通过配置ssh深刻理解puppet的语法及工作机制
通過配置ssh深刻理解puppet的語法及工作機制
需求分析
1)、要求openssh-server處于被安裝狀態
2)、要求在配置文件/etc/ssh/sshd_config正確的情況下,sshd服務處于運行狀態
2)、要求/etc/ssh/sshd_config文件屬性不被串改(權限、屬主、屬組等)
3)、要求/etc/ssh/sshd_config文件被修改或者刪除后會被自動修復
4)、要求通過puppetserver端修改/etc/ssh/sshd_config之后,sshd服務能夠自動重啟。
定義全局配置信息
定義全局配置文件site.pp
[root@puppetserver?~]#?vim?/etc/puppet/manifests/site.pp?
import?'nodes/*'
$puppetserver?=?'puppetserver.rsyslog.org'
創建并配置nodes.pp節點
[root@puppetserver?~]#?mkdir?/etc/puppet/manifests/nodes?–p
[root@puppetserver?~]#?vim?/etc/puppet/manifests/nodes/nodes.pp
>?node?/^agent\d+\.rsyslog.org$/{
>????????include?ssh
>?}
>?endf
設置模塊搜索路徑
vim?/etc/puppet/puppet.conf?
[main]
modulepath?=?/etc/puppet/modules:/var/lib/puppet/modules:/usr/local/lib/puppet/modules
創建模塊目錄結構
[root@puppetserver?~]#?mkdir?-vp?
/etc/puppet/modules/ssh/{files,templates,manifests}
創建配置文件
創建配置文件(/etc/puppet/modules/ssh/manifests目錄下)
1)、創建site.pp文件
class?ssh{
????????include?ssh::params,ssh::config,ssh::service,ssh::install
}
2)、創建install.pp文件
class?ssh::install{
????????package?{?$ssh::params::ssh_package_name:
????????????????ensure?=>?installed,
????????}
}
3)、創建config.pp文件
class?ssh::config{
????????file?{?$ssh::params::ssh_service_config:
????????????????ensure?=>?present,
????????????????owner?=>?'root',
????????????????group?=>?'root',
????????????????mode?=>?0440,
????????????????source?=>?"puppet:///modules/ssh/etc/ssh/sshd_config",
????????????????require?=>?Class["ssh::install"],
????????????????notify?=>?Class["ssh::service"],
????????}
}
4)、創建service.pp文件
class?ssh::service{
????????service?{?$ssh::params::ssh_service_name:
????????????????ensure?=>?running,
????????????????hasstatus?=>?true,
????????????????hasrestart?=>?true,
????????????????enable?=>?true,
????????????????require?=>?Class["ssh::config"],
????????}
}
5)、創建params.pp文件
class?ssh::params?{
????????case?$::operatingsystem?{
????????????????Slaris:?{
????????????????????????$ssh_package_name?=?'openssh'
????????????????????????$ssh_service_config?=?'/etc/ssh/sshd_config'
????????????????????????$ssh_service_name?=?'sshd'
????????????????}
????????????????/^(Ubuntu|Debian)$/:?{
????????????????????????$ssh_package_name?=?'openssh-server'
????????????????????????$ssh_service_config?=?'/etc/ssh/sshd_config'
????????????????????????$ssh_service_name?=?'sshd'
????????????????}
????????????????/^(RedHat|CentOS|Fedora)$/:?{
????????????????????????$ssh_package_name?=?'openssh-server'
????????????????????????$ssh_service_config?=?'/etc/ssh/sshd_config'
????????????????????????$ssh_service_name?=?'sshd'
????????????????}
????????????????default:?{
????????????????????????$ssh_package_name?=?'openssh-server'
????????????????????????$ssh_service_config?=?'/etc/ssh/sshd_config'
????????????????????????$ssh_service_name?=?'sshd'
????????????????}
????????}
}
創建測試文件
[root@puppetserver?manifests]#?mkdir?/etc/puppet/modules/ssh/files/etc/ssh/?-p?[root@puppetserver?manifests]#?scp?agent1.rsyslog.org:/etc/ssh/sshd_config?/etc/puppet/modules/ssh/files/etc/ssh/?
[root@puppetserver?~]#?service?puppetmaster?reload
測試(puppet?kick的方式)
Puppet?server端開啟調試模式測試
[root@puppetserver?~]#?puppet?master?--no-daemonize?--verbose?
Puppet?agent端開啟調試模式測試
[root@puppetserver?manifests]#?puppetrun?-p?10?--host?agent1.rsyslog.org
Triggering?agent1.rsyslog.org
Getting?status
status?is?success
agent2.rsyslog.org?finished?with?exit?code?0
Finished
本文轉自凌激冰51CTO博客,原文鏈接:http://blog.51cto.com/dreamfire/1257719,如需轉載請自行聯系原作者
總結
以上是生活随笔為你收集整理的通过配置ssh深刻理解puppet的语法及工作机制的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: lucene、solr、nutch三者的
- 下一篇: RH442-3 队列技术