puppet系列之nginx+foreman
2013-05-06 21:52
246 查看
foreman架构:
本文主要讲述搭建foreman,及集成进nginx的过程
环境说明:
CentOS 5.8 x86_64
puppet version:3.1.1
master hostname:server.domain.com
client hostname:client.test.com
----------------------------------------------
主要截图如下:
这样puppet系列文章已基本完成;
在此感谢下itnihao,liu.cy的指导 (ps:为了文章的完整性,所以引用了大量itnihao文章的内容)
本文出自 “TNT、运维之路” 博客,请务必保留此出处http://tntdba.blog.51cto.com/1199791/1194326
本文主要讲述搭建foreman,及集成进nginx的过程
环境说明:
CentOS 5.8 x86_64
puppet version:3.1.1
master hostname:server.domain.com
client hostname:client.test.com
----------------------------------------------
1,puppet,nginx环境 均按上篇文章所部署安装好puppet,nginx,ruby等 2,配置yum源 # rpm -ivh http://yum.theforeman.org/releases/1.1/el5/x86_64/foreman-release-1.1stable-3.el5.noarch.rpm 3,安装foreman,foreman-proxy # yum -y install foreman-installer # ruby /usr/share/foreman-installer/generate_answers.rb 分别输入三次 y # yum install ruby-mysql # yum -y install foreman foreman-proxy # chown foreman.foreman -R /usr/share/foreman # su - foreman -s /bin/bash -c /usr/share/foreman/extras/dbmigrate # vim /usr/share/foreman/config/database.yml 原文件为sqllite的配置,此处改为mysql作为数据库存储 ================================================= production: adapter: mysql database: puppet username: puppet password: puppet host: localhost socket: "/tmp/mysql.sock" ================================================= mysql> create database puppet CHARACTER SET utf8; mysql> grant all privileges on puppet.* to puppet@'localhost' identified by 'puppet'; mysql> flush privileges; # cd /usr/share/foreman/ RAILS_ENV=production rake db:migrate rake puppet:migrate:populate_hosts RAILS_ENV=production # chown foreman.foreman /usr/share/foreman/tmp/secret_token # vim /etc/foreman-proxy/settings.yml ========================================================== :trusted_hosts: - server.domain.com :puppetca: true :puppet: true :puppet_conf: /etc/puppet/puppet.conf ========================================================= # /etc/init.d/foreman-proxy start 启动proxy 端口8443 4,集成进nginx nginx虚拟主机如下: server { listen 443; server_name server.domain.com; ssl on; ssl_certificate /var/lib/puppet/ssl/certs/server.domain.com.pem; ssl_certificate_key /var/lib/puppet/ssl/private_keys/server.domain.com.pem; #Verify puppetmaster clients against Puppet CA ssl_crl /var/lib/puppet/ssl/ca/ca_crl.pem; ssl_client_certificate /var/lib/puppet/ssl/certs/ca.pem; ssl_verify_client optional; ssl_verify_depth 1; access_log /usr/local/nginx/logs/foreman_access.log; error_log /usr/local/nginx/logs/foreman_error.log debug; root /usr/share/foreman/public; passenger_enabled on; passenger_set_cgi_param HTTPS on; passenger_set_cgi_param SSL_CLIENT_S_DN $ssl_client_s_dn; passenger_set_cgi_param SSL_CLIENT_VERIFY $ssl_client_verify; } # /etc/init.d/nginxd start ###启动nginx 5,访问foreman 输入网址:https://server.domain.com 默认账号:admin 密码:changeme 进入之后配置more-configureation-smart proxies---- 添加proxy地址: https://server.domain.com:8443 #vim /etc/puppet/node.rb :url => "https://server.domain.com", 6,设置report自动导入foreman # cp /usr/share/foreman-installer/foreman/templates/foreman-report.rb.erb /usr/lib/ruby/site_ruby/1.8/puppet/reports/foreman.rb # vim foreman.rb 修改成一下配置,其他不变(ps:一直就是卡在住错) #<%= ERB.new(File.read(File.expand_path("_header.erb",File.dirname(file)))).result(binding) -%> # copy this file to your report dir - e.g. /usr/lib/ruby/1.8/puppet/reports/ # add this report in your puppetmaster reports - e.g, in your puppet.conf add: # reports=log, foreman # (or any other reports you want) # URL of your Foreman installation $foreman_url = 'https://server.domain.com' # if CA is specified, remote Foreman host will be verified $foreman_ssl_ca = "/var/lib/puppet/ssl/certs/ca.pem" # ssl_cert and key are required if require_ssl_puppetmasters is enabled in Foreman $foreman_ssl_cert = "/var/lib/puppet/ssl/certs/server.domain.com.pem" $foreman_ssl_key = "/var/lib/puppet/ssl/private_keys/server.domain.com.pem" 客户端需修改 agent配置如下 [agent] classfile = $vardir/classes.txt localconfig = $vardir/localconfig report = true pluginsync = true masterport = 8140 environment = production certname = client.test.com server = server.domain.com listen = true 服务器端修改 [master] autosign = $confdir/autosign.conf { mode = 664 } reports = log,foreman external_nodes = /etc/puppet/node.rb node_terminus = exec ca = true ======================= 7,class,host.facts导入foreman #cd /usr/share/foreman #导入hosts 和facts rake puppet:import:hosts_and_facts RAILS_ENV=production 把/etc/puppet/modules底下的模块都复制至/etc/puppet/modules/production 在foreman web管理 mode---configuration---puppet classes 点击import from server 即可
主要截图如下:
这样puppet系列文章已基本完成;
在此感谢下itnihao,liu.cy的指导 (ps:为了文章的完整性,所以引用了大量itnihao文章的内容)
本文出自 “TNT、运维之路” 博客,请务必保留此出处http://tntdba.blog.51cto.com/1199791/1194326
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Puppet master nginx 扩展提升性能(puppet自动化系列4)
- Puppet系列之二:自动化配置管理平台的搭建
- nginx系列-05-基于openSSL配置HTTPS
- Puppet系列之五:Puppet报告系统Dashboard安装与配置
- Nginx系列6之-rewirte功能使用案例总结
- 树莓派开发系列教程7——树莓派做web服务器(nginx、Apache)
- nginx高性能WEB服务器系列之六--nginx负载均衡配置+健康检查
- puppet的web管理工具foreman安装配置简明步骤
- nginx location配置 - ttlsa教程系列之nginx
- Puppet基础篇1-编写此系列文档的目的
- LNMP系列——利用nginx 的http_image_filter_module 搭建图片网关
- PHP程序员玩转Linux系列 Linux和Windows安装nginx
- Ubuntu的web服务器搭建系列之JDK(JDK+Tomcat+MySQL+Nginx+Redis
- Nginx系列(十二. 查看nginx状态)
- Nginx系列(十三. nginx负载均衡)
- 微服务实战系列--Nginx官网发布(转)
- nginx 优化系列之worker_connections
- Foreman--Puppet类导入
- 系列10:Nginx入门
- 【Nginx系列】Nginx虚拟主机的配置核日志管理