WenJunjie Blog

sysadmin

Puppet Install Module Example42

| Comments

Pre-Install Installing Puppet Post-Install Use Puppet

Pre-Install

OS: CentOS 5.7 Agent/Master: Puppet 3.0

pre-puppet-2.6 post-puppet-2.6 puppetmasterd puppet master puppetd puppet agent puppet puppet apply puppetca puppet cert ralsh puppet resource puppetrun puppet kick puppetqd puppet queue filebucket puppet filebucket puppetdoc puppet doc pi puppet describe

Network:

Firewalls: master –8139/tcp-> agent master <-manifests|8140/tcp– agent file <-8140/tcp– agent

lokkit -p 8140:tcp
lokkit -p 8139:tcp

Name resolution: /etc/hosts

FQDN

fqdn.sh

On Master Agent Nodes

vi /etc/hosts
192.168.1.26 master master.test.com localhost
192.168.1.25 client client.test.com localhost

Master

hostname master.test.com

Agent

hostname client.test.com
ntp

On Master Agent Nodes

yum install ntp -y
chkconfig ntpd on
ntpdate pool.ntp.org
service ntpd start

Installing Puppet

1. Choose a Package Source

Using Puppet Labs’ Packages

wget http://yum.puppetlabs.com/el/5/products/x86_64/puppetlabs-release-5-6.noarch.rpm
gpg --recv-key 4BD6EC30
gpg --list-sigs 4BD6EC30
gpg --list-key --fingerprint 4BD6EC30
gpg -a --export 4BD6EC30 > /tmp/key
rpm --import /tmp/key
yum install puppetlabs-release-5-6.noarch.rpm -y

Using EPEL

rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
yum install git

2. Install the Puppet Master

On Master Node

yum install puppet-server -y
chkconfig puppet on
service puppetmaster start

3. Install Puppet on Agent Nodes

On Agent Nodes

yum install puppet -y

Post-Install

Configure Puppet

Sign Node Certificates

On Agent Nodes [agent] server: puppet report: true pluginsync: true

vim /etc/puppet/puppet.conf
[agent]
server = master.test.com

ls /var/lib/puppet/
puppet agent --no-daemonize --onetime --verbose --debug
puppet agent --no-daemonize --onetime --verbose --debug --server=master.test.com

On Puppet Master

puppet cert list --all
puppet cert --sign client.test.com
puppet cert --debug --verbose --sign client.test.com
puppet cert list --all

Revoked Certificates

On Puppet Master

puppet cert revoke client.test.com
puppet cert --clean client.test.com
/etc/init.d/puppetmaster restart

On Puppet Nodes

rm -rf /var/lib/puppet/ssl

puppet agent -t

Autosign

On Puppet Master

vim /etc/puppet/puppet.conf
[main]
autosign=true
autosign = /etc/puppet/autosign.conf
cat > /etc/puppet/autosign.conf <<EOF
*.test.com
EOF
Test Manually

On Puppet Master

vim /etc/puppet/manifests/site.pp
node default {
        file {
                "/tmp/helloworld.txt": content => "hello, world\n";
        }
}

On Agent Node

puppet agent --test
puppet agent --test --server=master.test.com
cat /tmp/helloworld.txt
puppet agent --noop --test --server=master.test.com

Start and Enable the Puppet Services

puppet resource service puppet ensure=running enable=true
puppet resource service puppetmaster ensure=running enable=true

Using Puppet

Puppet Command

puppet --version
puppet config print modulepath
puppet agent -t --summarize 
puppet agent --no-daemonize --onetime --verbose --debug

Puppet Dashboard

yum install puppet-dashboard
/etc/init.d/mysqld start  #启动数据库
/usr/bin/mysqladmin -u root password 'new-password'
cd /usr/share/puppet-dashboard/
vim config/database.yml
production:
  database: dashboard_production
  username: dashboard
  password: 654321
  encoding: utf8
  adapter: mysql
  host: 192.168.1.26
  port: 63306
vim /usr/share/puppet-dashboard/config/environment.rb
#config.time_zone = 'UTC'
config.time_zone = 'Beijing'

rake RAILS_ENV=production db:create
rake RAILS_ENV=production db:migrate

On Puppet Master

vim /etc/puppet/puppet.conf
[main]
reports = store, http
reporturl = http://localhost:3000/reports/upload

/etc/init.d/puppetmaster start 
/etc/init.d/puppet-dashboard start
/etc/init.d/puppet-dashboard-workers start

On Agent Nodes

vim /etc/puppet/puppet.conf
[agent]
server = master.test.com
report = true
listen = true
runinterval = 600
vim /etc/puppet/auth.conf
path /run
method save
allow master.test.com
path /
auth any

/etc/init.d/puppet start

rake RAILS_ENV=production reports:import
rake RAILS_ENV=production reports:import EPORT_DIR=/path/to/your/reports
rake RAILS_ENV=production db:raw:optimize
rake RAILS_ENV=production reports:prune upto=1 unit=mon
rake RAILS_ENV=production FILE=/my/backup/file.sql db:raw:dump
rake RAILS_ENV=production FILE=/my/backup/file.sql db:raw:restore

Puppet Modules example42

apache, nginx, varnish php, ruby, tomcat mysql, pgsql, memcache

git clone --recursive -b 1.0 git://github.com/example42/puppet-modules.git
git clone --recursive git://github.com/example42/puppet-modules.git

On Puppet Master

cd /etc/puppet
git clone --recursive git://github.com/example42/puppet-modules-nextgen.git
vim puppet.conf
[master]
    modulepath = /etc/puppet/puppet-modules-nextgen
cat puppet-modules-nextgen/nginx/README.rdoc

vim manifests/site.pp 
node default {
        class { 'nginx':
        }        
}

node default {
        class { 'nginx':
        }
        class { 'apache':
                disable => true
        }
        class { 'php':
        }
        php::module { "pdo":
        }
        php::module { "gd":
        }
        php::module { "fpm":
        }
        php::module { "mysql":
        }
        php::module { "soap":
        }
        php::module { "zts":
        }
        php::module { "pecl-apc":
        }
        php::module { "pecl-memcache":
        }
        class { 'mysql':
        }
}

Install PHP-5.3 MySQL-5.5 Nginx-1.0

On Puppet Master

vim puppet-modules-nextgen/mysql/manifests/client.pp
 package { 'mysql55-client':
vim puppet-modules-nextgen/mysql/manifests/params.pp
    default => 'mysql55-server',

change httpd to nginx

vim puppet-modules-nextgen/php/params.pp
    default                   => 'nginx',

On Agent Node

rpm -Uvh http://repo.webtatic.com/yum/centos/5/latest.rpm
vim /etc/yum.repos.d/webtatic.repo
enabled=1
puppet agent --test --server=master.test.com

On Puppet Master

puppet kick -t c1.test.com

On Agent Node

/etc/init.d/nginx start
/etc/init.d/php-fpm start
/etc/init.d/mysql start

cat > /usr/share/nginx/html/phpinfo.php <<EOF
<?php phpinfo(); ?>
EOF

php /usr/share/nginx/html/phpinfo.php
php -m

Production Modules

base common firewall iptables ntp bind ssh users rsyslog sudo yum snmp puppet lvs haproxy hearbeat nginx php tomcat java mysql memcached redis cacti nagios nrpe vagrant

Specifying Puppet Nodes

cat /etc/puppet/manifests/site.pp
import "classes/*"

## Base Nodes

node default {
    include sudo
    include sshkeys
}

node appserverbasic {
    include django
    include apacheconf
    include app
}

node loadbalancer {
    include nginxlb
    include monitoring
}

## Specific Nodes

node 'fore.ducklington.org' inherits loadbalancer {
    include django
    include apacheconf
    include app
    include backups
}

node 'lb1.ducklington.org' inherits loadbalancer {
}

node 'lollipop.ducklington.org' inherits appserverbasic {
    include monitoring
    include backups
}

node 'test.lollipop.ducklington.org' inherits appserverbasic {
}

node 'monitoring1.ducklington.org', 'monitoring2.ducklington.org' {
    include monitoring
    include monitoringhub
}

Comments