《Puppet实战手册》——1.9　利用Rake引导Puppet运行

本节书摘来自异步社区《Puppet实战手册》一书中的第1章，第1.9节，作者：【英】John Arundel著，更多章节内容可以访问云栖社区“异步社区”公众号查看

1.9　利用Rake引导Puppet运行

如果希望让新的服务器成为Puppet基础设施的一部分，只需要在服务器上面运行几条命令就可以实现，但现在通过为Rakefile添加新引导任务的方式使这一过程更加简单。

准备工作
参考如下步骤，为这个方面做一些准备。

1． 将下面这行添加至Rakefile文件顶部。

REPO = 'git@github.com:bitfield/cookbook.git'
2． 将下面的任务添加至Rakefile文件的任意位置。

desc "Bootstrap Puppet on ENV['CLIENT'] with hostname ENV['HOSTNAME']"
task :bootstrap do
　 client = ENV['CLIENT']
　 hostname = ENV['HOSTNAME'] || client
　 commands = <<BOOTSTRAP 
sudo hostname #{hostname} && \
sudo su - c 'echo #{hostname} >/etc/hostname' && \
wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb && \
sudo dpkg -i puppetlabs-release-precise.deb && \
sudo apt-get update && sudo apt-get -y install git
　 puppet && \
git clone #{REPO} puppet && \
sudo puppet apply --modulepath=/home/ubuntu/puppet
　 /modules /home/ubuntu/puppet/manifests/site.pp
BOOTSTRAP
　 sh "#{SSH} #{client} '#{commands}'"
end

操作步骤
读者需要配置一台新提供的服务器（这是一台可以登录，但没有安装Puppet或做过任何配置变更的服务器）。如果使用EC2，创建一个新的EC2实例。在AWS控制面板获取公网IP地址，就像下面这样：

ec2-107-22-22-159.compute-1.amazonaws.com
使用Rake引导新服务器的步骤如下。

1． 在nodes.pp中为新管理的服务器主机添加节点声明。例如，如果使用cookbook-test作为主机名，参考配置如下：

node 'cookbook-test' {
　 include puppet
}

2． 在自己主机的Puppet仓库目录下运行如下命令（用新服务器IP地址替换CLIENT变量值，使用你希望用的主机名替换HOSTNAME变量值）。这条命令应该在同一行：

$ rake CLIENT=ec2-107-22-22-159.compute-1.amazonaws.com 
HOSTNAME=cookbook-test bootstrap

3． 读者将看到类似以下的输出。

(in /Users/john/git/cookbook)
ssh -A -i ~/git/bitfield/bitfield.pem -l ubuntu ec2-107-22-22-159.compute- 1.amazonaws.com 'sudo hostname cookbook-test && sudo su -c 'echo cookbook-test >/etc/hostname' && wget http://apt.puppetlabs.com/ puppetlabs-release-precise. deb && sudo dpkg -i puppetlabs-release-precise.deb && sudo apt-get update && sudo apt-get -y install git puppet && git clone git@github.com:bitfield/ cookbook.git puppet && sudo puppet apply--modulepath=/home/ubuntu/puppet/ modules /home/ ubuntu/puppet/manifests/site.pp'

The authenticity of host 'ec2-107-22-22-159.compute-1.amazonaws.com 
(107.22.22.159)' can't be established.

RSA key fingerprint is 23:c5:06:ad:58:f3:8d:e5:75:bd:94:6e:1e:a0:a3:a4.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'ec2-107-22-22-159.compute-1.amazonaws.com,
107.22.22.159' (RSA) to the list of known hosts.

sudo: unable to resolve host cookbook-test

--2013-03-15 15:53:44--　http://apt.puppetlabs.com/puppetlabs-release- 
precise.deb

Resolving apt.puppetlabs.com (apt.puppetlabs.com)... 96.126.116.126, 2600:3c00::f03c:91ff:fe93:711a

Connecting to apt.puppetlabs.com (apt.puppetlabs.com)|
96.126.116.126|:80... connected.

HTTP request sent, awaiting response... 200 OK

Length: 3392 (3.3K) [application/x-debian-package]

Saving to: `puppetlabs-release-precise.deb'
　　 0K　　　　　　　　　　　　　　　 100%　302M=0s
2013-03-15 15:53:44 (302 MB/s) - `puppetlabs-release-precise.deb' 
saved [3392/3392]

Selecting previously unselected package puppetlabs-release.
(Reading database ... 25370 files and directories currently installed.)

Unpacking puppetlabs-release (from puppetlabs-release-precise.deb) ...
Setting up puppetlabs-release (1.0-5) ...
Processing triggers for initramfs-tools ...
update-initramfs: Generating /boot/initrd.img-3.2.0-29-virtual
Ign http://us-east-1.ec2.archive.ubuntu.com precise InRelease
[ ... apt output redacted ... ]
Setting up hiera (1.1.2-1puppetlabs1) ...
Setting up puppet-common (3.2.2-1puppetlabs1) ...
Setting up puppet (3.2.2-1puppetlabs1) ...
* Starting puppet agent
puppet not configured to start, please edit /etc/default/puppet to enable
　 ...done.
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
Cloning into 'puppet'...
Warning: Permanently added 'github.com,207.97.227.239' (RSA) to the list of known hosts.
Notice: /Stage[main]/Puppet/Cron[run-puppet]/ensure: created

Notice: /Stage[main]/Puppet/File[/usr/local/bin/pull-updates]/ensure: 
defined content as '{md5}20cfc6cf2a40155d4055d475a109137d'

Notice: /Stage[main]/Puppet/File[/usr/local/bin/papply]/ensure:
defined content as '{md5}171896840d39664c00909eb8cf47a53c'

Notice: /Stage[main]/Puppet/File[/home/ubuntu/.ssh/id_rsa]/ensure: 
defined content as '{md5}db19f750104d3bf4e2603136553c6f3e'

Notice: Finished catalog run in 0.11 seconds

工作原理
下面分解Rake任务是如何工作。为了让机器运行Puppet，需要给它设置主机名。

sudo hostname #{hostname}
sudo echo #{hostname} >/etc/hostname

接下来，从Puppet Labs仓库下载并安装Puppet和Git软件包。

wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb
sudo dpkg -i puppetlabs-release-precise.deb
sudo apt-get update && sudo apt-get -y install git puppet

禁止SSH StrictHostKeyChecking选项，避免脚本克隆Git仓库时发出提示消息。

echo -e \"Host github.com\n\tStrictHostKeyChecking no\n\"
　 >> ~/.ssh/config

从仓库检出配置清单：

git clone #{REPO} puppet
最后，运行Puppet：

sudo puppet apply --modulepath=/home/ubuntu/puppet/modules
　/home/ubuntu/puppet/manifests/site.pp

这台新机器已经能够自动拉取并应用Puppet的变更，不再需要像前面那样登录到机器进行交互操作。读者可以使用这个Rake任务快速部署更多的新机器到Puppet的管控中。