<rt id="bn8ez"></rt>
<label id="bn8ez"></label>

  • <span id="bn8ez"></span>

    <label id="bn8ez"><meter id="bn8ez"></meter></label>

    Puppet的server端與agent端的通信建立

    puppet 的安裝與配置,請看上一篇文章。
    這里默認(rèn)你已經(jīng)把它安裝好了。

    想讓兩臺(或N臺)機(jī)器相互通信,先要設(shè)置它們之間的Host文件。
    每一臺機(jī)器分別執(zhí)行如下命令
    sudo vi /etc/hosts
    把要相互通信的所有機(jī)器的IP 和 別名添加進(jìn)來。比如先以server端為例
    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    10.23.10.237 puppet-server.noah.blogjava.net
    #上面可能是打開這個(gè)文件里默認(rèn)的,不用管,直接在下面加agent的ip就可以了,有多少加多少。
    10.52.27.71 agent001.noah-test.net
    10.52.27.72 agent002.noah-test.net
    10.52.27.73 agent003.noah-test.net
    接下來把上面的都復(fù)制,然后,分別考到其它的機(jī)器里面。

    接下來回到agent端,配置puppet 的配置文件,執(zhí)行如下命令
    sudo vi /etc/puppetlabs/puppet/puppet.conf
    在打開的文件里面填寫如下信息
    [main]
    #這個(gè)certname就是上面host里面的名字
    certname = agent001.noah-test.net
    #server 就是puppet的server的地址
    server = puppet-server.noah.blogjava.net
    environment 
    = production
    runinterval 
    = 1h


    然后在agent端,執(zhí)行如下命令,向server端申請證書
    sudo /opt/puppetlabs/bin/puppet agent --test
    然后,會出現(xiàn)這樣的信息
    Info: Creating a new SSL key for agent01.noah-test
    Info: Caching certificate for ca
    Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml
    Exiting; no certificate found and waitforcert is disabled

    證明,申請成功,等待server端同意。這時(shí)可以轉(zhuǎn)到server端,執(zhí)行如下命令查看如些機(jī)器要申請證書
    sudo /opt/puppetlabs/bin/puppet cert list --all
    這里會顯示出所有申請過的和正在等待審批的agent的certname 的名字。審批通過的前面有個(gè)“+”。
    接下來執(zhí)行如下命令進(jìn)行單獨(dú)審批
     
    sudo /opt/puppetlabs/bin/puppet cert sign agent001.noah-test.net

    也可以直接在sgin 后面加 "--all",進(jìn)行全部審批。

    審批完成后,再回到agent端,執(zhí)行同樣的命令
    sudo /opt/puppetlabs/bin/puppet agent --test

    如下顯示的全是類似如下綠色的信息,證明它們之間的通信已經(jīng)建立成功
    Info: Using configured environment 'production'
    Info: Retrieving pluginfacts
    Info: Retrieving plugin
    Info: Caching catalog for agent001.noah-test.net
    Info: Applying configuration version '1481877703'







    問題匯總:
    cloud@cdt-dev-cafews-yabinx:/etc/puppetlabs/puppet> sudo puppet agent -t
    Warning: Setting 'pluginsync' is deprecated.
    (at /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/defaults.rb:1713:in `block in <module:Puppet>')
    Warning: Unable to fetch my node definition, but the agent run will continue:
    Warning: getaddrinfo: Name or service not known
    Info: Retrieving pluginfacts
    Error: /File[/var/lib/puppet/facts.d]: Failed to generate additional resources using 'eval_generate': getaddrinfo: Name or service not known
    Error: /File[/var/lib/puppet/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: getaddrinfo: Name or service not known
    Info: Retrieving plugin
    Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': getaddrinfo: Name or service not known
    Error: /File[/var/lib/puppet/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: getaddrinfo: Name or service not known
    Info: Loading facts
    Error: Could not retrieve catalog from remote server: getaddrinfo: Name or service not known
    Warning: Not using cache on failed catalog
    Error: Could not retrieve catalog; skipping run
    Error: Could not send report: getaddrinfo: Name or service not known
    用的命令不對,改用這個(gè)
    sudo /opt/puppetlabs/bin/puppet agent --test



    sudo/opt/puppetlabs/bin/puppet agent --test
    Warning: Unable to fetch my node definition, but the agent run will continue:
    Warning: Server hostname 'cdt-dev-cafews-yabinx' did not match server certificate; expected one of cdt-dev-cafews-yabinx.emea1.cis.trcloud, DNS:puppet, DNS:cdt-dev-cafews-yabinx.emea1.cis.trcloud
    Info: Retrieving pluginfacts
    Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': Server hostname 'cdt-dev-cafews-yabinx' did not match server certificate; expected one of cdt-dev-cafews-yabinx.emea1.cis.trcloud, DNS:puppet, DNS:cdt-dev-cafews-yabinx.emea1.cis.trcloud
    Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: Server hostname 'cdt-dev-cafews-yabinx' did not match server certificate; expected one of cdt-dev-cafews-yabinx.emea1.cis.trcloud, DNS:puppet, DNS:cdt-dev-cafews-yabinx.emea1.cis.trcloud
    Info: Retrieving plugin
    Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to generate additional resources using 'eval_generate': Server hostname 'cdt-dev-cafews-yabinx' did not match server certificate; expected one of cdt-dev-cafews-yabinx.emea1.cis.trcloud, DNS:puppet, DNS:cdt-dev-cafews-yabinx.emea1.cis.trcloud
    Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: Server hostname 'cdt-dev-cafews-yabinx' did not match server certificate; expected one of cdt-dev-cafews-yabinx.emea1.cis.trcloud, DNS:puppet, DNS:cdt-dev-cafews-yabinx.emea1.cis.trcloud
    Error: Could not retrieve catalog from remote server: Server hostname 'cdt-dev-cafews-yabinx' did not match server certificate; expected one of cdt-dev-cafews-yabinx.emea1.cis.trcloud, DNS:puppet, DNS:cdt-dev-cafews-yabinx.emea1.cis.trcloud
    Warning: Not using cache on failed catalog
    Error: Could not retrieve catalog; skipping run
    Error: Could not send report: Server hostname 'cdt-dev-cafews-yabinx' did not match server certificate; expected one of cdt-dev-cafews-yabinx.emea1.cis.trcloud, DNS:puppet, DNS:cdt-dev-cafews-yabinx.emea1.cis.trcloud
    其實(shí)它已經(jīng)告訴你了,改一下/etc/hosts就可以了,改成下面的其中一個(gè)
    expected one of cdt-dev-cafews-yabinx.emea1.cis.trcloud, DNS:puppet, DNS:cdt-dev-cafews-yabinx.emea1.cis.trcloud




    sudo /opt/puppetlabs/bin/puppet agent --test
    Warning: Unable to fetch my node definition, but the agent run will continue:
    Warning: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=cdt-dev-cafews-yabinx2.emea1.cis.trcloud]
    Info: Retrieving pluginfacts
    Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=cdt-dev-cafews-yabinx2.emea1.cis.trcloud]
    Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=cdt-dev-cafews-yabinx2.emea1.cis.trcloud]
    Info: Retrieving plugin
    Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=cdt-dev-cafews-yabinx2.emea1.cis.trcloud]
    Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=cdt-dev-cafews-yabinx2.emea1.cis.trcloud]
    Error: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=cdt-dev-cafews-yabinx2.emea1.cis.trcloud]
    Warning: Not using cache on failed catalog
    Error: Could not retrieve catalog; skipping run
    Error: Could not send report: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=cdt-dev-cafews-yabinx2.emea1.cis.trcloud]
    一般這種情況就是由于某種原因沒有認(rèn)證沒有成功,但它又不會重新認(rèn)證了,所以就報(bào)這個(gè)錯(cuò)誤,解決辦法是到這個(gè)目錄下/etc/puppetlabs/puppet,把生成的ssl文件夾給刪除,讓它重新生成一次key。如果生成一次還沒有成功的話,你要看一下是不是其它地方的問題,然后,要重新重復(fù)上面的步驟,重新生成密鑰。



    眼鏡蛇

    posted on 2016-12-16 17:09 眼鏡蛇 閱讀(1884) 評論(0)  編輯  收藏 所屬分類: JavaPuppet

    <2025年7月>
    293012345
    6789101112
    13141516171819
    20212223242526
    272829303112
    3456789

    導(dǎo)航

    統(tǒng)計(jì)

    常用鏈接

    留言簿(6)

    隨筆分類

    隨筆檔案

    文章分類

    文章檔案

    搜索

    最新評論

    閱讀排行榜

    評論排行榜

    主站蜘蛛池模板: 三年在线观看免费观看完整版中文 | 免费被黄网站在观看| 99久久免费中文字幕精品| av免费不卡国产观看| 国产成人精品免费直播| 亚洲国产精品无码久久一区二区| 亚洲精品在线免费观看视频| 免费在线观看亚洲| 毛片在线播放免费观看| 成人免费激情视频| 亚洲免费视频播放| 中国国语毛片免费观看视频| 久久亚洲AV永久无码精品| 亚洲欧洲av综合色无码| 久久久精品视频免费观看 | 亚洲白色白色在线播放| 男女免费观看在线爽爽爽视频 | 精品国产亚洲一区二区三区| 亚洲最大的成人网站| 美女被cao网站免费看在线看| 亚洲综合国产一区二区三区| 99亚洲男女激情在线观看| 色欲A∨无码蜜臀AV免费播 | 暖暖免费中文在线日本| 无码人妻久久一区二区三区免费丨| 亚洲乳大丰满中文字幕| 免费又黄又爽又猛大片午夜| 国产亚洲精aa成人网站| 亚洲免费视频网站| 亚洲色欲色欱wwW在线| 亚洲性日韩精品一区二区三区| 亚洲中文无码mv| 亚洲成人国产精品| 国产午夜亚洲精品不卡电影| 亚洲熟妇丰满多毛XXXX| 成人免费激情视频| 久久久精品视频免费观看| 亚洲国产av一区二区三区丶| 亚洲福利精品一区二区三区| 99热这里只有精品免费播放| 美女视频黄.免费网址 |