Puppet 推送文件测试


创建模块目录结构

[root@lost1 modules]# tree /etc/puppet/modules/
/etc/puppet/modules/
└── push
    ├── files
    │   └── puppet-test
    ├── manifests
    │   └── init.pp
    └── templates
4 directories, 2 files

阅读全文

Puppet 证书管理


查看证书。

[root@lost1 ssl]# puppet cert --list --all
+ "lost1.com" (SHA256) 63:6B:DE:7E:E6:DA:68:71:90:23:42:64:19:9F:A1:36:B7:14:D8:56:3C:8E:AD:C9:E9:2E:DC:4E:81:FF:33:8F (alt names: "DNS:lost1.com", "DNS:puppet", "DNS:puppet.com")
+ "lost2.com" (SHA256) 56:BE:3A:B5:6C:5C:73:7E:31:0C:30:88:49:3E:9D:E5:37:D1:61:F9:C4:6C:66:75:46:0D:6A:4B:6D:8D:A6:99
+ "lost3.com" (SHA256) 8F:53:A5:BC:1E:BA:11:DF:AB:8E:86:C3:C9:5E:9C:F4:F2:67:E6:76:EA:E5:58:13:2D:B2:39:12:79:66:F2:A3

撤销证书。

[root@lost1 ssl]# puppet cert revoke lost2.com
Notice: Revoked certificate with serial 4
[root@lost1 ssl]# puppet cert --list --all
+ "lost1.com" (SHA256) 63:6B:DE:7E:E6:DA:68:71:90:23:42:64:19:9F:A1:36:B7:14:D8:56:3C:8E:AD:C9:E9:2E:DC:4E:81:FF:33:8F (alt names: "DNS:lost1.com", "DNS:puppet", "DNS:puppet.com")
+ "lost3.com" (SHA256) 8F:53:A5:BC:1E:BA:11:DF:AB:8E:86:C3:C9:5E:9C:F4:F2:67:E6:76:EA:E5:58:13:2D:B2:39:12:79:66:F2:A3
- "lost2.com" (SHA256) 56:BE:3A:B5:6C:5C:73:7E:31:0C:30:88:49:3E:9D:E5:37:D1:61:F9:C4:6C:66:75:46:0D:6A:4B:6D:8D:A6:99 (certificate revoked)

阅读全文

Puppet 安装部署


清空 iptables 规则

vim /etc/sysconfig/iptables
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT

设置 ntp

[root@lost1 test]# ntpdate pool.ntp.org
24 Feb 11:24:55 ntpdate[2540]: step time server 202.112.29.82 offset -28798.519271 sec
[root@lost2 test]# ntpdate pool.ntp.org
24 Feb 11:25:00 ntpdate[2648]: step time server 202.112.29.82 offset -28798.248673 sec
[root@lost3 test]# ntpdate pool.ntp.org
24 Feb 11:25:04 ntpdate[3528]: step time server 202.112.29.82 offset -28798.070055 sec

阅读全文