main命名空间选项:
confdir 配置文件目录,默认在/etc/puppet
vardir 动态数据目录,默认在/var/lib/puppet
logdir 日志目录,默认在/var/log/log
rundir puppet PID目录,默认在/var/run/puppet
statedir state目录,默认在$vardir/state
statefile state文件,默认在$statedir/state.yaml
ssldir SSL证书目录,默认在$vardir/ssl
trace 发生错误时显示跟踪信息,默认false
filetimeout 检测配置文件状态改变的时间周期,单位秒,默认15秒
syslogfacility 指定syslog功能为user级,默认为daemon级
3). puppetmasterd命名空间选项:
user 后台进程执行的用户
group 后台进程执行的组
mainfestdir mainfests文件存储目录,默认为$confdir/mainfests
mainfest mainfest站点文件的名字,默认为site.pp
bindaddress 后台进程绑定的网卡地址接口
masterport 后台进程执行的端口,默认为8140
4). puppet命名空间选项:
server puppet puppet服务器名,默认为puppet
runinterval seconds puppet应用配置的时间间隔,默认1800秒(0.5小时)
puppetdlockfie file puppet lock文件位置,默认$statedir/puppetdlock
puppetport port 后台进程执行的端口,默认8139
文件服务配置文件(fileserver.conf):
[files]
path /var/lib/puppet/files
allow 121.14.1.*
allow 60.28.228.0/24
allow *.house.sina.com.cn
deny *.sina.com.cn
path定义文件存放路径,通过allow/deny来控制访问权限。
3. puppet命令集
1). puppet 用于执行用户所写独立的mainfests文件
# puppet -l /tmp/manifest.log manifest.pp
2). puppetd 运行在被管理主机上的客户端程序
# puppetd –server puppet.leju.com
3). puppetmasterd 运行在管理机上的服务器程序
# puppetmasterd
4). puppetca puppet认证程序
# puppetca -l
pclient.leju.com
# puppetca -s pclient.leju.com
5). puppetrun 用于连接客户端,强制运行本地配置文件
# puppetrun -p 10 –host host1 –host host2 -t remotefile -t webserver
6). filebucket 客户端用于发送文件到puppet file bucket的工具
# filebucket -b /tmp/filebucket /my/file
7). ralsh 转换配置信息到puppet配置代码
# ralsh user luke
user { ‘luke’:
home => ‘/home/luke’,
uid => ‘100′,
ensure => ‘present’,
comment => ‘Luke Kanies,,,’,
gid => ‘1000′,
shell => ‘/bin/bash’,
groups => ['sysadmin','audio','video','puppet']
}
8). puppetdoc 打印puppet参考文档
# puppetdoc -r type > /tmp/type_reference.rst
# puppetdoc –outputdir /tmp/rdoc –mode rdoc /path/to/manifests
# puppetdoc /etc/puppet/manifests/site.pp
小技巧
1. 凡是有.号的要用单引号引起来!
附:我的puppetmaster的配置文件
[main]
vardir = /var/puppet
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
confdir = /etc/puppet
[puppetd]
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
[puppetmasterd]
environment = production
reports = store,log,mydefine
logdir = /var/log/puppet
modulepath = /etc/puppet/modules:/usr/share/puppet/modules
config = /etc/puppet/puppet.conf
manifestdir = /etc/puppet/manifests
manifest = /etc/puppet/manifests/site.pp
fileserverconfig = /etc/puppet/fileserver.conf
templatedir = /etc/puppet/templates
reportdir = /var/lib/puppet/reports
autosign=true
clientyamldir = /var/lib/puppet/client_yaml
客户端的配置文件
[main]
vardir = /var/lib/puppet
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
[puppetd]
server = pu.server.com
authconfig = /etc/puppet/namespaceauth.conf
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
puppetdlog = /var/log/puppet/puppetd.log
runinterval = 600
report = true #这个默认是false如果不填写就没有报表了!
reportserver = pu.server.com
常用命令:
1.#puppetmasterd --genconfig > /etc/puppet/puppet.conf.default
2.#puppetmasterd -d -v --no-daemonize
3.#puppetd -v -d --no-daemonize