之前的博文介绍了Puppet的初始安装配置:

传送门:http://showerlee.blog.51cto.com/2047005/1205752


今天来介绍Puppet的具体实用功能,其实我的理解就是怎么偷懒,呵呵。


1.填充文件内容:


(server):

修改server端配置文件:

# vi /etc/puppet/manifests/site.pp

-----------------

node default{

 file { "/tmp/test":

         content=> "this is a test file";

}

}

-----------------


重启puppetmaster,更新配置文件信息。

# service puppetmaster restart


(client):


重启puppet(可不用重启)

# service puppet restart


同步文件:

# puppetd --server server.example.com  --test

------------------

warning: peer certificate won't be verified in this SSL session

info: Caching certificate for client.example.com

info: Caching certificate_revocation_list for ca

info: Caching catalog for client.example.com

info: Applying configuration version '1369124449'

notice: /Stage[main]//Node[default]/File[/tmp/test]/ensure: defined content as '{md5}100b144907af2a4786003758a0a6a563'

info: Creating state file /var/lib/puppet/state/state.yaml

notice: Finished catalog run in 0.02 seconds

------------------


查看/tmp/test文件及文件内容


# cat /tmp/test

-----------

this is a test file

-----------


2.文件分发:


通过puppet可以向被管理机上推送文件,方法是使用file类型的source属性

1:修改/etc/puppet/fileserver.conf

2:修改/etc/puppet/manifests/site.pp


实例:要把server服务器上/root目录下的puppet-2.6.13.tar.gz传输至client服务器的/tmp目录下,文件名不变。


# vi /etc/puppet/fileserver.conf

----------------

[files]

path /root

allow 192.168.7.0/24

----------------


# vi /etc/puppet/manifests/site.pp

添加到node default{}内:

---------------

  file { "/tmp/puppet-2.6.13.tar.gz":

          source => "puppet://$puppetserver/files/puppet-2.6.13.tar.gz",

}

---------------

重启poppetmaster服务

# service poppetmaster restart


(client):


执行更新命令

# puppetd --test --server server.example.com


此处“$puppetserver”是puppet Server端的名称,即本机hostname,网上教程都是在hosts里


指定,生产环境下建议用内部的DNS上作解析




3.修改文件属性:


实例:把/tmp/puppet-2.6.13.tar.gz文件的权限改为puppet用户,并设置权限为777。


(server):


# vi /etc/puppet/manifests/site.pp

在source后添加:

---------------

file { "/tmp/puppet-2.6.13.tar.gz":

          source => "puppet://$puppetserver/files/puppet-2.6.13.tar.gz",

          owner => "puppet",

          group => "puppet",

          mode => 777,

  }

--------------


重启poppetmaster服务

# service poppetmaster restart


(client):


执行更新命令

# puppetd --test --server server.example.com




4.执行SHELL命令或shell脚本:


实例:通过puppet分发执行shell脚本,在客户端的/tmp目录下执行test.sh脚本,该脚本实现在本目录创建一个testfile文件。


(server):


首先创建一个shell脚本test.sh,并保存在/etc/puppet/fileserver.conf配置文件中设置


的/root目录下

# cd /root

# vi test.sh

---------------

#!/bin/bash

/bin/touch /tmp/testfile

---------------

重启poppetmaster服务

# service poppetmaster restart


(client):


执行更新命令

# puppetd --test --server server.example.com


设置文件分发和权限分配:


# vi /etc/puppet/manifests/site.pp

添加到node default{}内:

----------------

file { "/tmp/test.sh":

          source => "puppet://$puppetserver/files/test.sh",

          owner => "puppet",

          group => "puppet",

          mode => 755,

  }


exec { "exec-mkdir":

          cwd => "/tmp",

          command => "sh /tmp/test.sh",

          user => "puppet",

          path => "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin",

  }

----------------

重启poppetmaster服务

# service poppetmaster restart


(client):


执行更新命令

# puppetd --test --server server.example.com

# ll /tmp

----------------------

.....

-rw-r--r--  1 puppet root         0 5月  22 09:28 testfile

-rwxr-xr-x  1 puppet puppet      37 5月  22 09:28 test.sh

----------------------


5.服务启动及关闭:


可以通过puppet对一些服务进行重启,状态等操作。puppet是通过service命令操作的。所以,只能针对在/etc/init.d/目录下的服务


实例:把客户端的iptables服务关闭,并把nfs服务启动


# vi /etc/puppet/manifests/site.pp


添加到node default{}内:

---------------------

service {

           "postfix":

            ensure => stopped;

           "nfs":

            ensure => running;

          }

--------------------

重启poppetmaster服务

# service poppetmaster restart

(client):


执行更新命令

# puppetd --test --server server.example.com



6.cron计划任务:


接上面的shell程序实例,在10:27执行test.sh


# vi /etc/puppet/manifests/site.pp

添加到node default{}内:

-----------------

cron { "cron-shell":

           command => "sh /tmp/test.sh",

           user => "puppet",

           minute => "27",

           hour => "10"

  }

-----------------


(client):


执行更新命令

# puppetd --test --server server.example.com