sudo管理和mysql的安装—puppet系列
<p><span>云计算时代系统管理员会经常陷入一系列的重复任务中,如安装或重装系统,升级软件包,管理配置文件,添加、管理和配置系统服务等等,成百上千台服务器,够让我们抓狂的,因此自动化就非常有必要了。</span></p><p>Puppet 是一个客户端/服务器(C/S)架构的配置管理工具,在中央服务器上安装 puppet-server 服务器(puppet master),在需要被管理的目标服务器上安装 puppet 客户端软件(puppet client)。当客户端连接上服务器后,定义在服务器上的配置文件会被编译,然后在客户端上运行。客户端每隔半小时主动会和服务器通信一次,确认配置信息的更新情况,如果有新的配置信息(或者配置有变化),配置文件将会被重新编译并分发到客户端执行。当然,也可以在服务器上主动触发更新指令来强制各客户端进行配置更新。</p>
<p>以下步骤除非有标明,都是在server端设置</p>
<p><strong>一、sudo管理</strong></p>
<p>1、主资源配置文件:/etc/puppet/mainfests/site.pp</p><pre class="brush:bash;toolbar:false"># cat /etc/puppet/manifests/site.pp
import 'nodes.pp'
$puppetserver = 'vmserver62'</pre><p>注意:加载在/etc/puppet/mainfests/nodes目录中的所有文件都是以.pp结尾</p>
<p><strong>2、设置节点:</strong></p><pre class="brush:bash;toolbar:false"># cat /etc/puppet/manifests/noded.pp
node 'vmclient63' { ---说明在哪一个节点生效
include sudo --读取sudo模块
}</pre><p><strong>3、定义模块</strong></p>
<p>a、创建模块目录:</p><pre class="brush:bash;toolbar:false"># mkdir /etc/puppet/modules</pre><p>b、在模块目录中创建sudo模块:</p><pre class="brush:bash;toolbar:false"># mkdir /etc/puppet/modules/sudo</pre><p>c、在sudo模块中创建需要的基本目录:</p><pre class="brush:bash;toolbar:false"># mkdir -p /etc/puppet/modules/sudo/{files,manifests,templates}</pre><p>d、在sudo模块的manifests目录中必须创建模块的具体资源定义文件:</p><pre class="brush:bash;toolbar:false"># vi /etc/puppet/modules/sudo/manifests/init.pp
class sudo {
package { sudo: ensure => present } ---判断sudo是否安装,没有就安装
file { "/etc/sudoers": ---文件资源
owner => "root", ---文件所属人员
group => "root",
mode => 0440, ---文件的权限
source => "puppet:///modules/sudo/etc/sudoers", ---定义配置文件sudoers从puppet服务器读取,从:/etc/puppet/modules/sudo/files/etc/sudoers 读取文件,模块目录files为文件类型资源的根目录
require => Package["sudo"] } ---定义依赖,需要执行package,才能执行这一步
}</pre><p><strong>4、文件夹权限设置</strong></p><pre class="brush:bash;toolbar:false"># mkdir /etc/puppet/modules/sudo/files/etc
# cp /etc/sudoers /etc/puppet/modules/sudo/files/etc/sudoers
# chown-R puppet.puppet /etc/puppet</pre><p><strong>二、mysql安装</strong></p>
<p>1、创建mysql模块目录</p><pre class="brush:bash;toolbar:false"># mkdir -p /etc/puppet/modules/mysql/{files,manifests,templates}</pre><p>2、创建mysql::install类</p><pre class="brush:bash;toolbar:false"># vi /etc/puppet/modules/mysql/manifests/install.pp
class mysql::install {
package { "mysql-server": ---yum安装mysql-server包
ensure => present,
require => User["mysql"] ---定义mysql用户为mysql
}
user { "mysql":
ensure => present, ---判断是否有mysql用户,没有就创建
comment => "MySQL user", ---用户的描述信息
gid => "mysql",
shell => "/sbin/nologin", ---mysql用户的shell信息
require => Group["mysql"] ---定义依赖的group资源中的mysql组
}
group { "mysql":
ensure => present
}
}</pre><p>3、创建mysql::config子类</p><pre class="brush:bash;toolbar:false">#cp /etc/my.cnf /etc/puppet/modules/mysql/files/my.cnf
# vi /etc/puppet/modules/mysql/manifests/config.pp
class mysql::config {
file { "/etc/my.cnf":
ensure => present,
source => "puppet:///modules/mysql/my.cnf", ---从puppet服务端下载my.cnf文件,下载的实际路径为:/etc/puppet/modules/mysql/files/my.cnf,所以这一步一开始就要拷贝文件
require => Class["mysql::install"], ---调用依赖子类mysql::install
notify => Class["mysql::service"] ---依赖mysql:service重启服务重新加载配置文件
}
}</pre><p>4、创建mysql::service子类</p><pre class="brush:bash;toolbar:false"># vi /etc/puppet/modules/mysql/manifests/service.pp
class mysql::service {
service { "mysqld":
ensure => running, ---确定mysql服务是启动状态
require => Class["mysql::install","mysql::config"]
}
}</pre><p>5、在manifests目录中创建mysql类</p><pre class="brush:bash;toolbar:false"># vi /etc/puppet/modules/mysql/manifests/init.pp
class mysql {
include mysql::install,mysql::config,mysql::service
}</pre><p>6、在/etc/puppet/manifests/nodes/node1.pp中加载mysql类</p><pre class="brush:bash;toolbar:false"># cat /etc/puppet/manifests/nodes/node1.pp
node 'vmclient63' ---指定节点
{include sudo,mysql}</pre><p>7、重启puppetmaster</p><pre class="brush:bash;toolbar:false">#/etc/init.d/puppetmaster restart</pre><p><strong>客户端设置:</strong></p>
<p>1、在/etc/puppet/puppet.conf 文件中的下面添加两行</p><pre class="brush:bash;toolbar:false">authconfig = /etc/puppet/namespaceauth.conf
listen = true</pre><p>2、在文件/etc/puppet/namespaceauth.conf中修改</p>
<p><img src="https://zhuji.jb51.net/uploads/img/20230519/59e6770089d41ab20e9df5c81d48a283.jpg" width="493" height="186"></p>
<p>3、/etc/puppet/auth.conf 文件最后添加三行</p><pre class="brush:bash;toolbar:false">path /
auth any
allow *</pre><p>4、重启客户端</p><pre class="brush:bash;toolbar:false"># /etc/init.d/puppet restart
Stopping puppet: [ OK ]
Starting puppet: [ OK ]</pre><p>服务端开始通知客户端更新</p><pre class="brush:bash;toolbar:false"># puppetrun -p 10 --host vmclient63
Triggering vmclient63
Getting status
status is running
Host vmclient63 is already running
vmclient63 finished with exit code 3
Failed: vmclient63 ---这个是由于本人hostname不规范</pre><p>查看服务端日志/var/log/message</p>
<p><img src="https://zhuji.jb51.net/uploads/img/20230519/9b334c845ba7bc4b567bf860e12c4c95.jpg" width="737" height="94"></p>
<p>查看客户端日志/var/log/message</p>
<p><img src="https://zhuji.jb51.net/uploads/img/20230519/4c0e7d5f03a2bc8b56e1fda6766e4b4c.jpg" width="902" height="126"></p>
<p>可以查看客户端信息</p>
<p><img src="https://zhuji.jb51.net/uploads/img/20230519/3f009de3e7e1b6274ff94163c983ce24.jpg" width="466" height="36"></p>
<p>如需转载请注明出处: http://www.ttlsa.com/html/2755.html</p>
頁:
[1]