1 准备

• 2台 centos7 (master/server:192.168.1.103 agent/client:192.168.1.106)
• 分别添加puppet自定义仓库 https://yum.puppet.com/puppet6-release-el-7.noarch.rpm

2 Master/Server

设置 hostname

hostnamectl set-hostname puppet.example.net --static

设置 hosts

vi /etc/hosts

增加

192.168.1.103 puppet.example.net

安装 puppet server

yum -y install puppet-server

启动puppetmaster

systemctl start puppetmaster

systemctl enable puppetmaster

3 Agent/Client

设置hostname

nmtui->set system hostname->agent1.example.net

设置hosts

vi /etc/hosts

增加

192.168.1.106 agent1.example.net
192.168.1.103 puppet.example.net

安装puppet agent

yum -y install puppet

设置 puppet.conf

// vi /etc/puppet/puppet.conf
[agent]
certname = agent1.example.net
server = puppet.example.net
report = true

启动

systemctl start puppet.service
systemctl enable puppet.service

4 测试

client执行：puppet agent --test

输出

Info: Creating a new SSL key for agent1.example.net
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for agent1.example.net
Info: Certificate Request fingerprint (SHA256): DB:21:15:C8:90:E4:2D:54:53:4C:A5:9A:4A:00:50:E7:99:5B:73:EE:0C:23:F9:7B:36:99:34:CD:FE:E6:DF:DA
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled

最后一行不是错误

master执行:

• puppet cert list 输出:

"agent1.example.net" (SHA256) 14:7D:AA:34:C8:F1:70:28:B9:51:A6:7D:94:3F:69:92:8F:61:94:17:7D:4A:EF:F2:44:CC:4A:BC:6B:D5:C3:EC

• puppet cert sign agent1.example.net 或者 puppet cert sign --all

  输出:

Notice: Signed certificate request for agent1.example.net
Notice: Removing file Puppet::SSL::CertificateRequest agent1.example.net at '/var/lib/puppet/ssl/ca/requests/agent1.example.net.pem'

client再次执行

puppet agent --test

输出：

Info: Caching certificate for agent1.example.net
Info: Caching certificate_revocation_list for ca
Info: Caching certificate for agent1.example.net
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for agent1.example.net
Info: Applying configuration version '1428474782'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.05 seconds

在master上编辑 /etc/puppet/manifests/site.pp

node default {
    file {"/tmp/test.txt":
        content=>"I'm testing puppet\n";
    }
}

在agent上执行 puppet agent --test

[root@agent1]# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for stor01.centos7.com
Info: Applying configuration version '1563239001'
Notice: /Stage[main]/Main/Node[default]/File[/tmp/test.txt]/ensure: defined content as '{md5}3ac8d756cdcb2a7594aa115a2f03e065'
Notice: Finished catalog run in 0.01 seconds
[root@stor01 puppet]# cat /tmp/test.txt
I'm testing puppet

参考资料

• CentOS 7下安装配置Puppet
• Puppet Installation