PUPPET » Historique » Version 5
Mehdi Abaakouk, 03/01/2012 16:23
1 | 3 | Mehdi Abaakouk | h1. master of puppet |
---|---|---|---|
2 | 1 | Mehdi Abaakouk | |
3 | 3 | Mehdi Abaakouk | http://youtu.be/Y-1sEcEz0sg |
4 | 2 | Mehdi Abaakouk | |
5 | 1 | Mehdi Abaakouk | h2. Ajout d'une machine: |
6 | 1 | Mehdi Abaakouk | |
7 | 1 | Mehdi Abaakouk | Sur le client: |
8 | 1 | Mehdi Abaakouk | |
9 | 1 | Mehdi Abaakouk | <pre> |
10 | 1 | Mehdi Abaakouk | $ apt-get install puppet |
11 | 1 | Mehdi Abaakouk | </pre> |
12 | 1 | Mehdi Abaakouk | |
13 | 1 | Mehdi Abaakouk | dans /etc/default/puppet mettre: |
14 | 1 | Mehdi Abaakouk | <pre> |
15 | 1 | Mehdi Abaakouk | START=yes |
16 | 1 | Mehdi Abaakouk | </pre> |
17 | 1 | Mehdi Abaakouk | |
18 | 1 | Mehdi Abaakouk | et dans /etc/puppet/puppet.conf ajouter: |
19 | 1 | Mehdi Abaakouk | <pre> |
20 | 1 | Mehdi Abaakouk | [agent] |
21 | 1 | Mehdi Abaakouk | server=puppet.tetaneutral.net |
22 | 1 | Mehdi Abaakouk | </pre> |
23 | 1 | Mehdi Abaakouk | |
24 | 1 | Mehdi Abaakouk | Ensuite ajouter la machine dans le puppet master, MOUAHAHA: |
25 | 1 | Mehdi Abaakouk | Sur le client: |
26 | 1 | Mehdi Abaakouk | <pre> |
27 | 1 | Mehdi Abaakouk | $ puppet agent --test |
28 | 1 | Mehdi Abaakouk | warning: peer certificate won't be verified in this SSL session |
29 | 1 | Mehdi Abaakouk | warning: peer certificate won't be verified in this SSL session |
30 | 1 | Mehdi Abaakouk | warning: peer certificate won't be verified in this SSL session |
31 | 1 | Mehdi Abaakouk | Exiting; no certificate found and waitforcert is disabled |
32 | 1 | Mehdi Abaakouk | </pre> |
33 | 1 | Mehdi Abaakouk | |
34 | 1 | Mehdi Abaakouk | Sur le serveur: |
35 | 1 | Mehdi Abaakouk | <pre> |
36 | 1 | Mehdi Abaakouk | $ puppetca --list |
37 | 1 | Mehdi Abaakouk | www.tetaneutral.net |
38 | 1 | Mehdi Abaakouk | |
39 | 1 | Mehdi Abaakouk | $ puppetca --sign --all |
40 | 1 | Mehdi Abaakouk | notice: Signed certificate request for www.tetaneutral.net |
41 | 1 | Mehdi Abaakouk | notice: Removing file Puppet::SSL::CertificateRequest www.tetaneutral.net at '/var/lib/puppet/ssl/ca/requests/www.tetaneutral.net.pem' |
42 | 1 | Mehdi Abaakouk | </pre> |
43 | 1 | Mehdi Abaakouk | |
44 | 1 | Mehdi Abaakouk | Sur le client: |
45 | 1 | Mehdi Abaakouk | <pre> |
46 | 1 | Mehdi Abaakouk | $ puppet agent --test |
47 | 1 | Mehdi Abaakouk | warning: peer certificate won't be verified in this SSL session |
48 | 1 | Mehdi Abaakouk | info: Caching certificate for www.tetaneutral.net |
49 | 1 | Mehdi Abaakouk | info: Caching certificate_revocation_list for ca |
50 | 1 | Mehdi Abaakouk | info: Caching catalog for www.tetaneutral.net |
51 | 1 | Mehdi Abaakouk | info: Applying configuration version '1325516709' |
52 | 1 | Mehdi Abaakouk | info: Creating state file /var/lib/puppet/state/state.yaml |
53 | 1 | Mehdi Abaakouk | notice: Finished catalog run in 0.01 seconds |
54 | 1 | Mehdi Abaakouk | </pre> |
55 | 1 | Mehdi Abaakouk | |
56 | 4 | Mehdi Abaakouk | Sur le serveur, on associe les modules au client: |
57 | 4 | Mehdi Abaakouk | |
58 | 4 | Mehdi Abaakouk | <pre> |
59 | 4 | Mehdi Abaakouk | $ cat manifests/nodes.pp |
60 | 4 | Mehdi Abaakouk | |
61 | 4 | Mehdi Abaakouk | node basenode { |
62 | 4 | Mehdi Abaakouk | include backup |
63 | 4 | Mehdi Abaakouk | include motd |
64 | 4 | Mehdi Abaakouk | } |
65 | 4 | Mehdi Abaakouk | |
66 | 4 | Mehdi Abaakouk | node 'www.tetaneutral.net' inherits basenode { |
67 | 4 | Mehdi Abaakouk | } |
68 | 4 | Mehdi Abaakouk | </pre> |
69 | 4 | Mehdi Abaakouk | |
70 | 2 | Mehdi Abaakouk | |
71 | 2 | Mehdi Abaakouk | h2. Liens: |
72 | 2 | Mehdi Abaakouk | |
73 | 2 | Mehdi Abaakouk | http://madeinsyria.fr/2011/06/howto-puppet-administration-et-industrialisation-de-masse/ |
74 | 2 | Mehdi Abaakouk | |
75 | 5 | Mehdi Abaakouk | h2. Récupération de fichier écrasé par puppet: |
76 | 5 | Mehdi Abaakouk | |
77 | 5 | Mehdi Abaakouk | Voir la liste des fichiers backupés: |
78 | 5 | Mehdi Abaakouk | <pre> |
79 | 5 | Mehdi Abaakouk | find /var/*/puppet/clientbucket -name paths | while read path ; do echo $(cat $path): $(basename $(dirname $path)) $(stat -c %y $path) ; done |
80 | 5 | Mehdi Abaakouk | </pre> |
81 | 5 | Mehdi Abaakouk | Ensuite pour voir le fichier: |
82 | 5 | Mehdi Abaakouk | <pre> |
83 | 5 | Mehdi Abaakouk | |
84 | 5 | Mehdi Abaakouk | </pre> |
85 | 5 | Mehdi Abaakouk | |
86 | 2 | Mehdi Abaakouk | h2. Ajout d'un module (ie: un truc/service/user a configurer), ici module motdpour l'exemple : |
87 | 2 | Mehdi Abaakouk | |
88 | 2 | Mehdi Abaakouk | h3. Création du module |
89 | 2 | Mehdi Abaakouk | |
90 | 2 | Mehdi Abaakouk | <pre> |
91 | 2 | Mehdi Abaakouk | cd /etc/puppet/modules |
92 | 2 | Mehdi Abaakouk | mkdir -p motd/{files,lib,manifests,templates,tests} |
93 | 2 | Mehdi Abaakouk | $ cat motd/manifests/init.pp |
94 | 2 | Mehdi Abaakouk | class motd { |
95 | 2 | Mehdi Abaakouk | file {'motd': |
96 | 2 | Mehdi Abaakouk | ensure => file, |
97 | 2 | Mehdi Abaakouk | path => '/etc/motd.tail', |
98 | 2 | Mehdi Abaakouk | mode => 0644, |
99 | 2 | Mehdi Abaakouk | content => "Bienvenue sur ${::hostname}, machine de l'infrastructure ${::domain}\n\nCette machine est geree par puppet toutes modifications effectuee est suceptible d'etre perdu." |
100 | 2 | Mehdi Abaakouk | } |
101 | 2 | Mehdi Abaakouk | } |
102 | 2 | Mehdi Abaakouk | </pre> |
103 | 2 | Mehdi Abaakouk | |
104 | 2 | Mehdi Abaakouk | |
105 | 2 | Mehdi Abaakouk | h3. Ajout du module à la liste des modules disponibles |
106 | 2 | Mehdi Abaakouk | |
107 | 2 | Mehdi Abaakouk | <pre> |
108 | 2 | Mehdi Abaakouk | $ cat manifests/modules.pp |
109 | 2 | Mehdi Abaakouk | import "backup" |
110 | 2 | Mehdi Abaakouk | import "motd" |
111 | 2 | Mehdi Abaakouk | </pre> |
112 | 2 | Mehdi Abaakouk | |
113 | 2 | Mehdi Abaakouk | h3. Utilisation du module pour une node |
114 | 2 | Mehdi Abaakouk | |
115 | 2 | Mehdi Abaakouk | <pre> |
116 | 2 | Mehdi Abaakouk | $ cat manifests/nodes.pp |
117 | 2 | Mehdi Abaakouk | |
118 | 2 | Mehdi Abaakouk | node basenode { |
119 | 2 | Mehdi Abaakouk | include backup |
120 | 2 | Mehdi Abaakouk | include motd |
121 | 2 | Mehdi Abaakouk | } |
122 | 2 | Mehdi Abaakouk | |
123 | 2 | Mehdi Abaakouk | node 'www.tetaneutral.net' inherits basenode { |
124 | 2 | Mehdi Abaakouk | |
125 | 2 | Mehdi Abaakouk | } |
126 | 2 | Mehdi Abaakouk | </pre> |
127 | 1 | Mehdi Abaakouk | |
128 | 1 | Mehdi Abaakouk | |
129 | 1 | Mehdi Abaakouk | h2. Installation |
130 | 1 | Mehdi Abaakouk | |
131 | 1 | Mehdi Abaakouk | Installation du paquet: |
132 | 1 | Mehdi Abaakouk | <pre> |
133 | 1 | Mehdi Abaakouk | $ apt-get install puppetmaster |
134 | 1 | Mehdi Abaakouk | </pre> |
135 | 1 | Mehdi Abaakouk | |
136 | 1 | Mehdi Abaakouk | |
137 | 1 | Mehdi Abaakouk | Dans /etc/puppet/puppet.conf mettre le nom du serveur puppetmaster: |
138 | 1 | Mehdi Abaakouk | <pre> |
139 | 1 | Mehdi Abaakouk | [master] |
140 | 1 | Mehdi Abaakouk | certname=puppet.tetaneutral.net |
141 | 1 | Mehdi Abaakouk | </pre> |
142 | 1 | Mehdi Abaakouk | |
143 | 1 | Mehdi Abaakouk | Dans /etc/puppet/fileserver.conf configurer les autorisations: |
144 | 1 | Mehdi Abaakouk | <pre> |
145 | 1 | Mehdi Abaakouk | [files] |
146 | 1 | Mehdi Abaakouk | path /etc/puppet/files |
147 | 1 | Mehdi Abaakouk | allow 91.224.149.0/24 |
148 | 1 | Mehdi Abaakouk | allow 91.224.148.0/24 |
149 | 1 | Mehdi Abaakouk | </pre> |