当前位置:网站首页>Puppet Master / agent model, site list and puppet multi environment setting of automatic operation and maintenance tools

Puppet Master / agent model, site list and puppet multi environment setting of automatic operation and maintenance tools

2020-12-07 19:43:08 Linux-1874

   We have learned about puppe The use of modules in , Please refer to https://www.cnblogs.com/qiuhom-1874/p/14086315.html; Today I'm going to learn about puppet Of master/agent Model and site list related topics ;

   Say puppet Of master/agent Before the model , Let's first review master/agent Working process of

   As shown in the figure above ,puppet Of master/agent The working process of the model ; First agent towards master Send your own host name and facts Information , And then the corresponding master After receiving the message , It will find and according to the corresponding host name agent Related configuration , Then put the corresponding configuration ( It mainly refers to the contents of resource list in classes and modules ) Compile well ,master Compile well catalog Send to agent;agent received master Send to catalog after , The first step is to look up the status of the relevant resources locally , If the corresponding resource state and compiled catalog In the same state , It doesn't change its state or skip ; If the corresponding resource state and catalog It's not the same state in , here agent Will apply catalog, Change the corresponding resource to and catalog In the same state ; Last agent Send application reports to master; here agent It becomes the system state that we define in the resource list ; Here's a little bit of attention catalog It's a binary file , You can't look directly at , This binary file is passed through master Module defined on , From the list of resources such as or classes ;

  master and agent Communication for

   stay puppet Of master/agent In the model ,master and agent Communication is based on https Protocol communication ; Use https Communication means certificate verification , With a certificate, there will be ca; stay puppet Of master/agent In the model , It has... Built in ca, That means we don't have to build it manually ca; Corresponding master Certificate , Private key file and ca Certificate private key file of ,puppet master Will automatically generate ; about agent The private key and certificate signing documents of the puppet agent Automatic generation ; And at the first start agent when , By default, it sends the generated certificate issuance file to master, wait for master grant a certificate ; stay master Sign a certificate on , This step requires manual intervention ; After the certificate is issued ,master and agent To be able to communicate normally ; By default agent Each 30 Minutes to master Pull up the relevant configuration once , Which means that we are master The content of the resource list on the end is no more than 30 Minutes can be in the corresponding agent It's applied to ;

   Site list

   In the above master/agent During the working process of the model ,agent towards master Send the host name and facts, Then corresponding master Compile the configuration of the corresponding host name and send it to the corresponding agent; here master According to what to find the corresponding configuration of the corresponding host name ? Usually, if we're in master There is no site list defined on the end , Corresponding agent The corresponding configuration cannot be obtained ; In other words, the site list is used to define what agent On , What resources or modules should be run ; This logic and we are using ansible equally , After defining the character , We need extra playbook To define which roles should be applied on those hosts ; about puppet Is the same , After we have defined the module , As for which host application which module, this is the need for us to define the site list ;

  puppet Of master/agent Model building

   Deploy master End

   Configure host name resolution

[root@master ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.16.151 master.test.org master
192.168.16.152 node01.test.org node01
192.168.16.153 node02.test.org node02
[root@master ~]# 

   Tips : In addition to the host name resolution between servers , We also need to pay attention to make sure that the time of each server is synchronized , close selinux, Make sure iptables It's off ;

   install puppet-server package

[root@master ~]# yum install -y puppet-server

   Tips : stay master End installation puppet-server By default, this package will put puppet Install as a dependency package ;

   Start the service

[root@master ~]# systemctl start puppetmaster.service 
[root@master ~]# ss -tnl
State       Recv-Q Send-Q          Local Address:Port                         Peer Address:Port              
LISTEN      0      128                         *:22                                      *:*                  
LISTEN      0      100                 127.0.0.1:25                                      *:*                  
LISTEN      0      128                         *:8140                                    *:*                  
LISTEN      0      128                      [::]:22                                   [::]:*                  
LISTEN      0      100                     [::1]:25                                   [::]:*                  
[root@master ~]# 

   Tips :puppet master By default, it will listen in tcp Of 8140 port , Used to receive agent Come on master Get configuration ; So make sure that master Terminal 8140 The port can be in the listening state normally ;

   Deploy agent End

   install puppet

[root@node01 ~]# yum install -y  puppet 

   Edit profile , To configure puppet server The address of

   Tips : edit /etc/puppet/puppet.conf file , take server=puppetmaster Host name configuration , Above ; If you use the form of a host name , Please make sure it corresponds to agent Can parse normally ;

   Start the service

[root@node01 ~]# systemctl start puppet
[root@node01 ~]# ss -tnl
State       Recv-Q Send-Q          Local Address:Port                         Peer Address:Port              
LISTEN      0      128                         *:22                                      *:*                  
LISTEN      0      100                 127.0.0.1:25                                      *:*                  
LISTEN      0      128                      [::]:22                                   [::]:*                  
LISTEN      0      100                     [::1]:25                                   [::]:*                  
[root@node01 ~]# ps aux |grep puppet
root      1653  0.0  0.0 115404  1436 ?        Ss   15:27   0:00 /bin/sh /usr/bin/start-puppet-agent agent  --no-daemonize
root      1654 26.7  2.2 317640 41888 ?        Sl   15:27   0:02 /usr/bin/ruby /usr/bin/puppet agent --no-daemonize
root      1680  0.0  0.0 112808   968 pts/0    S+   15:28   0:00 grep --color=auto puppet
[root@node01 ~]# 

   Tips :puppet agent Although it's also a daemon working , But it's not primarily about providing services to the outside world , It works as a daemon , It's because it comes periodically to master Pull the configuration related to itself ; So it doesn't listen on any ports ;

   stay master End view the list of unlicensed certificates

[root@master ~]# puppet cert list
  "node01.test.org" (SHA256) AD:01:59:E7:6C:97:E7:5E:67:09:B9:52:94:0D:37:89:82:8B:EE:49:BB:4D:FC:E1:51:64:BE:EF:71:47:15:11
  "node02.test.org" (SHA256) E1:EC:5B:0C:BF:B7:4C:B9:4F:10:A9:12:34:8B:7A:36:E3:A1:D4:EC:DD:DD:DC:F4:05:48:0B:85:B5:70:AC:28
[root@master ~]# 

   Tips :puppet By default, it will maintain one by itself ca, We just need to manage it with the corresponding sub commands ; The above command means to list the certificates that have not been issued ( That's what I received agent List of certificate issuing documents ); From the information above, you can see that now node01 and node02 No certificates have been issued ;

   stay master End issue certificate

[root@master ~]# puppet cert list
  "node01.test.org" (SHA256) AD:01:59:E7:6C:97:E7:5E:67:09:B9:52:94:0D:37:89:82:8B:EE:49:BB:4D:FC:E1:51:64:BE:EF:71:47:15:11
  "node02.test.org" (SHA256) E1:EC:5B:0C:BF:B7:4C:B9:4F:10:A9:12:34:8B:7A:36:E3:A1:D4:EC:DD:DD:DC:F4:05:48:0B:85:B5:70:AC:28
[root@master ~]# puppet cert sign node01.test.org
Notice: Signed certificate request for node01.test.org
Notice: Removing file Puppet::SSL::CertificateRequest node01.test.org at '/var/lib/puppet/ssl/ca/requests/node01.test.org.pem'
[root@master ~]# puppet cert list
  "node02.test.org" (SHA256) E1:EC:5B:0C:BF:B7:4C:B9:4F:10:A9:12:34:8B:7A:36:E3:A1:D4:EC:DD:DD:DC:F4:05:48:0B:85:B5:70:AC:28
[root@master ~]# puppet cert sign --all
Notice: Signed certificate request for node02.test.org
Notice: Removing file Puppet::SSL::CertificateRequest node02.test.org at '/var/lib/puppet/ssl/ca/requests/node02.test.org.pem'
[root@master ~]# puppet cert list
[root@master ~]# puppet cert list --all
+ "master.test.org" (SHA256) 0C:CC:20:EE:F5:FC:73:21:0B:15:73:EF:A5:0B:3A:F8:01:DB:F7:07:7C:DB:78:87:80:87:FC:F2:BF:E7:2F:30 (alt names: "DNS:master.test.org", "DNS:puppet", "DNS:puppet.test.org")
+ "node01.test.org" (SHA256) 34:BE:E1:1E:26:15:56:56:C3:A0:0D:FB:7F:01:B1:80:35:EC:1D:07:26:C7:05:CA:6E:19:8C:75:9A:A4:67:4E
+ "node02.test.org" (SHA256) E7:B6:B0:FD:04:61:A8:87:D9:E5:DA:51:8B:1D:E0:AD:11:F0:A2:65:43:6D:C4:8D:54:C8:75:8B:DF:CC:51:93
[root@master ~]# 

   Tips : To issue a certificate, you need to use cert sign+ The host name of the certificate to be issued ; If you don't want to sign off one by one , You can also use --all Option to issue all certificates that have not been issued ; Here we are puppet Of master/agent The model is set up ; We just need to follow up in master Define module and site list on the end ;

   Example : stay master To create a redis modular , The main function is to install and start redis, And let it be configured as master-slave replication mode ;

   stay master Create module directory structure on the end

[root@master ~]# mkdir -pv /etc/puppet/modules/redis/{manifests,files,templates,lib,spec,tests}
mkdir: created directory ‘/etc/puppet/modules/redis’
mkdir: created directory ‘/etc/puppet/modules/redis/manifests’
mkdir: created directory ‘/etc/puppet/modules/redis/files’
mkdir: created directory ‘/etc/puppet/modules/redis/templates’
mkdir: created directory ‘/etc/puppet/modules/redis/lib’
mkdir: created directory ‘/etc/puppet/modules/redis/spec’
mkdir: created directory ‘/etc/puppet/modules/redis/tests’
[root@master ~]# tree /etc/puppet/modules/redis/
/etc/puppet/modules/redis/
├── files
├── lib
├── manifests
├── spec
├── templates
└── tests

6 directories, 0 files
[root@master ~]# 

   stay /etc/puppet/modules/redis/manifests/ Create resource list under Directory

[root@master ~]# cat /etc/puppet/modules/redis/manifests/init.pp 
class redis{
        package{"redis":
                ensure  => installed,
        }
        service{"redis":
                ensure  => running,
                enable  => true,
                hasrestart      => true,
                restart => 'service redis restart',
        }
}
[root@master ~]# cat /etc/puppet/modules/redis/manifests/master.pp 
class redis::master($masterport='6379',$masterpass='admin') inherits redis {
        file{"/etc/redis.conf":
                ensure  => file,
                content => template('redis/redis-master.conf.erb'),
                owner   => 'redis',
                group   => 'root',
                mode    => '0644',
        }
        Service["redis"]{
                subscribe       => File["/etc/redis.conf"],
                restart => 'systemctl restart redis'
        }
}
[root@master ~]# cat /etc/puppet/modules/redis/manifests/slave.pp 
class redis::slave($masterip,$masterport='6379',$masterpass='admin') inherits redis {
        file{"/etc/redis.conf":
                ensure  => file,
                content => template('redis/redis-slave.conf.erb'),
                owner   => 'redis',
                group   => 'root',
                mode    => '0644',
        }
        Service["redis"]{
                subscribe       => File["/etc/redis.conf"],
                restart => 'systemctl restart redis'
        }
}
[root@master ~]# 

   stay templates Directory create the corresponding template file

  redis-master.conf.erb The contents of the document

[root@master ~]# cat /etc/puppet/modules/redis/templates/redis-master.conf.erb
bind 0.0.0.0
protected-mode yes
port <%= @masterport %>
tcp-backlog 511
timeout 0
tcp-keepalive 300
daemonize no
supervised no
pidfile /var/run/redis_6379.pid
loglevel notice
logfile /var/log/redis/redis.log
databases 16
requirepass <%= @masterpass %>
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /var/lib/redis
slave-serve-stale-data yes
slave-read-only yes
repl-diskless-sync no
repl-diskless-sync-delay 5
repl-disable-tcp-nodelay no
slave-priority 100
appendonly no
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
lua-time-limit 5000
slowlog-log-slower-than 10000
slowlog-max-len 128
latency-monitor-threshold 0
notify-keyspace-events ""
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
list-max-ziplist-size -2
list-compress-depth 0
set-max-intset-entries 512
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
hll-sparse-max-bytes 3000
activerehashing yes
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit slave 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
aof-rewrite-incremental-fsync yes
[root@master ~]# 
View Code

  redis-slave.conf.erb The contents of the document

[root@master ~]# cat /etc/puppet/modules/redis/templates/redis-slave.conf.erb
bind 0.0.0.0
protected-mode yes
port 6379
tcp-backlog 511
timeout 0
tcp-keepalive 300
daemonize no
supervised no
pidfile /var/run/redis_6379.pid
loglevel notice
logfile /var/log/redis/redis.log
databases 16
slaveof <%= @masterip %> <%= @masterport %>
masterauth <%= @masterpass %>
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /var/lib/redis
slave-serve-stale-data yes
slave-read-only yes
repl-diskless-sync no
repl-diskless-sync-delay 5
repl-disable-tcp-nodelay no
slave-priority 100
appendonly no
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
lua-time-limit 5000
slowlog-log-slower-than 10000
slowlog-max-len 128
latency-monitor-threshold 0
notify-keyspace-events ""
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
list-max-ziplist-size -2
list-compress-depth 0
set-max-intset-entries 512
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
hll-sparse-max-bytes 3000
activerehashing yes
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit slave 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
aof-rewrite-incremental-fsync yes
[root@master ~]# 
View Code

  redis Module directory and file storage , And the template file needs to pass parameters

[root@master ~]# tree /etc/puppet/modules/redis/
/etc/puppet/modules/redis/
├── files
├── lib
├── manifests
│   ├── init.pp
│   ├── master.pp
│   └── slave.pp
├── spec
├── templates
│   ├── redis-master.conf.erb
│   └── redis-slave.conf.erb
└── tests

6 directories, 5 files
[root@master ~]# grep -Ei "^port|requirepass|masterauth|slaveof" /etc/puppet/modules/redis/templates/redis-master.conf.erb 
port <%= @masterport %>
requirepass <%= @masterpass %>
[root@master ~]# grep -Ei "^port|requirepass|masterauth|slaveof" /etc/puppet/modules/redis/templates/redis-slave.conf.erb 
port 6379
slaveof <%= @masterip %> <%= @masterport %>
masterauth <%= @masterpass %>
[root@master ~]# 

   Tips : Here we are redis The module is ready ;

   Define site manifest file

[root@master ~]# cat /etc/puppet/manifests/site.pp
node 'node01.test.org'{
	class{"redis::master":
		masterport	=> "6379",
		masterpass	=> "admin123.com"
	}
}
node 'node02.test.org'{
	class{"redis::slave":
		masterip	=> '192.168.16.152',
		masterport	=> '6379',
		masterpass	=> 'admin123.com'
	}
}
[root@master ~]# 

   Tips : Site list must be in /etc/puppet/manifests/ Under the table of contents , The name must be site.pp, Its content must be by keywords node To define the resources to be applied to a host or a class of hosts ; Site listing can also use class inheritance, which is similar to what we use when defining classes ;

   stay node01 Get your own configuration on

   Tips : You can see in the node01 Manually pull the configuration from the top to get the corresponding configuration ;

   Cancel --noop Run through the options , Look at the corresponding to redis Whether to start ? Whether or not the configuration file is specified by us to configure ?

[root@node01 ~]# puppet agent -v --no-daemonize 
Notice: Starting Puppet client version 3.6.2
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for node01.test.org
Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false.
   (at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default')
Info: Applying configuration version '1607328529'
Info: /Stage[main]/Redis::Master/File[/etc/redis.conf]: Filebucketed /etc/redis.conf to puppet with sum d43fae161baaf47638d0bb571785974d
Notice: /Stage[main]/Redis::Master/File[/etc/redis.conf]/content: content changed '{md5}d43fae161baaf47638d0bb571785974d' to '{md5}32a39b519eb7a9f70a4bdf4705a7afc0'
Notice: /Stage[main]/Redis::Master/File[/etc/redis.conf]/mode: mode changed '0640' to '0644'
Info: /Stage[main]/Redis::Master/File[/etc/redis.conf]: Scheduling refresh of Service[redis]
Info: /Stage[main]/Redis::Master/File[/etc/redis.conf]: Scheduling refresh of Service[redis]
Notice: /Stage[main]/Redis/Service[redis]/ensure: ensure changed 'stopped' to 'running'
Info: /Stage[main]/Redis/Service[redis]: Unscheduling refresh on Service[redis]
Notice: Finished catalog run in 0.32 seconds
^CNotice: Caught INT; calling stop
[root@node01 ~]# ss -tnl
State      Recv-Q Send-Q                    Local Address:Port                                   Peer Address:Port              
LISTEN     0      128                                   *:22                                                *:*                  
LISTEN     0      100                           127.0.0.1:25                                                *:*                  
LISTEN     0      128                                   *:6379                                              *:*                  
LISTEN     0      128                                [::]:22                                             [::]:*                  
LISTEN     0      100                               [::1]:25                                             [::]:*                  
[root@node01 ~]# grep -Ei "^port|bind|requirepass" /etc/redis.conf 
bind 0.0.0.0
port 6379
requirepass admin123.com
[root@node01 ~]# 

   Tips : You can see node01 Upper reids It's started normally , And the content of the configuration file is also the content of the parameters we pass ;

   stay node02 Manually pull the configuration and run it , Look at the corresponding redis Is it working ? Whether the configuration file under the configuration file is the configuration file of the parameters we specify to be passed ?

[root@node02 ~]# puppet agent -v --no-daemonize 
Notice: Starting Puppet client version 3.6.2
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for node02.test.org
Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false.
   (at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default')
Info: Applying configuration version '1607328529'
Notice: /Stage[main]/Redis/Package[redis]/ensure: created
Info: FileBucket got a duplicate file {md5}d98629fded012cd2a25b9db0599a9251
Info: /Stage[main]/Redis::Slave/File[/etc/redis.conf]: Filebucketed /etc/redis.conf to puppet with sum d98629fded012cd2a25b9db0599a9251
Notice: /Stage[main]/Redis::Slave/File[/etc/redis.conf]/content: content changed '{md5}d98629fded012cd2a25b9db0599a9251' to '{md5}d1f0efeaee785f0d26eb2cd82acaf1f9'
Notice: /Stage[main]/Redis::Slave/File[/etc/redis.conf]/mode: mode changed '0640' to '0644'
Info: /Stage[main]/Redis::Slave/File[/etc/redis.conf]: Scheduling refresh of Service[redis]
Info: /Stage[main]/Redis::Slave/File[/etc/redis.conf]: Scheduling refresh of Service[redis]
Notice: /Stage[main]/Redis/Service[redis]/ensure: ensure changed 'stopped' to 'running'
Info: /Stage[main]/Redis/Service[redis]: Unscheduling refresh on Service[redis]
Notice: Finished catalog run in 10.62 seconds
^CNotice: Caught INT; calling stop
[root@node02 ~]# ss -tnl
State      Recv-Q Send-Q                    Local Address:Port                                   Peer Address:Port              
LISTEN     0      128                                   *:22                                                *:*                  
LISTEN     0      100                           127.0.0.1:25                                                *:*                  
LISTEN     0      128                                   *:6379                                              *:*                  
LISTEN     0      128                                [::]:22                                             [::]:*                  
LISTEN     0      100                               [::1]:25                                             [::]:*                  
[root@node02 ~]# grep -Ei "^port|requirepass|slaveof|masterauth" /etc/redis.conf
port 6379
slaveof 192.168.16.152 6379
masterauth admin123.com
[root@node02 ~]# 

   Tips : You can see node02 Upper redis It's running normally , And the corresponding parameter in the configuration file is also the parameter passed in for the specified ;

   verification : stay node01 Log on redis, Create a key, Look at the corresponding node02 Upper redis Whether it is normal will node01 Created on key Synchronize to node02 Upper redis On ?

[root@node01 ~]# redis-cli 
127.0.0.1:6379> AUTH admin123.com
OK
127.0.0.1:6379> set test test
OK
127.0.0.1:6379> get test
"test"
127.0.0.1:6379> exit
[root@node01 ~]# redis-cli  -h node02.test.org -a admin123.com 
node02.test.org:6379> get test
"test"
node02.test.org:6379> 

   Tips : You can see in the node01 Upper redis Write a key stay node02 You can see the corresponding key Value , explain redis The master-slave copy is normal ; That's all puppet master/agent Install and start on the model redis A simple example of a master-slave ;

  puppet Multiple environment settings

   The so-called multi environment refers to one agent By specifying a different environment name , Can be in master Get the configuration list of different environments on , In order to achieve in different environments , Corresponding agent Pull different configurations to local applications ; Multi environment is not configured by default , stay agent Come on master Pull configuration is the configuration of the pull production environment (production);

   Example : stay master Configure multiple environments on the end , The corresponding node uses to transfer different environments to obtain the configuration of different environments

   Tips : stay master The end-end configuration file is updated with more than master Configuration section , And specify environmentpath Location ; Here we need to pay attention to , Changes to the configuration file need to restart the service to take effect ;

   see confdir The location of

[root@master ~]# puppet config print |grep confdir
confdir = /etc/puppet
[root@master ~]# 

   stay /etc/puppet Create under directory environments Catalog , And create the corresponding environment name directory and subdirectory under it

[root@master ~]# mkdir -pv /etc/puppet/environments/{testing,development,production}/{manifests,modules}
mkdir: created directory ‘/etc/puppet/environments’
mkdir: created directory ‘/etc/puppet/environments/testing’
mkdir: created directory ‘/etc/puppet/environments/testing/manifests’
mkdir: created directory ‘/etc/puppet/environments/testing/modules’
mkdir: created directory ‘/etc/puppet/environments/development’
mkdir: created directory ‘/etc/puppet/environments/development/manifests’
mkdir: created directory ‘/etc/puppet/environments/development/modules’
mkdir: created directory ‘/etc/puppet/environments/production’
mkdir: created directory ‘/etc/puppet/environments/production/manifests’
mkdir: created directory ‘/etc/puppet/environments/production/modules’
[root@master ~]# tree /etc/puppet/environments/
/etc/puppet/environments/
├── development
│   ├── manifests
│   └── modules
├── production
│   ├── manifests
│   └── modules
└── testing
    ├── manifests
    └── modules

9 directories, 0 files
[root@master ~]# 

   Tips : In each environment directory, you must create manifests and modules Catalog ,manifests The directory is used to hold the list of sites ,modules For storing modules ;

   stay testing Create and install under the environment memcached, And specify the listener in 11211 Port module and site list , To configure development In the environment memcached Monitor in 11212 port , To configure prediction Environmental memcached Monitor in 11213 port

   establish memcached Module directory structure

[root@master ~]# mkdir -pv /etc/puppet/environments/testing/modules/memcached/{manifests,templates,files,lib,spec,tests}
mkdir: created directory ‘/etc/puppet/environments/testing/modules/memcached’
mkdir: created directory ‘/etc/puppet/environments/testing/modules/memcached/manifests’
mkdir: created directory ‘/etc/puppet/environments/testing/modules/memcached/templates’
mkdir: created directory ‘/etc/puppet/environments/testing/modules/memcached/files’
mkdir: created directory ‘/etc/puppet/environments/testing/modules/memcached/lib’
mkdir: created directory ‘/etc/puppet/environments/testing/modules/memcached/spec’
mkdir: created directory ‘/etc/puppet/environments/testing/modules/memcached/tests’
[root@master ~]# tree /etc/puppet/environments/testing/modules/memcached/
/etc/puppet/environments/testing/modules/memcached/
├── files
├── lib
├── manifests
├── spec
├── templates
└── tests

6 directories, 0 files
[root@master ~]# 

   stay testing In the environment manifests Create under directory init.pp file

[root@master ~]# cat /etc/puppet/environments/testing/modules/memcached/manifests/init.pp
class memcached{
	package{"memcached":
		ensure	=> installed,
	} ->
	file{"/etc/sysconfig/memcached":
		ensure	=> file,
		source	=> 'puppet:///modules/memcached/memcached',
		owner	=> 'root',
		group	=> 'root',
		mode	=> '0644',
	} ~>
	service{"memcached":
		ensure	=> running,
		enable	=> true
	}
}
[root@master ~]# 

   stay testing In the environment files Catalog provided memcached The configuration file

[root@master ~]# cat /etc/puppet/environments/testing/modules/memcached/files/memcached 
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS=""
[root@master ~]# 

   stay testing In the environment manifests Directory to create site files site.pp

[root@master ~]# cat /etc/puppet/environments/testing/manifests/site.pp 
node 'node02.test.org'{
	include memcached
}
[root@master ~]# 

   Tips : Here we are testing Environmental memcached The configuration of the module and the list of sites are configured ;

   To configure development In the environment memcached List of modules and sites

   Copy testing Module in the environment to development

[root@master ~]# cp -a /etc/puppet/environments/testing/modules/memcached/ /etc/puppet/environments/development/modules/
[root@master ~]# tree /etc/puppet/environments/development/modules/
/etc/puppet/environments/development/modules/
└── memcached
    ├── files
    │   └── memcached
    ├── lib
    ├── manifests
    │   └── init.pp
    ├── spec
    ├── templates
    └── tests

7 directories, 2 files
[root@master ~]# 

   edit files In the catalog memcached The configuration file , Modify the listening port to 11212

[root@master ~]# cat /etc/puppet/environments/development/modules/memcached/files/memcached
PORT="11212"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS=""
[root@master ~]# 

   Tips :testing and development In the environment memcached Except that the configuration files are different , The site list is the same ;

   Copy testing Site list under the environment to development In the environment

[root@master ~]# cp /etc/puppet/environments/testing/manifests/site.pp /etc/puppet/environments/development/manifests/
[root@master ~]# cat /etc/puppet/environments/development/manifests/site.pp 
node 'node02.test.org'{
	include memcached
}
[root@master ~]# 

   Tips : Here we are development Environment to memcached The module and site manifest files are configured ;

   To configure production In the environment memcached List of modules and sites  

   Copy testing Environment to memcached modular

[root@master ~]# cp -a /etc/puppet/environments/testing/modules/memcached/ /etc/puppet/environments/production/modules/
[root@master ~]# tree /etc/puppet/environments/production/modules/
/etc/puppet/environments/production/modules/
└── memcached
    ├── files
    │   └── memcached
    ├── lib
    ├── manifests
    │   └── init.pp
    ├── spec
    ├── templates
    └── tests

7 directories, 2 files
[root@master ~]# 

   edit files In the catalog memcached The configuration file , Modify the listening port to 11213

[root@master ~]# cat /etc/puppet/environments/production/modules/memcached/files/memcached
PORT="11213"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS=""
[root@master ~]# 

   Copy site files to production In the environment

[root@master ~]# cp /etc/puppet/environments/testing/manifests/site.pp /etc/puppet/environments/production/manifests/
[root@master ~]# cat /etc/puppet/environments/production/manifests/site.pp 
node 'node02.test.org'{
	include memcached
}
[root@master ~]# 

   Tips : Here are three environments to memcached Modules and site lists are ready ;

   stay node02 Use a different environment to start listening to different ports on memcached

   Use testing Environmental Science

[root@node02 ~]# puppet agent -v --no-daemonize --environment=testing 
Notice: Starting Puppet client version 3.6.2
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for node02.test.org
Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false.
   (at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default')
Info: Applying configuration version '1607334372'
Notice: /Stage[main]/Memcached/Service[memcached]/ensure: ensure changed 'stopped' to 'running'
Info: /Stage[main]/Memcached/Service[memcached]: Unscheduling refresh on Service[memcached]
Notice: Finished catalog run in 0.29 seconds
^CNotice: Caught INT; calling stop
[root@node02 ~]# ss -tnl
State      Recv-Q Send-Q                    Local Address:Port                                   Peer Address:Port              
LISTEN     0      128                                   *:22                                                *:*                  
LISTEN     0      100                           127.0.0.1:25                                                *:*                  
LISTEN     0      128                                   *:11211                                             *:*                  
LISTEN     0      128                                   *:6379                                              *:*                  
LISTEN     0      128                                [::]:22                                             [::]:*                  
LISTEN     0      100                               [::1]:25                                             [::]:*                  
LISTEN     0      128                                [::]:11211                                          [::]:*                  
[root@node02 ~]# 

   Tips : You can see in the node02 Upper use --envrionment The option is specified as testing Environmental Science , Corresponding to the activated memcached The port is 11211;

   Use development Environmental Science

[root@node02 ~]# puppet agent -v --no-daemonize --environment=development
Notice: Starting Puppet client version 3.6.2
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for node02.test.org
Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false.
   (at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default')
Info: Applying configuration version '1607334662'
Info: /Stage[main]/Memcached/File[/etc/sysconfig/memcached]: Filebucketed /etc/sysconfig/memcached to puppet with sum 05503957e3796fbe6fddd756a7a102a0
Notice: /Stage[main]/Memcached/File[/etc/sysconfig/memcached]/content: content changed '{md5}05503957e3796fbe6fddd756a7a102a0' to '{md5}b69eb8ec579bb28f4140f7debf17f281'
Info: /Stage[main]/Memcached/File[/etc/sysconfig/memcached]: Scheduling refresh of Service[memcached]
Notice: /Stage[main]/Memcached/Service[memcached]: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 0.34 seconds
^CNotice: Caught INT; calling stop
[root@node02 ~]# ss -tnl
State      Recv-Q Send-Q                    Local Address:Port                                   Peer Address:Port              
LISTEN     0      128                                   *:22                                                *:*                  
LISTEN     0      100                           127.0.0.1:25                                                *:*                  
LISTEN     0      128                                   *:6379                                              *:*                  
LISTEN     0      128                                   *:11212                                             *:*                  
LISTEN     0      128                                [::]:22                                             [::]:*                  
LISTEN     0      100                               [::1]:25                                             [::]:*                  
LISTEN     0      128                                [::]:11212                                          [::]:*                  
[root@node02 ~]# 

   Tips : You can see the use of development Environmental Science , Corresponding to the activated memcached The port of is 11212;

   Use production Environmental Science

[root@node02 ~]# puppet agent -v --no-daemonize --environment=production
Notice: Starting Puppet client version 3.6.2
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for node02.test.org
Warning: The package type's allow_virtual parameter will be changing its default value from false to true in a future release. If you do not want to allow virtual packages, please explicitly set allow_virtual to false.
   (at /usr/share/ruby/vendor_ruby/puppet/type.rb:816:in `set_default')
Info: Applying configuration version '1607334761'
Info: /Stage[main]/Memcached/File[/etc/sysconfig/memcached]: Filebucketed /etc/sysconfig/memcached to puppet with sum b69eb8ec579bb28f4140f7debf17f281
Notice: /Stage[main]/Memcached/File[/etc/sysconfig/memcached]/content: content changed '{md5}b69eb8ec579bb28f4140f7debf17f281' to '{md5}f7cdb226870b0164bbdb8671eb11e433'
Info: /Stage[main]/Memcached/File[/etc/sysconfig/memcached]: Scheduling refresh of Service[memcached]
Notice: /Stage[main]/Memcached/Service[memcached]: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 0.33 seconds
^CNotice: Caught INT; calling stop
[root@node02 ~]# ss -tnl
State      Recv-Q Send-Q                    Local Address:Port                                   Peer Address:Port              
LISTEN     0      128                                   *:22                                                *:*                  
LISTEN     0      100                           127.0.0.1:25                                                *:*                  
LISTEN     0      128                                   *:6379                                              *:*                  
LISTEN     0      128                                   *:11213                                             *:*                  
LISTEN     0      128                                [::]:22                                             [::]:*                  
LISTEN     0      100                               [::1]:25                                             [::]:*                  
LISTEN     0      128                                [::]:11213                                          [::]:*                  
[root@node02 ~]# 

   Tips : You can see memcached The listening address becomes 11213; If there is no problem with the above test , Then you can determine the corresponding agent Environment , To configure agent Environment ;

   To configure agent End environment

   Tips : stay agent Is used in the configuration file environment Specify the corresponding environment name , Save exit restart puppetagent service , Now this one agent It's going to happen periodically master End pull testing Configuration of the environment ;

   That's all puppet Of master/agent The use and testing of model and multi environment related configuration ;

版权声明
本文为[Linux-1874]所创,转载请带上原文链接,感谢
https://chowdera.com/2020/12/20201207194227539t.html