sudo管理和mysql的安装—puppet系列-成长的对话

云计算时代系统管理员会经常陷入一系列的重复任务中，如安装或重装系统，升级软件包，管理配置文件，添加、管理和配置系统服务等等，成百上千台服务器，够让我们抓狂的，因此自动化就非常有必要了。

Puppet 是一个客户端/服务器（C/S）架构的配置管理工具，在中央服务器上安装 puppet-server 服务器（puppet master），在需要被管理的目标服务器上安装 puppet 客户端软件（puppet client）。当客户端连接上服务器后，定义在服务器上的配置文件会被编译，然后在客户端上运行。客户端每隔半小时主动会和服务器通信一次，确认配置信息的更新情况，如果有新的配置信息（或者配置有变化），配置文件将会被重新编译并分发到客户端执行。当然，也可以在服务器上主动触发更新指令来强制各客户端进行配置更新。

以下步骤除非有标明，都是在server端设置

一、sudo管理

1、主资源配置文件:/etc/puppet/mainfests/site.pp

[root@vmclient63 manifests]# cat /etc/puppet/manifests/site.pp
 import 'nodes.pp'
 $puppetserver = 'vmserver62'

[ root @ vmclient63 manifests ] # cat /etc/puppet/manifests/site.pp

import 'nodes.pp'

$ puppetserver = 'vmserver62'

注意：加载在/etc/puppet/mainfests/nodes目录中的所有文件都是以.pp结尾

2、设置节点：

[root@vmclient63 manifests]# cat /etc/puppet/manifests/noded.pp
 node 'vmclient63' {               ---说明在哪一个节点生效
 include sudo                            --读取sudo模块
 }

[ root @ vmclient63 manifests ] # cat /etc/puppet/manifests/noded.pp

node 'vmclient63' { -- -说明在哪一个节点生效

include sudo --读取 sudo模块

}

3、定义模块

a、创建模块目录：

# mkdir /etc/puppet/modules

1	# mkdir /etc/puppet/modules

b、在模块目录中创建sudo模块：

# mkdir /etc/puppet/modules/sudo

1	# mkdir /etc/puppet/modules/sudo

c、在sudo模块中创建需要的基本目录：

# mkdir -p /etc/puppet/modules/sudo/{files,manifests,templates}

1	# mkdir -p /etc/puppet/modules/sudo/{files,manifests,templates}

d、在sudo模块的manifests目录中必须创建模块的具体资源定义文件：

[root@vmserver62 manifests]# vi /etc/puppet/modules/sudo/manifests/init.pp
class sudo {
	package { sudo: ensure => present }             ---判断sudo是否安装，没有就安装
	file { "/etc/sudoers":                          ---文件资源
		owner => "root",                            ---文件所属人员
		group => "root",
		mode => 0440,                               ---文件的权限
		source => "puppet:///modules/sudo/etc/sudoers",    ---定义配置文件sudoers从puppet服务器读取，从：/etc/puppet/modules/sudo/files/etc/sudoers 读取文件，模块目录files为文件类型资源的根目录
		require => Package["sudo"] }           ---定义依赖，需要执行package，才能执行这一步
}

[ root @ vmserver62 manifests ] # vi /etc/puppet/modules/sudo/manifests/init.pp

class sudo {

package { sudo : ensure = > present } -- -判断 sudo是否安装，没有就安装

file { "/etc/sudoers" : -- -文件资源

owner = > "root" , -- -文件所属人员

group = > "root" ,

mode = > 0440 , -- -文件的权限

source = > "puppet:///modules/sudo/etc/sudoers" , -- -定义配置文件 sudoers从 puppet服务器读取，从： / etc / puppet / modules / sudo / files / etc / sudoers 读取文件，模块目录 files为文件类型资源的根目录

require = > Package [ "sudo" ] } -- -定义依赖，需要执行 package，才能执行这一步

}

4、文件夹权限设置

# mkdir /etc/puppet/modules/sudo/files/etc
# cp /etc/sudoers /etc/puppet/modules/sudo/files/etc/sudoers
# chown  -R puppet.puppet /etc/puppet

# mkdir /etc/puppet/modules/sudo/files/etc

# cp /etc/sudoers /etc/puppet/modules/sudo/files/etc/sudoers

# chown -R puppet.puppet /etc/puppet

二、mysql安装

1、创建mysql模块目录

# mkdir -p /etc/puppet/modules/mysql/{files,manifests,templates}

1	# mkdir -p /etc/puppet/modules/mysql/{files,manifests,templates}

2、创建mysql::install类

[root@vmserver62 manifests]# vi /etc/puppet/modules/mysql/manifests/install.pp
class mysql::install {
	package { "mysql-server":           ---yum安装mysql-server包
				ensure => present,
				require => User["mysql"]            ---定义mysql用户为mysql
	}
	user { "mysql":
			ensure => present,                  ---判断是否有mysql用户，没有就创建
			comment => "MySQL user",       ---用户的描述信息
			gid => "mysql",
			<a href="http://www.ttlsa.com/shell/" title="shell"target="_blank">shell</a> => "/sbin/nologin",                         ---mysql用户的shell信息
			require => Group["mysql"]             ---定义依赖的group资源中的mysql组
	}
	group { "mysql":
			ensure => present
	}
}

[ root @ vmserver62 manifests ] # vi /etc/puppet/modules/mysql/manifests/install.pp

class mysql :: install {

package { "mysql-server" : -- - yum安装 mysql - server包

ensure = > present ,

require = > User [ "mysql" ] -- -定义 mysql用户为 mysql

}

user { "mysql" :

ensure = > present , -- -判断是否有 mysql用户，没有就创建

comment = > "MySQL user" , -- -用户的描述信息

gid = > "mysql" ,

shell = > "/sbin/nologin" , -- - mysql用户的 shell信息

require = > Group [ "mysql" ] -- -定义依赖的 group资源中的 mysql组

}

group { "mysql" :

ensure = > present

}

3、创建mysql::config子类

[root@vmserver62 manifests]#cp /etc/my.cnf /etc/puppet/modules/mysql/files/my.cnf
[root@vmserver62 manifests]# vi /etc/puppet/modules/mysql/manifests/config.pp
class mysql::config {
		file { "/etc/my.cnf":
			ensure => present,
			source => "puppet:///modules/mysql/my.cnf",         ---从puppet服务端下载my.cnf文件，下载的实际路径为：/etc/puppet/modules/mysql/files/my.cnf,所以这一步一开始就要拷贝文件
			require => Class["mysql::install"],      ---调用依赖子类mysql::install
			notify => Class["mysql::service"]             ---依赖mysql:service重启服务重新加载配置文件
	}
}

[ root @ vmserver62 manifests ] #cp /etc/my.cnf /etc/puppet/modules/mysql/files/my.cnf

[ root @ vmserver62 manifests ] # vi /etc/puppet/modules/mysql/manifests/config.pp

class mysql :: config {

file { "/etc/my.cnf" :

ensure = > present ,

source = > "puppet:///modules/mysql/my.cnf" , -- -从 puppet服务端下载 my . cnf文件，下载的实际路径为： / etc / puppet / modules / mysql / files / my . cnf ,所以这一步一开始就要拷贝文件

require = > Class [ "mysql::install" ] , -- -调用依赖子类 mysql :: install

notify = > Class [ "mysql::service" ] -- -依赖 mysql : service重启服务重新加载配置文件

}

4、创建mysql::service子类

[root@vmserver62 manifests]# vi /etc/puppet/modules/mysql/manifests/service.pp
class mysql::service {
		service { "mysqld":
			ensure => running,                      ---确定mysql服务是启动状态
			require => Class["mysql::install","mysql::config"]
		}

}

[ root @ vmserver62 manifests ] # vi /etc/puppet/modules/mysql/manifests/service.pp

class mysql :: service {

service { "mysqld" :

ensure = > running , -- -确定 mysql服务是启动状态

require = > Class [ "mysql::install" , "mysql::config" ]

}

5、在manifests目录中创建mysql类

[root@vmserver62 manifests]# vi /etc/puppet/modules/mysql/manifests/init.pp
class mysql {
	include mysql::install,mysql::config,mysql::service
}

[ root @ vmserver62 manifests ] # vi /etc/puppet/modules/mysql/manifests/init.pp

class mysql {

include mysql :: install , mysql :: config , mysql :: service

}

6、在/etc/puppet/manifests/nodes/node1.pp中加载mysql类

[root@vmserver62 manifests]# cat /etc/puppet/manifests/nodes/node1.pp
node 'vmclient63'        ---指定节点
{include sudo,mysql}

[ root @ vmserver62 manifests ] # cat /etc/puppet/manifests/nodes/node1.pp

node 'vmclient63' -- -指定节点

{ include sudo , mysql }

7、重启puppetmaster

#/etc/init.d/puppetmaster restart

1	#/etc/init.d/puppetmaster restart

客户端设置：

1、在/etc/puppet/puppet.conf 文件中的[agent]下面添加两行

authconfig = /etc/puppet/namespaceauth.conf
 listen = true

1 2	authconfig = / etc / puppet / namespaceauth . conf listen = true

2、在文件/etc/puppet/namespaceauth.conf中修改

mysql

3、/etc/puppet/auth.conf 文件最后添加三行

path /
 auth any
 allow *

path /

auth any

allow *

4、重启客户端

[root@vmclient63 ~]# /etc/init.d/puppet restart
 Stopping puppet:                                           [  OK  ]
 Starting puppet:                                           [  OK  ]

[ root @ vmclient63 ~ ] # /etc/init.d/puppet restart

Stopping puppet : [ OK ]

Starting puppet : [ OK ]

服务端开始通知客户端更新

[root@vmserver62 mysql]# puppetrun -p 10 --host vmclient63
 Triggering vmclient63
 Getting status
 status is running
 Host vmclient63 is already running
 vmclient63 finished with exit code 3
 Failed: vmclient63     ---这个是由于本人hostname不规范