之前的博文介绍了Puppet的初始安装配置:
传送门:http://showerlee.blog.51cto.com/2047005/1205752
今天来介绍Puppet的具体实用功能,其实我的理解就是怎么偷懒,呵呵。
1.填充文件内容:
(server):
修改server端配置文件:
# vi /etc/puppet/manifests/site.pp
-----------------
node default{
file { "/tmp/test":
content=> "this is a test file";
}
}
-----------------
重启puppetmaster,更新配置文件信息。
# service puppetmaster restart
(client):
重启puppet(可不用重启)
# service puppet restart
同步文件:
# puppetd --server server.example.com --test
------------------
warning: peer certificate won't be verified in this SSL session
info: Caching certificate for client.example.com
info: Caching certificate_revocation_list for ca
info: Caching catalog for client.example.com
info: Applying configuration version '1369124449'
notice: /Stage[main]//Node[default]/File[/tmp/test]/ensure: defined content as '{md5}100b144907af2a4786003758a0a6a563'
info: Creating state file /var/lib/puppet/state/state.yaml
notice: Finished catalog run in 0.02 seconds
------------------
查看/tmp/test文件及文件内容
# cat /tmp/test
-----------
this is a test file
-----------
2.文件分发:
通过puppet可以向被管理机上推送文件,方法是使用file类型的source属性
1:修改/etc/puppet/fileserver.conf
2:修改/etc/puppet/manifests/site.pp
实例:要把server服务器上/root目录下的puppet-2.6.13.tar.gz传输至client服务器的/tmp目录下,文件名不变。
# vi /etc/puppet/fileserver.conf
----------------
[files]
path /root
allow 192.168.7.0/24
----------------
# vi /etc/puppet/manifests/site.pp
添加到node default{}内:
---------------
file { "/tmp/puppet-2.6.13.tar.gz":
source => "puppet://$puppetserver/files/puppet-2.6.13.tar.gz",
}
---------------
重启poppetmaster服务
# service poppetmaster restart
(client):
执行更新命令
# puppetd --test --server server.example.com
此处“$puppetserver”是puppet Server端的名称,即本机hostname,网上教程都是在hosts里
指定,生产环境下建议用内部的DNS上作解析
3.修改文件属性:
实例:把/tmp/puppet-2.6.13.tar.gz文件的权限改为puppet用户,并设置权限为777。
(server):
# vi /etc/puppet/manifests/site.pp
在source后添加:
---------------
file { "/tmp/puppet-2.6.13.tar.gz":
source => "puppet://$puppetserver/files/puppet-2.6.13.tar.gz",
owner => "puppet",
group => "puppet",
mode => 777,
}
--------------
重启poppetmaster服务
# service poppetmaster restart
(client):
执行更新命令
# puppetd --test --server server.example.com
4.执行SHELL命令或shell脚本:
实例:通过puppet分发执行shell脚本,在客户端的/tmp目录下执行test.sh脚本,该脚本实现在本目录创建一个testfile文件。
(server):
首先创建一个shell脚本test.sh,并保存在/etc/puppet/fileserver.conf配置文件中设置
的/root目录下
# cd /root
# vi test.sh
---------------
#!/bin/bash
/bin/touch /tmp/testfile
---------------
重启poppetmaster服务
# service poppetmaster restart
(client):
执行更新命令
# puppetd --test --server server.example.com
设置文件分发和权限分配:
# vi /etc/puppet/manifests/site.pp
添加到node default{}内:
----------------
file { "/tmp/test.sh":
source => "puppet://$puppetserver/files/test.sh",
owner => "puppet",
group => "puppet",
mode => 755,
}
exec { "exec-mkdir":
cwd => "/tmp",
command => "sh /tmp/test.sh",
user => "puppet",
path => "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin",
}
----------------
重启poppetmaster服务
# service poppetmaster restart
(client):
执行更新命令
# puppetd --test --server server.example.com
# ll /tmp
----------------------
.....
-rw-r--r-- 1 puppet root 0 5月 22 09:28 testfile
-rwxr-xr-x 1 puppet puppet 37 5月 22 09:28 test.sh
----------------------
5.服务启动及关闭:
可以通过puppet对一些服务进行重启,状态等操作。puppet是通过service命令操作的。所以,只能针对在/etc/init.d/目录下的服务
实例:把客户端的iptables服务关闭,并把nfs服务启动
# vi /etc/puppet/manifests/site.pp
添加到node default{}内:
---------------------
service {
"postfix":
ensure => stopped;
"nfs":
ensure => running;
}
--------------------
重启poppetmaster服务
# service poppetmaster restart
(client):
执行更新命令
# puppetd --test --server server.example.com
6.cron计划任务:
接上面的shell程序实例,在10:27执行test.sh
# vi /etc/puppet/manifests/site.pp
添加到node default{}内:
-----------------
cron { "cron-shell":
command => "sh /tmp/test.sh",
user => "puppet",
minute => "27",
hour => "10"
}
-----------------
(client):
执行更新命令
# puppetd --test --server server.example.com