溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
puppet的基礎環境介紹:
puppet服務器和客戶端都已下載了epel的外部yum源,都已通過yum程序自動安裝了puppet程序,過程比較簡單,這里就不一一介紹了,機器都放置在同一局域網內,cn7788.com的域名,內部有內網DNS環境,沒有用LDP作為域控,局域網還有其它客戶端,由于不需要使用puppet環境,所以就不一一介紹了。
server.cn7788.com 192.168.1.124 puppet-master client.cn7788.com 192.168.1.125 puppet-client lamp.cn7788.com 192.168.1.126 puppet-client xen.cn7788.com 192.168.1.144 puppet-client
大家可以將上面的域名對應關系可將其都寫在各自機器的/etc/hosts文件里,在各個puppet客戶端上建議ntpdate精準對時(因為puppet的證書對時間要求嚴格),不然puppet-client連接時會報如下錯誤:
warning: peer certificate won't be verified in thisSSL session info: Caching certificate for client.cn7788.com info: Caching certificate_revocation_list for ca err: Could not retrieve catalog from remote server:certificate verify failed. This is oftenbecause the time is out of sync on the server or client warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run err: Could not send report: certificate verifyfailed. This is often because the timeis out of sync on the server or client
需求如下:客戶機機器xen.cn7788.com和lamp.cn7788.com沒有安裝nagios客戶端程序,這時想過通過puppet-server推送SHELL腳本自動安裝,其它的客戶端暫時沒這么需求,這個應該如何實現呢?
由于客戶端節點機器比較多,所以這里需要用到節點和模塊的概念,這里我們先建立名為nagioscli的模塊,如下所示:
mkdir -p/etc/puppet/modules/nagioscli/{manifests,files,templates}files目錄下的nagioscli.sh文件內容如下所示:
#!/bin/bash useradd nagios cd /usr/local/src wget wget http://syslab.comsenz.com/downloads/linux/nagios-plugins-1.4.13.tar.gz wget http://syslab.comsenz.com/downloads/linux/nrpe-2.12.tar.gz tar zxvf nagios-plugins-1.4.13.tar.gz cd nagios-plugins-1.4.13 ./configure make make install chown nagios:nagios /usr/local/nagios chown -R nagios:nagios /usr/local/nagios/libexec cd ../ tar zxvf nrpe-2.12.tar.gz cd nrpe-2.12 ./configure make all make install-plugin make install-daemon make install-daemon-config sed -i's@allowed_hosts=127.0.0.1@allowed_hosts=114.112.11.11@'/usr/local/nagios/etc/nrpe.cfg #114.112.11.11為nagios服務器的IP地址,這個可以根據實際需求更改。 /usr/local/nagios/bin/nrpe -c/usr/local/nagios/etc/nrpe.cfg -d echo "/usr/local/nagios/bin/nrpe -c/usr/local/nagios/etc/nrpe.cfg -d" >> /etc/rc.local
site.pp文件內容如下:
import "node.pp"
這里擴展了site.pp文件內容,它會載入node.pp文件,這樣puppet-master在啟動的時候,就會自動截入并處理node.pp文件了。
node.pp文件內容如下所示:
node 'lamp.cn7788.com'{
file
{"/usr/local/src/nagioscli.sh":
source =>"puppet://server.cn7788.com/modules/nagioscli/nagioscli.sh",
group => root,
owner => root,
mode => 755,
}
exec {
"auto install naigios client":
command =>"sh /usr/local/src/nagioscli.sh",
user =>"root",
path =>["/usr/bin","/usr/sbin","/bin","/bin/sh"],
}
}
node 'xen.cn7788.com'{
file
{"/usr/local/src/nagioscli.sh":
source =>"puppet://server.cn7788.com/modules/nagioscli/nagioscli.sh ",
group => root,
owner => root,
mode =>644,
}
exec {
"auto install naigios client":
command =>"sh /usr/local/src/nagioscli.sh",
user =>"root",
path =>["/usr/bin","/usr/sbin","/bin","/bin/sh"],
}
}
node 'client.cn7788.com'{
}client.cn7788.com節點機器后面什么都沒有,則表示沒有任何操作在此節點機器上面,因為client機器也在puppet環境里,并配置成了自動連接,配置成如此,是防止自動連接時puppet頻繁報錯。
這里以xen.cn7788.com為例,在其主機上輸入如下命令:
puppetd --test --server server.cn7788.com
xen.cn7788.com上命令顯示結果如下所示:
info: Caching catalog for xen.cn7788.com
info: Applying configuration version '1382622383'
--- /usr/local/src/nagioscli.sh 2013-10-24 22:35:36.000000000 +0800
+++ /tmp/puppet-file.22857.0 2013-10-24 22:39:08.000000000 +0800
@@ -1,4 +1,5 @@
#!/bin/bash
+yum -y install httpd gcc gcc-c++ glibcglibc-common gd gd-devel
useraddnagios
cd/usr/local/src
wgetwget http://syslab.comsenz.com/downloads/linux/nagios-plugins-1.4.13.tar.gz
info: FileBucket adding{md5}f75e9aa3fc301c8e9c85f2677feaa9b5
info:/Stage[main]//Node[xen.cn7788.com]/File[/usr/local/src/nagioscli.sh]:Filebucketed /usr/local/src/nagioscli.sh to puppet with sumf75e9aa3fc301c8e9c85f2677feaa9b5
notice:/Stage[main]//Node[xen.cn7788.com]/File[/usr/local/src/nagioscli.sh]/content: contentchanged '{md5}f75e9aa3fc301c8e9c85f2677feaa9b5' to'{md5}a1ed4dc2b98450e3144530f32677f736'
notice:/Stage[main]//Node[xen.cn7788.com]/Exec[auto install naigios client]/returns:executed successfully
notice: Finished catalog run in 283.11 seconds執行時間比較長,總共耗時283.11秒,我們要檢查下xen.cn7788.com的節點機器上是否開啟了nrpe 進程,輸入命令如下所示:
ps aux | grep nrpe | grep –v grep
命令顯示結果如下所示:
nagios 22331 0.0 0.1 5108 924 ? Ss 22:35 0:00/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
我們檢查下/etc/rc.local,看此命令有沒有添加進去,命令如下:
grep -v"^#" /etc/rc.local
命令執行結果顯示如下所示:
touch /var/lock/subsys/local /usr/local/nagios/bin/nrpe -c/usr/local/nagios/etc/nrpe.cfg -d
檢查結果說明puppet-master的nagioscli模塊是正常的,lamp.cn7788.com的結果類似,這里就不再貼出檢測結果了,我們主要看下lamp.cn7788.com總共耗時多少,命令如下所示:
puppetd --test --serverserver.cn7788.com
結果如下所示:
info: Caching catalog for lamp.cn7788.com info: Applying configuration version '1382622383' notice: /Stage[main]//Node[lamp.cn7788.com]/Exec[autoinstall naigios client]/returns: executed successfully notice: Finished catalog run in 169.08 seconds
執行時間比較長,總共耗時169.08秒。
其實工作中像這種推送腳本執行的需求還是很多的,類似在各種不同名字的節點上執行的優化服務器命令、批量清除varnish緩存加速服務器緩存、根據機器名推送文件,我們只需要將此案例稍為變通下即可在工作中投入應用了。
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
