Puppetmaster多環境配置 · Puppet運維實戰

#### Puppet基礎篇9-Puppetmaster多環境配置 # 擴充現有架構環境是對一個企業成長的見證將基礎環境模塊部署到puppetmaster端之后就可以初始化所有節點了，接下來就是部署應用代碼了。眾所周知，一個企業中應用代碼的編寫并不是運維一個人完成的，而且代碼的上線也不是一次性完成的。標準的架構應該由開發、測試、生產三個組成，對應到puppetmaster里面應該有3套代碼才對。而且每套代碼都應該對應到自己的環境中，而代碼的變更更應該通過版本控制工具進行管理，比如svn、git等。接下來我們為puppetmaster創造3個環境，它們分別是開發環境(kissdev)、測試環境(kissqa)、生產環境(kissprd). ### 1、配置puppet.conf 在標簽[master]中添加environments環境，其次創建對應的環境標簽及配置 ~~~ [root@puppetmaster ~]# vim /etc/puppet/puppet.conf [main] logdir = /var/log/puppet rundir = /var/run/puppet ssldir = $vardir/ssl [agent] classfile = $vardir/classes.txt localconfig = $vardir/localconfig server = puppetmaster.kisspuppet.com certname = puppetmaster_cert.kisspuppet.com [master] certname = puppetmaster.kisspuppet.com environments = kissdev,kisstmq,kissprd #添加三個環境的標簽名稱 [kissdev] modulepath = $confdir/environments/kissdev/environment/modules:$confdir/environments/kissdev/application/modules #設置環境的搜索路徑 manifest = $confdir/environments/kissdev/manifests/site.pp #設置環境的site.pp文件位置 fileserverconfig = /etc/puppet/fileserver.conf.kissdev #設置環境的fileserver [kissmq] modulepath = $confdir/environments/kissmq/environment/modules:$confdir/environments/kisstest/application/modules manifest = $confdir/environments/kisstest/manifests/site.pp fileserverconfig = /etc/puppet/fileserver.conf.kisstest [kissprd] modulepath = $confdir/environments/kissprd/environment/modules:$confdir/environments/kissprd/application/modules manifest = $confdir/environments/kissprd/manifests/site.pp fileserverconfig = /etc/puppet/fileserver.conf.kissprd ~~~ **順便解釋一下：**為什么在每個環境下會有environment和application兩個目錄，其中environment目錄是存放基礎環境模塊的，比如puppet、yum等；而application目錄是存在應用環境模塊的，比如apache、mysql等。當然也可以放在同一個目錄下，如果應用多的話還可以將application進行拆分，一切都是為了方便管理而考慮。 ### 2、創建多環境目錄結構 ~~~ [root@puppetmaster environments]# mkdir kissdev [root@puppetmaster environments]# mkdir kissdev/{application/modules,environment/modules} -p [root@puppetmaster environments]# tree . . └── kissdev ├── application │ └── modules #存放應用的模塊 └── environment └── modules #存放基礎環境模塊 5 directories, 0 files [root@puppetmaster environments]# cp kissdev kissmq -rp [root@puppetmaster environments]# cp kissdev kissprd -rp [root@puppetmaster environments]# tree . . ├── kissdev │ ├── application │ │ └── modules │ └── environment │ └── modules ├── kissmq │ ├── application │ │ └── modules │ └── environment │ └── modules └── kissprd ├── application │ └── modules └── environment └── modules 15 directories, 0 files ~~~ ### 3、移動默認環境modules中的配置到kissprd對應的環境中其中puppet和yum模塊屬于基礎環境模塊，motd屬于應用環境模塊 ~~~ [root@puppetmaster environments]# mv /etc/puppet/modules/puppet kissprd/environment/modules/ [root@puppetmaster environments]# mv /etc/puppet/modules/yum kissprd/environment/modules/ [root@puppetmaster environments]# mv /etc/puppet/modules/motd kissprd/application/modules/ ~~~ ### 4、復制manifests文件至kissprd環境中 ~~~ [root@puppetmaster environments]# cp /etc/puppet/manifests kissprd/ -r ~~~ 復制完成后整個環境如下 ~~~ [root@puppetmaster environments]# tree kissprd/ kissprd/ ├── application │ └── modules │ └── motd │ ├── files │ │ └── etc │ │ └── motd │ ├── manifests │ │ └── init.pp │ └── templates ├── environment │ └── modules │ ├── puppet │ │ ├── files │ │ ├── manifests │ │ │ ├── config.pp │ │ │ ├── init.pp │ │ │ ├── install.pp │ │ │ ├── params.pp │ │ │ └── service.pp │ │ └── templates │ │ └── puppet.conf.erb │ └── yum │ ├── files │ │ ├── etc │ │ │ └── yum.conf │ │ └── PM-GPG-KEY │ │ ├── RPM-GPG-KEY-puppet-release │ │ ├── RPM-GPG-KEY-redhat-release-rhel5 │ │ └── RPM-GPG-KEY-redhat-release-rhel6 │ ├── manifests │ │ ├── config.pp │ │ ├── init.pp │ │ ├── install.pp │ │ └── params.pp │ └── templates └── manifests └── site.pp 20 directories, 17 files ~~~ ### 5、刪除掉默認環境manifests中site.pp文件內容因為模塊已經移除，其次默認環境production已經不再使用了。 ~~~ [root@puppetmaster environments]# >/etc/puppet/manifests/site.pp ~~~ ### 6、創建fileserverconfig文件 ~~~ [root@puppetmaster ~]# cp /etc/puppet/fileserver.conf{,.kissdev} [root@puppetmaster ~]# cp /etc/puppet/fileserver.conf{,.kissqa} [root@puppetmaster ~]# cp /etc/puppet/fileserver.conf{,.kissprd} [root@puppetmaster ~]# ll /etc/puppet/ total 88 -rw-r--r-- 1 root root 2569 Jan 7 07:51 auth.conf -rw-r--r-- 1 root root 17 Mar 9 17:54 autosign.conf.bak drwxr-xr-x 5 root root 4096 Mar 27 22:33 environments -rw-r--r-- 1 root root 381 Jan 7 07:49 fileserver.conf -rw-r--r-- 1 root root 381 Mar 27 22:46 fileserver.conf.kissdev #指向kissdev環境 -rw-r--r-- 1 root root 381 Mar 27 22:46 fileserver.conf.kissprd #指向kissmq環境 -rw-r--r-- 1 root root 381 Mar 27 22:46 fileserver.conf.kissqa #指向kissdev環境 drwxr-xr-x 2 root root 4096 Mar 25 05:23 manifests drwxr-xr-x 2 root root 4096 Mar 27 22:40 modules -rw-r--r-- 1 root root 1063 Mar 27 21:55 puppet.conf -rw-r--r-- 1 root root 853 Mar 9 00:48 puppet.conf.bak -rw-r--r-- 1 root root 42031 Mar 9 03:25 puppet.conf.out ~~~ **7、重啟puppetmaster服務** ~~~ [root@puppetmaster ~]# /etc/init.d/puppetmaster restart Stopping puppetmaster: [ OK ] Starting puppetmaster: [ OK ] ~~~ **8、節點測試驗證** ~~~ [root@agent1 ~]# >/etc/motd You have new mail in /var/spool/mail/root [root@agent1 ~]# puppet agent -t #默認請求的是production環境，由于此環境里面沒有模塊所有不更新 info: Caching catalog for agent1_cert.kisspuppet.com info: Applying configuration version '1395931884' notice: Finished catalog run in 0.02 seconds [root@agent1 ~]# puppet agent -t --environment=kissprd #環境指向kissprd info: Caching catalog for agent1_cert.kisspuppet.com info: Applying configuration version '1395931962' notice: /Stage[main]/Motd/File[/etc/motd]/content: --- /etc/motd 2014-03-27 22:52:27.000000000 +0800 +++ /tmp/puppet-file20140327-26204-29bst1-0 2014-03-27 22:52:44.000000000 +0800 @@ -0,0 +1,3 @@ +-- -- +--------puppet test--------- +-- -- info: FileBucket got a duplicate file {md5}d41d8cd98f00b204e9800998ecf8427e info: /Stage[main]/Motd/File[/etc/motd]: Filebucketed /etc/motd to puppet with sum d41d8cd98f00b204e9800998ecf8427e notice: /Stage[main]/Motd/File[/etc/motd]/content: content changed '{md5}d41d8cd98f00b204e9800998ecf8427e' to '{md5}87ea3a1af8650395038472457cc7f2b1' notice: Finished catalog run in 0.68 seconds [root@agent1 ~]# cat /etc/motd -- -- --------puppet test--------- -- -- ~~~ **9、節點更改環境** 如果節點是主動同步的方式，應該在puppet.conf文件中添加environment配置 ~~~ [root@agent1 ~]# vim /etc/puppet/puppet.conf ### config by puppet ### [main] logdir = /var/log/puppet rundir = /var/run/puppet ssldir = $vardir/ssl [agent] classfile = $vardir/classes.txt localconfig = $vardir/localconfig server = puppetmaster.kisspuppet.com certname = agent1_cert.kisspuppet.com runinterval = 10 environment =kissprd #添加默認環境為kissprd ~~~ **10、繼續測試** ~~~ [root@agent1 ~]# puppet agent -t info: Caching catalog for agent1_cert.kisspuppet.com info: Applying configuration version '1395931962' notice: /Stage[main]/Motd/File[/etc/motd]/content: --- /etc/motd 2014-03-27 22:55:43.000000000 +0800 +++ /tmp/puppet-file20140327-30010-8ada2g-0 2014-03-27 22:56:19.000000000 +0800 @@ -0,0 +1,3 @@ +-- -- +--------puppet test--------- +-- -- info: FileBucket got a duplicate file {md5}d41d8cd98f00b204e9800998ecf8427e info: /Stage[main]/Motd/File[/etc/motd]: Filebucketed /etc/motd to puppet with sum d41d8cd98f00b204e9800998ecf8427e notice: /Stage[main]/Motd/File[/etc/motd]/content: content changed '{md5}d41d8cd98f00b204e9800998ecf8427e' to '{md5}87ea3a1af8650395038472457cc7f2b1' notice: /Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]/content: --- /etc/puppet/puppet.conf 2014-03-27 22:56:14.000000000 +0800 +++ /tmp/puppet-file20140327-30010-cmjg48-0 2014-03-27 22:56:19.000000000 +0800 @@ -10,4 +10,3 @@ server = puppetmaster.kisspuppet.com certname = agent1_cert.kisspuppet.com runinterval = 10 - environment =kissprd info: FileBucket got a duplicate file {md5}43df60b1aa2638c5f10aa7e6be892b77 info: /Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]: Filebucketed /etc/puppet/puppet.conf to puppet with sum 43df60b1aa2638c5f10aa7e6be892b77 notice: /Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]/content: content changed '{md5}43df60b1aa2638c5f10aa7e6be892b77' to '{md5}8c67cb8c039bb6436556b91f0c6678c4' info: /Stage[main]/Puppet::Config/File[/etc/puppet/puppet.conf]: Scheduling refresh of Class[Puppet::Service] info: Class[Puppet::Service]: Scheduling refresh of Service[puppet] notice: /Service[puppet]/ensure: ensure changed 'stopped' to 'running' notice: /Service[puppet]: Triggered 'refresh' from 1 events notice: Finished catalog run in 0.68 seconds [root@agent1 ~]# cat /etc/motd -- -- --------puppet test--------- -- -- ~~~ **備注：** 記得設置puppet模塊中的puppet.conf.erb模板，否則會被還原哦。 ### 后續問題 1、puppetmaster端有三套環境，那么如何管理呢，接下來就應該考慮版本控制系統了，這里已經有寫了[http://rsyslog.org/2013/11/16/svn-puppet/](http://rsyslog.org/2013/11/16/svn-puppet/) 2、后面講的hiear中關于設置的變量對應到每個環境中是如何解決的。關于多環境的部署有不理解的還可以參考書籍《精通Puppet配置管理工具》或者官網