `main’
from /usr/share/ruby/vendor_ruby/puppet/application/agent.rb:323:in `run_command’
from /usr/share/ruby/vendor_ruby/puppet/application.rb:371:in `block (2 levels) in run’
from /usr/share/ruby/vendor_ruby/puppet/application.rb:477:in `plugin_hook’
from /usr/share/ruby/vendor_ruby/puppet/application.rb:371:in `block in run’
from /usr/share/ruby/vendor_ruby/puppet/util.rb:479:in `exit_on_fail’
from /usr/share/ruby/vendor_ruby/puppet/application.rb:371:in `run’
from /usr/share/ruby/vendor_ruby/puppet/util/command_line.rb:137:in `run’
from /usr/share/ruby/vendor_ruby/puppet/util/command_line.rb:91:in `execute’
from /usr/bin/puppet:8:in `
https://projects.puppetlabs.com/issues/21935 ruby 3.0会解决这个问题 这里已经验证成功了 可忽视
请安装ftp
kick -d –host app.test.system 主动触发
puppet agent -v –no-client
/var/lib/puppet/ssl/ca/signed
puppet agent –no-daemonize -v