|
3)配置YUM源
- [root@client01 ~]# yum install epel-release -y
-
- [root@client01 ~]# yum install puppet -y #安装puppet客户端
4)修改puppet的配置文件/etc/puppet/puppet.conf
- [root@client01 ~]# vim /etc/puppet/puppet.conf
- [main]
- # The Puppet log directory.
- # The default value is '$vardir/log'.
- logdir = /var/log/puppet
-
- # Where Puppet PID files are kept.
- # The default value is '$vardir/run'.
- rundir = /var/run/puppet
-
- # Where SSL certificates are kept.
- # The default value is '$confdir/ssl'.
- ssldir = $vardir/ssl
- server = master.test.cn #添加puppet master的地址
5)分别在puppetclient01和puppetclient01上进行注册
- [root@client01 ~]# puppet agent --server=master.test.cn --no-daemonize --verbose
- Info: Creating a new SSL key for client01.test.cn
- Info: Caching certificate for ca
- Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
- Info: Creating a new SSL certificate request for client01.test.cn
- Info: Certificate Request fingerprint (SHA256): C1:1F:11:32:53:96:AA:91:16:9F:CE:F2:AD:D2:3F:56:C7:9B:D9:87:5C:F8:2D:30:7D:FE:49:66:46:2A:D9:FC
- Info: Caching certificate for ca
6)查看申请注册的客户端
- [root@master ~]# puppet cert --list
- "client01.test.cn" (SHA256) C1:1F:11:32:53:96:AA:91:16:9F:CE:F2:AD:D2:3F:56:C7:9B:D9:87:5C:F8:2D:30:7D:FE:49:66:46:2A:D9:FC
- "client02.test.cn" (SHA256) 7C:C9:22:59:B2:1E:2B:F5:12:30:4D:88:D9:B1:AF:60:FE:02:65:7
7)对未注册的客户端进行注册
- [root@master ~]# puppet cert sign --all
- Notice: Signed certificate request for client01.test.cn
- Notice: Removing file Puppet::SSL::CertificateRequest client01.test.cn at '/var/lib/puppet/ssl/ca/requests/client01.test.cn.pem'
- Notice: Signed certificate request for client02.test.cn
- Notice: Removing file Puppet::SSL::CertificateRequest client02.test.cn at '/var/lib/puppet/ssl/ca/requests/client02.test.cn.pem'
8)查看已经注册的客户端
- [root@master ~]# ll /var/lib/puppet/ssl/ca/signed/
- 总用量 12
- -rw-r--r--. 1 puppet puppet 1952 8月 6 21:22 client01.test.cn.pem
- -rw-r--r--. 1 puppet puppet 1952 8月 6 21:22 client02.test.cn.pem
- -rw-r--r--. 1 puppet puppet 2021 8月 6 21:06 master.test.cn.pem
此时客户端已经完成证书的请求与签名。
(编辑:核心网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|
