PUPPET » Historique » Version 3
Mehdi Abaakouk, 02/01/2012 17:02
| 1 | 3 | Mehdi Abaakouk | h1. master of puppet |
|---|---|---|---|
| 2 | 1 | Mehdi Abaakouk | |
| 3 | 3 | Mehdi Abaakouk | http://youtu.be/Y-1sEcEz0sg |
| 4 | 2 | Mehdi Abaakouk | |
| 5 | 1 | Mehdi Abaakouk | h2. Ajout d'une machine: |
| 6 | 1 | Mehdi Abaakouk | |
| 7 | 1 | Mehdi Abaakouk | Sur le client: |
| 8 | 1 | Mehdi Abaakouk | |
| 9 | 1 | Mehdi Abaakouk | <pre> |
| 10 | 1 | Mehdi Abaakouk | $ apt-get install puppet |
| 11 | 1 | Mehdi Abaakouk | </pre> |
| 12 | 1 | Mehdi Abaakouk | |
| 13 | 1 | Mehdi Abaakouk | dans /etc/default/puppet mettre: |
| 14 | 1 | Mehdi Abaakouk | <pre> |
| 15 | 1 | Mehdi Abaakouk | START=yes |
| 16 | 1 | Mehdi Abaakouk | </pre> |
| 17 | 1 | Mehdi Abaakouk | |
| 18 | 1 | Mehdi Abaakouk | et dans /etc/puppet/puppet.conf ajouter: |
| 19 | 1 | Mehdi Abaakouk | <pre> |
| 20 | 1 | Mehdi Abaakouk | [agent] |
| 21 | 1 | Mehdi Abaakouk | server=puppet.tetaneutral.net |
| 22 | 1 | Mehdi Abaakouk | </pre> |
| 23 | 1 | Mehdi Abaakouk | |
| 24 | 1 | Mehdi Abaakouk | Ensuite ajouter la machine dans le puppet master, MOUAHAHA: |
| 25 | 1 | Mehdi Abaakouk | Sur le client: |
| 26 | 1 | Mehdi Abaakouk | <pre> |
| 27 | 1 | Mehdi Abaakouk | $ puppet agent --test |
| 28 | 1 | Mehdi Abaakouk | warning: peer certificate won't be verified in this SSL session |
| 29 | 1 | Mehdi Abaakouk | warning: peer certificate won't be verified in this SSL session |
| 30 | 1 | Mehdi Abaakouk | warning: peer certificate won't be verified in this SSL session |
| 31 | 1 | Mehdi Abaakouk | Exiting; no certificate found and waitforcert is disabled |
| 32 | 1 | Mehdi Abaakouk | </pre> |
| 33 | 1 | Mehdi Abaakouk | |
| 34 | 1 | Mehdi Abaakouk | Sur le serveur: |
| 35 | 1 | Mehdi Abaakouk | <pre> |
| 36 | 1 | Mehdi Abaakouk | $ puppetca --list |
| 37 | 1 | Mehdi Abaakouk | www.tetaneutral.net |
| 38 | 1 | Mehdi Abaakouk | |
| 39 | 1 | Mehdi Abaakouk | $ puppetca --sign --all |
| 40 | 1 | Mehdi Abaakouk | notice: Signed certificate request for www.tetaneutral.net |
| 41 | 1 | Mehdi Abaakouk | notice: Removing file Puppet::SSL::CertificateRequest www.tetaneutral.net at '/var/lib/puppet/ssl/ca/requests/www.tetaneutral.net.pem' |
| 42 | 1 | Mehdi Abaakouk | </pre> |
| 43 | 1 | Mehdi Abaakouk | |
| 44 | 1 | Mehdi Abaakouk | Sur le client: |
| 45 | 1 | Mehdi Abaakouk | <pre> |
| 46 | 1 | Mehdi Abaakouk | $ puppet agent --test |
| 47 | 1 | Mehdi Abaakouk | warning: peer certificate won't be verified in this SSL session |
| 48 | 1 | Mehdi Abaakouk | info: Caching certificate for www.tetaneutral.net |
| 49 | 1 | Mehdi Abaakouk | info: Caching certificate_revocation_list for ca |
| 50 | 1 | Mehdi Abaakouk | info: Caching catalog for www.tetaneutral.net |
| 51 | 1 | Mehdi Abaakouk | info: Applying configuration version '1325516709' |
| 52 | 1 | Mehdi Abaakouk | info: Creating state file /var/lib/puppet/state/state.yaml |
| 53 | 1 | Mehdi Abaakouk | notice: Finished catalog run in 0.01 seconds |
| 54 | 1 | Mehdi Abaakouk | </pre> |
| 55 | 1 | Mehdi Abaakouk | |
| 56 | 2 | Mehdi Abaakouk | |
| 57 | 2 | Mehdi Abaakouk | h2. Liens: |
| 58 | 2 | Mehdi Abaakouk | |
| 59 | 2 | Mehdi Abaakouk | http://madeinsyria.fr/2011/06/howto-puppet-administration-et-industrialisation-de-masse/ |
| 60 | 2 | Mehdi Abaakouk | |
| 61 | 2 | Mehdi Abaakouk | h2. Ajout d'un module (ie: un truc/service/user a configurer), ici module motdpour l'exemple : |
| 62 | 2 | Mehdi Abaakouk | |
| 63 | 2 | Mehdi Abaakouk | h3. Création du module |
| 64 | 2 | Mehdi Abaakouk | |
| 65 | 2 | Mehdi Abaakouk | <pre> |
| 66 | 2 | Mehdi Abaakouk | cd /etc/puppet/modules |
| 67 | 2 | Mehdi Abaakouk | mkdir -p motd/{files,lib,manifests,templates,tests} |
| 68 | 2 | Mehdi Abaakouk | $ cat motd/manifests/init.pp |
| 69 | 2 | Mehdi Abaakouk | class motd { |
| 70 | 2 | Mehdi Abaakouk | file {'motd': |
| 71 | 2 | Mehdi Abaakouk | ensure => file, |
| 72 | 2 | Mehdi Abaakouk | path => '/etc/motd.tail', |
| 73 | 2 | Mehdi Abaakouk | mode => 0644, |
| 74 | 2 | Mehdi Abaakouk | content => "Bienvenue sur ${::hostname}, machine de l'infrastructure ${::domain}\n\nCette machine est geree par puppet toutes modifications effectuee est suceptible d'etre perdu." |
| 75 | 2 | Mehdi Abaakouk | } |
| 76 | 2 | Mehdi Abaakouk | } |
| 77 | 2 | Mehdi Abaakouk | </pre> |
| 78 | 2 | Mehdi Abaakouk | |
| 79 | 2 | Mehdi Abaakouk | |
| 80 | 2 | Mehdi Abaakouk | h3. Ajout du module à la liste des modules disponibles |
| 81 | 2 | Mehdi Abaakouk | |
| 82 | 2 | Mehdi Abaakouk | <pre> |
| 83 | 2 | Mehdi Abaakouk | $ cat manifests/modules.pp |
| 84 | 2 | Mehdi Abaakouk | import "backup" |
| 85 | 2 | Mehdi Abaakouk | import "motd" |
| 86 | 2 | Mehdi Abaakouk | </pre> |
| 87 | 2 | Mehdi Abaakouk | |
| 88 | 2 | Mehdi Abaakouk | h3. Utilisation du module pour une node |
| 89 | 2 | Mehdi Abaakouk | |
| 90 | 2 | Mehdi Abaakouk | <pre> |
| 91 | 2 | Mehdi Abaakouk | $ cat manifests/nodes.pp |
| 92 | 2 | Mehdi Abaakouk | |
| 93 | 2 | Mehdi Abaakouk | node basenode { |
| 94 | 2 | Mehdi Abaakouk | include backup |
| 95 | 2 | Mehdi Abaakouk | include motd |
| 96 | 2 | Mehdi Abaakouk | } |
| 97 | 2 | Mehdi Abaakouk | |
| 98 | 2 | Mehdi Abaakouk | node 'www.tetaneutral.net' inherits basenode { |
| 99 | 2 | Mehdi Abaakouk | |
| 100 | 2 | Mehdi Abaakouk | } |
| 101 | 2 | Mehdi Abaakouk | </pre> |
| 102 | 1 | Mehdi Abaakouk | |
| 103 | 1 | Mehdi Abaakouk | |
| 104 | 1 | Mehdi Abaakouk | h2. Installation |
| 105 | 1 | Mehdi Abaakouk | |
| 106 | 1 | Mehdi Abaakouk | Installation du paquet: |
| 107 | 1 | Mehdi Abaakouk | <pre> |
| 108 | 1 | Mehdi Abaakouk | $ apt-get install puppetmaster |
| 109 | 1 | Mehdi Abaakouk | </pre> |
| 110 | 1 | Mehdi Abaakouk | |
| 111 | 1 | Mehdi Abaakouk | |
| 112 | 1 | Mehdi Abaakouk | Dans /etc/puppet/puppet.conf mettre le nom du serveur puppetmaster: |
| 113 | 1 | Mehdi Abaakouk | <pre> |
| 114 | 1 | Mehdi Abaakouk | [master] |
| 115 | 1 | Mehdi Abaakouk | certname=puppet.tetaneutral.net |
| 116 | 1 | Mehdi Abaakouk | </pre> |
| 117 | 1 | Mehdi Abaakouk | |
| 118 | 1 | Mehdi Abaakouk | Dans /etc/puppet/fileserver.conf configurer les autorisations: |
| 119 | 1 | Mehdi Abaakouk | <pre> |
| 120 | 1 | Mehdi Abaakouk | [files] |
| 121 | 1 | Mehdi Abaakouk | path /etc/puppet/files |
| 122 | 1 | Mehdi Abaakouk | allow 91.224.149.0/24 |
| 123 | 1 | Mehdi Abaakouk | allow 91.224.148.0/24 |
| 124 | 1 | Mehdi Abaakouk | </pre> |