## both hostnames on master and agent are matter, not IP address.
## agent should be able to resolve puppet master's IP address, but agent (client) is not.
## therefore, puppet agents could be not on Internet, but the puppet master is on Internet.
55 rpm -ivh http://yum.puppetlabs.com/el/5/products/i386/puppetlabs-release-5-6.noarch.rpm
56 rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
57 rpm -Uvh http://mirror01.idc.hinet.net/EPEL/6/x86_64/epel-release-6-8.noarch.rpm
58 yum install puppet-server
59 cd /etc/puppet/manifests
60 vi site.pp
// add following lines
import "classes/*"
node default {
include sudo
}
65 mkdir classes
66 vi /etc/puppet/manifests/classes/sudo.pp
// add following lines
class sudo {
file {
"/etc/sudoers": owner => "root", group => "root", mode => 440,
}
}
68 service puppetmaster start
69 chkconfig puppetmaster on
72 puppetca --list
77 vi /etc/puppet/autosign.conf
// add "*" in autosign.conf if you don't want to bother with certification, use firewall to control your puppet client access permission.
No comments:
Post a Comment