puppet安装以及遇到的问题

puppet是一种Linux、Unix、windows平台的集中配置管理系统，使用自有的puppet描述语言，可管理配置文件、用户、cron任务、软件包、系统服务等。

puppet把这些系统实体称之为资源，puppet的设计目标是简化对这些资源的管理以及妥善处理资源间的依赖关系。

puppet采用C/S星状的结构，所有的客户端和一个或几个服务器交互。

每个客户端周期的（默认半个小时）向服务器发送请求，获得其最新的配置信息，保证和该配置信息同步。

每个puppet客户端每半小时(可以设置)连接一次服务器端, 下载最新的配置文件,并且严格按照配置文件来配置服务器. 配置完成以后,puppet客户端可以反馈给服务器端一个消息. 如果出错,也会给服务器端反馈一个消息.第二，工作原理：puppet既可以在单机上使用,也可以以c/s结构使用.在大规模使用puppet的情况下,通常使用c/s结构.在这种结构中puppet客户端只是指运行puppet的服务器,puppet服务器端是只运行puppetmaster的服务器.puppet客户端首先会连接到puppet服务器端,并且通过facter工具把客户端的基本配置信息发送给服务器端. 服务器端通过分析客户端的主机名,通过node 定义,找到该主机的配置代码,然后编译配置代码,把编译好的配置代码发回客户端,客户端执行代码完成配置.并且把代码执行情况反馈给puppet服务器端.修改系统配置puppet 通过管理资源的方式来管理系统, 例如管理某个软件是否要安装,是安装最新的还是安装了就行. 管理某个服务是否开启, 管理某个文件的属性,内容等等. 所有的资源都有对应的几个属性可以设置. 通过设置属性的方式来管理资源. 有一种特殊的属性可以用在所有的资源上面,这种属性叫做metaparams ( 元参数或者元属性).1) 客户端通过facter收集客户端信息并发送至服务端2) 连接服务端并请求catalog日志3) 请求节点（node）的信息4) 从服务器端接收节点（node)的实例5) 编译代码（包括语法检查等工作）6) 查询是否有exported 虚拟资源7) 如有，则从数据库接收虚拟资源8) 接收完整的catalog日志9) 存储catalog日志到数据库10) 客户端接收完整的catalog日志第三，案例目标：实现文件同步并修改文件所属帐户：测试环境：puppetserver : 10.0.3.170puppet1 : 10.0.3.171第四，安装配置：两台机器都需要安装必要软件：yum install ntp vixie-cron vim-enhanced telnet软件的下载地址：facter:/facter/facter-1.6.17.tar.gz]http://d /facter/facter-1.6.17.tar.gzfacter是一个系统盘点工具，收集主机的一些资料，比如CPU，主机IP等，它收集到值发送给puppet服务器端,服务器端就可以根据不同的条件来对不同的节点机器生成不同的puppet配置文件，安装puppet之前必须先安装facter。

puppet安装配置puppet是一款开源自动化部署工具，下面介绍puppet安装和配置。

1、操作系统:redhat5.3 (64位系统)2、系统架构：192.168.0.200 服务器192.168.0.201 客户端192.168.0.202 客户端3、安装ruby.(安装puppet先决条件服务端和客户端都要安装)#rpm –Uvh/pub/epel/5/x86_64/epel-release-5-4.noarch.r pm#yum -y install mysql* ruby-mysql ruby ruby-devel ruby-irb ruby-rdoc ruby-ri安装ruby 1.8.2以上版本，但不要安装1.87以上版本。

还不支持。

4、服务端安装(1)安装Facter 用来获取客户端系统信息（如hostname,ip,OS-version,fqdn 等）采用源码安装#cd /usr/local/src#wget /downloads/facter/facter-latest.tgz下载最新稳定版facter#tar -xvzf facter-latest.tgz#cd facter-latest#ruby install.rb 安装#cd ../(2)安装puppet#wget /downloads/puppet/puppet-latest.tgz下载最新稳定版puppet。

#cd puppet-*#ruby install.rb安装#mkdir /etc/puppet#cp conf/auth.conf /etc/puppet/#cp conf/namespaceauth.conf /etc/puppet/#cp conf/redhat/puppet.conf /etc/puppet/#cp conf/redhat/server.init /etc/init.d/puppetmaster#chmod +x /etc/init.d/puppetmaster5、客户端安装和服务端安装方法一样。

Puppet部署1.Puppet服务器端部署Puppet服务器端可以安装于常见的Linux发行版本中，本例操作系统为CentOS5.564位。

主机名设置为Puppet的安装方式支持源码安装、yum和ruby的gem包安装，CentOS可以直接使用yum来安装，CentOS的默认源中没有puppet，需要先安装EPEL包。

Tips：什么是EPELEPEL（/wiki/EPEL）是由Fedora社区打造，为RHEL及衍生发行版如CentOS、Scientific Linux等提供高质量软件包的项目。

安装过程如下：2.Puppet客户端安装Puppet服务器端对客户端的管理是基于主机名的，所以在安装之前需要为客户端设置唯一的主机名，主机名命令最好能体现出主机的机房、业务系统名称及IP信息。

客户端安装的过程如下：3.证书分发Puppet客户端与服务器端是通过SSL隧道通信的，客户端安装完成后，需要向服务器端申请证书：3.1客户端首次连接服务器端发起证书申请：客户端如出现以下错误，请检查puppet服务器端和客户端的/etc/hosts文件是否有设置彼此3.2服务器端查看申请证书的客户端3.3服务器端为特定的主机颁发证书3.4客户端运行3.5服务器端撤销和清除证书3.6执行3.5操作后请务必重启puppetmaster3.7D ebug调试4.P uppet目录结构安装目录默认为/etc/puppet，该目录下的manifests存放manifest文件5.P uppet使用简介5.1文件分发5.2文件执行5.3自动同步5.4强制同步（服务器端发起）编辑服务器端和客户端文件/etc/puppet/namespaceauth.conf5.5crontab管理参考：/category/puppet/projects/1/wiki/Certificates_And_Security /guides/language_guide.html/system/linux/puppet-man.html/p/puppet-manifest-share/downloads/list/s/blog_505fbe360100y79s.html/tag/puppetrun//cluster-managemant/puppet/注：。

Puppet 运维自动化随着互联网行业发展，运维工程师(ops/devops)的职位也变的越来越具挑战性，作为一个运维工程师要照顾到从硬件到软件，从基础架构到应用层业务的方方面面。

日常运维工作纷繁复杂，占用了大量工作时间,大量重复性劳动严重打击运维工程师的积极性，而且极易出错。

如何实现对日常工作的自动化变的越来越迫在眉睫。

本课程主要讲解自动化配置管理软件Puppet及其相关的组件，希望能帮助陷于沉重日常重复劳动的运维工程师们解放出来，把精力在更有价值，更有挑战的工作上面。

课程大纲：第一课：Puppet 入门介绍目前存在多个不同的配置管理软件，各有优劣，本届课程做简要介绍对比，讲解puppet基本原理和入门知识。

课程内容：运维自动化软件简要介绍和对比Puppet安装（master／agent，standalone模式），升级，主要配置选项简要介绍，支持系统和平台，Ruby环境依赖（RVM简要介绍）。

基本工作原理，编译和catalogs。

核心配置文件。

puppet的第一个基本配置文件。

第二课：Puppet基本命令和语法puppet实现了自己的DSL，本节课讲解puppet的语法。

课程内容：puppet基本命令语法风格。

保留关键字，命名规范变量(作用域)，数据类型表达式，条件语句functions（函数／方法）检查puppet配置的命令。

第三课：资源和资源类型puppet的资源是整个puppet配置最为核心的地方，puppet对整个系统的管理主要依赖于资源实现。

本节课程讲解puppet资源和资源类型。

课程内容：介绍RAL(Puppet’s resource abstraction layer)，types和providers。

讲解puppet资源和资源类型，核心资源类型。

获取当前系统的存在资源和资源类型，manifest，并创建自己的puppet资源配置文件。

资源顺序 ordering(元参数，order关键字， stage，auto－order)。

Puppet系统安装运维手册1安装配置 (1)1.1版本信息 (1)1.2服务器安装 (1)1.2.1锁定YUM安装版本(如果需要安装旧版) (1)1.2.2安装配置Puppet-server (1)1.2.3安装Foreman (2)1.3客户端安装 (5)2管理服务 (9)2.1Puppet-Server (9)2.2Foreman (9)2.3Foreman-Proxy (9)3修改记录 (10)1安装配置1.1版本信息操作系统：CentOS5.X 64bit1.2服务器安装1.2.1锁定YUM安装版本(如果需要安装旧版)1.2.1.1安装yum-versionlock1.2.2安装配置Puppet-server1.2.2.1安装1.2.3 安装Foreman 1.2.3.1 安装Mysql-Server1.2.3.3安装foremanvi /usr/lib/ruby/site_ruby/1.8/puppet/reports/foreman.rb初始化admin口令安装foreman-proxy1.2.3.4登录foreman，右侧more→Smart-Proxies菜单中新增proxy，name：puppet-master主机名url：http:// puppet-master:84431.3客户端安装1.3.1Puppet-clinet客户端安装双击ruby186-27_rc2.exe进行ruby的安装配置puppet.conf ，将里面的内容替换为Labs\Puppet\bin 目录下。

上面的命令。

在运行链接时报下面的错误，这种情况是由于前面已经签名过，进行第二次的签名。

添加随机启动文件runpuppet.bat 到：C:\Program Files\Puppet Labs\Puppet\bin ，并将该文件添加到系统计划任务中，设置为随系统启动执行。

Puppet client 文件以及脚本列表Labs\Puppet\facter\lib\facter文件目录下面的XSpeed建库_v1.0.0.1.bat改名为XspeedSqlUpdate.bat(这是因为puppet不识别中文)2管理服务2.1Puppet-Server2.2Foreman2.3Foreman-Proxy第10页 3 修改记录。

Windows下Node爬⾍神器Puppeteer安装记对于爬⾍，相信⼤家并不陌⽣。

当希望得到⼀些⽹站的数据并做⼀些有趣的事时，必不可少要爬取⽹页，⽤到爬⾍。

⽽⽬前⽹络上也有很多爬⾍的教程资料，不过⼜尤以python语⾔居多。

想来⾃⼰是做web的，就希望以js的⽅式解决问题，于是希望利⽤nodejs。

今天介绍⼀款node的爬⾍利器：。

Puppeteer正如其名“⽊偶”，它允许我们像牵线⽊偶⼀样操纵它。

它是⼀个建⽴在上的提供控制⽆头Chrome或Chromium的⾼级接⼝的Node库。

官⽹上对其应⽤举了⼏个例⼦：- ⽣成⽹页的截屏（⽬前仅⽀持⽀持jpeg、png格式）和pdf⽂件- 爬取SPA和异步渲染⽹页- ⾃动表单提交、键盘输⼊、UI测试等- 创建最新的⾃动测试环境，也就是说可以使⽤最新的浏览器特性- 捕获站点的时间线以帮助分析性能问题Puppeteer本质上是⼀个headless chrome。

⽆头浏览器，相信如果⼤家做爬⾍肯定有所⽿闻。

其实就是⼀个没有UI界⾯的浏览器，它包含了浏览器应该具有的功能，通常做web测试⽤，不过做爬⾍也是没问题的。

就提供这样的功能，基于webkit内核，已经有好⼏年历史了。

不过因为Puppeteer有背景（⾕歌Chrome团队开发），我最后还是选择了Puppeteer。

它们之间的不同点是后者只关注于Chromium或Chrome。

这也导致了最坑的⼀点是总是绑定最新版本的Chromium。

上⾯说到Puppeteer会绑定最新版本的Chromium，这意味着每次使⽤npm i puppeteer安装使⽤它时都会下载最新版本的Chromium，该版本在Windows上⼤约是130Mb。

本来下载npm包就很不易，还要下载⼀个⼀百多兆的东西更是难上加难了。

当然可以使⽤cnpm，下图是我下载的⼀个界⾯。

可以看到下载了55分钟，这固然有我⽹络慢的问题，但是能不下载Chromium就尽量不下载了吧。

Puppet安装文档一．什么是puppet?puppet是一个开源的新一代集中化配置管理工具，它由自己所声明的语言表达系统配置，通过客户端与服务端之间的连接，维护着关系库。

可管理配置文件、用户、Cron、软件包、系统服务等，puppet把这些统称为“资源”。

Puppet的设计目标就是简化对这些资源的管理以及妥善处理资源之间的依赖关系。

二．Puppet组织结构|--Auth.conf #ACL权限控制文件|--Fileserver.conf #文件服务配置文件|--Manifests #节点存储目录（puppet会首先加载site.pp）| --Site.pp #定义puppet变量及默认配置|--Modules #模块目录| --Nginx #以Nginx为例| |--Manifests| --Init.pp #模块主配置文件，定义class相关信息。

读取模块后先读取它| |--Templates| --Nginx.conf.erb #模板配置文件（erb为主）|--Namespaceauth.conf #命名空间配置文件（配置权限）|--Puppet.conf #puppet主配置文件|--tagmail.conf #邮件报告配置文件三．Puppet安装与配置1.设置主机名，域名解析或指定hosts文件将服务端、客户端的域名--IP地址写入hosts文件#服务器端hosts文件#192.168.30.211 puppet-server2.puppet需Ruby支持yum -y install ruby ruby-libs ruby-shadow3.安装facter puppet puppet-server#Centos 5.XWget /puppetlabs-release-el-5.noarch.rpmrpm -ivh puppetlabs-release-el-5.noarch.rpm#Centos 6.Xwget /puppetlabs-release-el-6.noarch.rpmrpm -ivh puppetlabs-release-el-6.noarch.rpmyum clean all#服务端安装yum -y install facter puppet-server#客户端安装yum -y install puppet facter(客户端安装)4.启动puppet/etc/init.d puppetmaster start或/etc/init.d/puppet start(客户端启动)5.检查安装版本：Ruby -vPuppet -VFacter -v6.配置puppet#服务端a)Vi /etc/puppet/puppet.conf #添加一行服务端主机名[master]server = certname = #客户端b) 客户端向服务端请求证书Vi /etc/puppet/puppet.conf #添加一行服务端主机名#server = c)#客户端Puppet agent --test #客户端执行,请求证书签名认证#服务端对客户端证书签名：Puppet cert --list #查看所有客户端请求证书签名Puppet cert sign agent.pip.co #同意单个客户端证书签名请求puppet cert sign --all #同意所有客户端证书签名请求四．各类资源常用属性参数：1.文件资源a)Ensure:默认为目录或文件，需声明，值可以为absent(删除)，文件file，目录directory,文件present（检查文件是否存在，不存在则创建）b)Content:文件内容，与source和target属性互斥c)Force：强制删除文件、软链接及目录d)Owner：用户名及用户IDe)Group：指定该文件的用户组，可以是组名或Gidf)Link：软链接g)Mode：文件权限配置h)Path：文件路径，必须用双引号i)Targe：当文件类型为link时，需使用target指定目标文件j)Type：只读状态检查文件类型2.用户资源a)Ensure:默认属性，指定用户是否存在，创建用户使用present，删除用户使用absentb)Allowupe:是否允许使用同一uid，值为true or falsec)Comment:对用户的描述d)Expiry：过期时间e)Gid：该用户的用户组gid，可以是数字及组名f)Groups：指定该用户属于哪些组，有多个组建议使用数组，如[ …g1‟,‟g2‟ ]g)Home:用户家目录h)Shell：登陆时指定登陆Shell,不支持windowsi)Uid:指定用户uid，不指定则自动选择j)Password：指定用户密码，填写已使用sha1加密过的字符串，一般复制/etc/shadow 文件中用户对应的密码k)Managehome:是否创建用户家目录，值为true or false3.用户组资源a)Ensure:默认属性，创建present，删除absentb)Name：组名c)Allowupe：是否允许使用同一gidd)Gid：用户组gid，不指定则自动选择e)Members：用户组成员4.服务管理a)Ensure：服务状态，运行为true，停止为falseb)Enable：是否设置为开机启动，值为true或falsec)Hasrestart：指出管理脚本是否支持restart参数，如不支持则使用stop/start实现restart效果，值为true或falsed)Hasstatus：指出管理脚本是否支持status参数，值为true或falsee)Name：服务名称f)Path：指定查找init脚本的路径g)Restart：重启命令，可指定h)Start：启动命令，可指定i)Status:状态命令，可指定j)Stop：停止命令，可指定5.执行命令a)Command:执行的命令，必须是完整合法的命令b)Creates：指定命令生成文件，只会在所指定的文件不存在的情况下才执行c)Cwd：指定命令执行的当前目录，如不存在则执行失败d)Path:执行命令的搜索路径e)Group：运行命令的组f)Onlyif:参数中设置的命令返回0才执行g)Refreshonly：该参数可以使命令变成仅刷新触发h)Tires：命令尝试执行次数i)Timeout：命令执行超时时间j)Unless：结束代码k)User：执行命令的用户6.软件资源a)Ensure:设置软件包安装状态。

Puppet3.1Master Client安装测试一，测试环境Master端#uname -aLinux 2.6.32-279.22.1.el6.centos.plus.x86_64 #1 SMP Wed Feb 6 05:16:56 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux#cat /etc/redhat-releaseCentOS release 6.3 (Final)]#cat /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4::1 localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.234.135 master 192.168.234.134 client #cat /etc/resolv.conf# Generated by NetworkManagerdomain localdomainsearch nameserver 192.168.234.2client端# uname -aLinux 2.6.18-308.el5 #1 SMP Tue Feb 21 20:06:06 EST 2012 x86_64 x86_64 x86_64 GNU/Linux# cat /etc/redhat-releaseCentOS release 5.8 (Final)[root@client C]# cat /etc/hosts127.0.0.1 localhost.localdomain localhost::1 localhost6.localdomain6 localhost6192.168.234.134 client 192.168.234.135 master # cat /etc/resolv.conf; generated by /sbin/dhclient-scriptsearch nameserver 192.168.234.2二，Master端安装1,下载安装puppet.repo安装包#wget /el/6/products/x86_64/puppetlabs-release-6-7.noarch.rpm、#ls /etc/yum.repos.d/puppetlabs.repo/etc/yum.repos.d/puppetlabs.repo18:12:07 root@master (~) [335]#cat /etc/yum.repos.d/puppetlabs.repo[puppetlabs-products]name=Puppet Labs Products El 6 - $basearchbaseurl=/el/6/products/$basearchgpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabsenabled=1gpgcheck=1[puppetlabs-deps]name=Puppet Labs Dependencies El 6 - $basearchbaseurl=/el/6/dependencies/$basearchgpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabsenabled=1gpgcheck=1[puppetlabs-devel]name=Puppet Labs Devel El 6 - $basearchbaseurl=/el/6/devel/$basearchgpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabsenabled=0gpgcheck=1[puppetlabs-products-source]name=Puppet Labs Products El 6 - $basearch - Sourcebaseurl=/el/6/products/SRPMSgpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabsfailovermethod=priorityenabled=0gpgcheck=1[puppetlabs-deps-source]name=Puppet Labs Source Dependencies El 6 - $basearch - Sourcebaseurl=/el/6/dependencies/SRPMSgpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabsenabled=0gpgcheck=1[puppetlabs-devel-source]name=Puppet Labs Devel El 6 - $basearch - Sourcebaseurl=/el/6/devel/SRPMSgpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabsenabled=0gpgcheck=12，在master 上安装和启用puppet 服务：由于软件自身依赖关系会自动安装ruby，facter 等软件# yum install puppet-server# chkconfig puppetmaster on# service puppetmaster startStarting puppetmaster: [ O K ]三，Client端安装由于clietn端是CentOS5.8所以puppet.repo源要改变下，改成5的1，下载安装puppet.repo安装包#wget /el/5/products/x86_64/puppetlabs-release-5-7.noarch.rpm#yum –y install puppetlabs-release-5.7.noarch.rpm安装报错error: rpmts_HdrFromFdno: Header V4 RSA/SHA1 signature: BAD, key ID 4bd6ec30报错解决方法# gpg --recv-key 4bd6ec30gpg: requesting key 4BD6EC30 from hkp server gpg: /root/.gnupg/trustdb.gpg: trustdb createdgpg: key 4BD6EC30: public key "Puppet Labs Release Key (Puppet Labs Release Key) <info@>" importedgpg: no ultimately trusted keys foundgpg: Total number processed: 1gpg: imported: 1 (RSA: 1)# gpg -a --export 4bd6ec30 >/opt/key.txt# cat /opt/key.txt-----BEGIN PGP PUBLIC KEY BLOCK-----Version: GnuPG v1.4.5 (GNU/Linux)mQINBEw3u0ABEAC1+aJQpU59fwZ4mxFjqNCgfZgDhONDSYQFMRnYC1dzBpJHzI6bfUBQeaZ8rh6N4kZ+wq1eL86YDXkCt4sCvNTP0eF2XaOLbmxtV9bdpTIBep9bQiKg5iZaz+brUZlFk/MyJ0Yz//VQ68N1uvXccmD6uxQsVO+gx7rnarg/BGuCNaVtGwy+S98g8Begwxs9JmGa8pMCcSxtC7fAfAEZ02cYyrw5KfBvFI3cHDdBqrEJQKwKeLKYGHK3+H1TM4ZMxPsLuR/XKCbvTyl+OCPxU2OxPjufAxLlr8BWUzgJv6ztPe9imqpHPpp3KuLFNorjPqWY5jSgKl94W/CO2x591e++a1PhwUn7iVUwVVe+mOEWnK5+Fd0v VMQebYCXS+3dNf6gxSvhz8etpw20T9Ytg4EdhLvCJRV/pYlqhcq+E9le1jFOHOc0Nc5FQweUtHGaNVyn8S1hvnvWJBMxpXq+Bezfk3X8PhPT/l9O2lLFOOO08jo0OYiI wrjhMQQOOSZOb3vBRvBZNnnxPrcdjUUm/9cVB8VcgI5KFhG7hmMCwH70tpUWcZCNNlI1wj/PJ7Tlxjy44f1o4CQ5FxuozkiITJvh9CTg+k3wEmiaGz65w9jRl9ny2gElf4CR5+ba+w2dpuDeMwiHJIs5JsGyJjmA5/0xytB7QvgMs2q25vWhygsmUQARAQAB tEdQdXBwZXQgTGFicyBSZWxlYXNlIEtleSAoUHVwcGV0IExhYnMgUmVsZWFzZSBL ZXkpIDxpbmZvQHB1cHBldGxhYnMuY29tPokBHAQQAQIABgUCTDfARgAKCRAhWv5Q5BRwMq8TCACgG44+c+KgHBinygdU9Oj/r1wmfXbbmR+tpRgZ5sJytHC6gp3wjKFH XrmddgmYPzKsAUGTxJxRUqxD+lKeo2sEKuXNAPo1C+4hZUV6Ah2N1qytZfpLOP43U6WVvMgluQTl6jRaMIwQolUj8ZNjYCdNZQCbfo8tALkedIBPKSrDF5kOwn+zxFyR3v5A3mwFXK0bepvjlDuMsmktwk7opgfivP1mA3svPLIZu70PKk+u6UAMb06svt6V SewYMbgTUzw+SCT1e/0xEpqjUqNgsPnPE6hW116goRB2cz6VYwmKfVe+ioljsVMMmTqj5xWqoeR0ov6yCyxwVVCWOAIR3QSAiQIcBBABCAAGBQJM+UDpAAoJEFwT1tuTBS4DF1gP/jQXEB40JgHLGSv9dFPSAVP40KM+6o9YIzm1/Y0iFJqle1vb7fZZsB8PNV+paMLQbRGdAG9769yOljj+sm7hUogMYhPwK2co4jIRxdM0U56GLrnE7jKlp6IE9JveKnc/Sh/WJlkNCs0cxblVzIvVz49ZP/p7FdIax4+07/z21zqa6mpm0LTl/llc biOzAwXRTpDmzdLS0btj6hCEo0UlLiwfisd7WjkLErA1FLOpxwDSGm0rLcwdRnb7N4fO5F1FYaNvatSJXGci888EbEXYkeEHgRGEaBtPFFnrBlt1bToE4TyvukatSlR8LD9ZFPeAZckekY87MUC+vdeXtVwNQpNWYhqOel3dKjIPW3Zey8mVJAE5ZtWK5wd28ThIgpDvu8EtGVkihddVvpa7tWr55CzXJuPAY6GecqPPyWVdwycvPM3zpJOmM3io ZNdDL8T353JQ/WxefdFHBv5mR0jvubVhj3lBE2Ab+GqHvsi5ZaDUy1NKBCc/4XbuZ+jT/nbaE5uF0B7vdU7e20Q+KuJbLu3DdtL11o/ZMBVtjIWqS+m2QFvU5dFRLOpS5aMGZnflSVeMpCwZ5QeU6ISHzhqid0X3QDuDHRf+S00g9Gt8IaQclwO74dWdHvEqT4XSpv37+kYuJPeup5BOvx9ixvjEsdPu4SDWBUUHWDSR35FAfNXviQI+BBMBAgAo AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCT/Hk+gUJC0gyOgAKCRAQVLeiS9bsMAgpD/0e9nJ/4sdVKQKT3YpvqBySeKKff7mijPruFKvyaIYF8rh6hypDQftt21aMAgvNH8gFjTGPo4cqFg/aTxMtztCFCO3R1Gk2Rf4i2ifYBmvJXu9QAOt5jPjgHRs+aGIT4svjoRPkhOEsq78p+KHOQQQFr3+3Xvz5073MIzbGxdqIOEw7FUTfaBe9Jko/eGa+cr8V3KVRjeda0952v6UekEugcZo8ftyMj4wQS6BTegAnSOmrdXyfjDSM irZXvvB+ZsP1vIhXt1dzECnNyIr56TClA1AxJpx67EuVNkpx1KqjT+qZLYDzrdhlDRkF75fJ/k4jff7L4yvL6+Xout7ZV8+be52BHXQTi1Zcn1DYKYb7M09a3vdTUUPvEEjs8+86XLMJfhAmHLYWf9+/No2Menj8VKILDQe9fTV6lx6uzK6ffHE+REiPDBEz2bkwnSjiGE99r3vOJtdKHxdcGeiwFDF6DqcSdvbp6itVBuobHSu679babn8mlR9ESwWY04FRuLzGUo1LkJnKkfdmHzwRmJMWiU4wSH6FPqzSXrOcEAYZnib9SdpybnIM eaDu6cKTgnJWilDYocyiobzzp6W76ubQBKSHKoECT2xYqm0yXc0eJhNET+b1UCS6 BUgHamL7y7zh/5qfgeaXjGXKKOBi7Tmmo2+ctHIkMt3rWG+IsLwZhYkCPgQTAQIA KAUCTDe7QAIbAwUJA8JnAAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQEFS3 okvW7DAZaw//aLmE/eobpXpIUVyCUWQxEvPtM/h/SAJsG3KoHN9u216ews+UHsL/7F91ceVXQQdD2e8CtYWFeLNM0RSM9i/KM60g4CvIQlmNqdqhi1HsgGqInZ72/XLAXun0gabfC36rLww2kel+aMpRf58SrSuskY321NnMEJl4OsHV2hfNtAIgw2e/zm9R hoMpGKxoHZCvFhnP7u2M2wMq7iNDDWb6dVsLpzdlVf242zCbubPCxxQXOpA56rzk UPuJ85mdVw4i19oPIFIZVL5owit1SxCOxBg4b8oaMS36hEl3qtZG834rtLfcqAmqjhx6aJuJLOAYN84QjDEU3NI5IfNRMvluIeTcD4Dt5FCYahN045tW1Rc6s5GAR8RW45GYwQDzG+kkkeeGxwEhqCW7nOHuwZIoVJufNhd28UFn83KGJHCQt4NBBr3K5TcY6bDQEIrpSplWSDBbd3p1IaoZY1WSDdP9OTVOSbsz0JiglWmUWGWCdd/CMSW/D7/3 VUOJOYRDwptvtSYcjJc81UV+1zB+rt5La/OWe4UOORD+jU1ATijQEaFYxBbqBBkF boAEXq9btRQyegqk+eVpHhzacP5NYFTMThvHuTapNytcCso5au/cMywqCgY1DfcM Jyjocu4bCtrAd6w4kGKNMUdwNDYQulHZDI+UjJInhramyngdzZLjdeE==i8vT-----END PGP PUBLIC KEY BLOCK-----# rpm --import /opt/key.txt# yum -y install puppetlabs-release-5-7.noarch.rpmLoaded plugins: aliases, allowdowngrade, changelog, downloadonly, fastestmirror, filter- : data, kernel-module, keys, kmod, list-data, merge-conf, priorities,: protect-packages, protectbase, refresh-updatesd, security, tmprepo,: tsflags, upgrade-helper, verify, versionlockLoading mirror speeds from cached hostfile* Base: Skipping filters plugin, no data0 packages excluded due to repository protectionsReading version lock configurationSetting up Install ProcessExamining puppetlabs-release-5-7.noarch.rpm: puppetlabs-release-5-7.noarchMarking puppetlabs-release-5-7.noarch.rpm to be installedResolving DependenciesSkipping filters plugin, no data--> Running transaction check---> Package puppetlabs-release.noarch 0:5-7 set to be updated--> Finished Dependency ResolutionDependencies Resolved=============================================================================== =========Package Arch Version Repository Size=============================================================================== =========Installing:puppetlabs-release noarch 5-7 /puppetlabs-release-5-7.noarch 2.9 kTransaction Summary=============================================================================== =========Install 1 Package(s)Upgrade 0 Package(s)Total size: 2.9 kDownloading Packages:Running rpm_check_debugRunning Transaction TestFinished Transaction TestTransaction Test SucceededRunning TransactionInstalling : puppetlabs-release 1/1Installed:puppetlabs-release.noarch 0:5-7Complete!2，安装puppet[root@client ~]# yum install puppetLoaded plugins: aliases, allowdowngrade, changelog, downloadonly, fastestmirror, filter- : data, kernel-module, keys, kmod, list-data, merge-conf, priorities,: protect-packages, protectbase, refresh-updatesd, security, tmprepo,: tsflags, upgrade-helper, verify, versionlockLoading mirror speeds from cached hostfile* Base: Skipping filters plugin, no data0 packages excluded due to repository protectionsReading version lock configurationSetting up Install ProcessResolving DependenciesSkipping filters plugin, no data--> Running transaction check---> Package puppet.noarch 0:3.1.1-1.el5 set to be updated--> Processing Dependency: ruby(abi) >= 1.8 for package: puppet--> Processing Dependency: ruby >= 1.8.7 for package: puppet--> Processing Dependency: facter >= 1.6.11 for package: puppet--> Processing Dependency: hiera >= 1.0.0 for package: puppet--> Processing Dependency: ruby-augeas for package: puppet--> Processing Dependency: libselinux-ruby for package: puppet--> Processing Dependency: ruby-shadow for package: puppet--> Processing Dependency: /usr/bin/ruby for package: puppet--> Running transaction check---> Package facter.x86_64 1:1.7.0-1.el5 set to be updated---> Package hiera.noarch 0:1.2.1-1.el5 set to be updated--> Processing Dependency: rubygem-json for package: hiera---> Package libselinux-ruby.x86_64 0:1.33.4-5.7.el5 set to be updated---> Package ruby.x86_64 0:1.8.7.370-1.el5 set to be updated---> Package ruby-augeas.x86_64 0:0.4.1-1 set to be updated--> Processing Dependency: augeas-libs >= 0.8.0 for package: ruby-augeas--> Processing Dependency: libaugeas.so.0(AUGEAS_0.8.0)(64bit) for package: ruby-augeas --> Processing Dependency: libaugeas.so.0(AUGEAS_0.11.0)(64bit) for package: ruby-augeas --> Processing Dependency: libaugeas.so.0(AUGEAS_0.10.0)(64bit) for package: ruby-augeas --> Processing Dependency: libaugeas.so.0(AUGEAS_0.1.0)(64bit) for package: ruby-augeas --> Processing Dependency: libaugeas.so.0(AUGEAS_0.12.0)(64bit) for package: ruby-augeas --> Processing Dependency: libaugeas.so.0()(64bit) for package: ruby-augeas---> Package ruby-libs.x86_64 0:1.8.7.370-1.el5 set to be updated---> Package ruby-shadow.x86_64 0:1.4.1-7 set to be updated--> Running transaction check---> Package augeas-libs.x86_64 0:0.10.0-3 set to be updated---> Package rubygem-json.x86_64 0:1.5.5-1.el5 set to be updated--> Processing Dependency: rubygems for package: rubygem-json--> Running transaction check---> Package rubygems.noarch 0:1.3.7-1.el5 set to be updated--> Processing Dependency: ruby-rdoc for package: rubygems--> Running transaction check---> Package ruby-rdoc.x86_64 0:1.8.7.370-1.el5 set to be updated--> Processing Dependency: irb = 1.8.7.370-1.el5 for package: ruby-rdoc--> Running transaction check---> Package ruby-irb.x86_64 0:1.8.7.370-1.el5 set to be updated--> Finished Dependency ResolutionDependencies Resolved=============================================================================== =========Package Arch Version Repository Size=============================================================================== =========Installing:puppet noarch 3.1.1-1.el5 puppetlabs-products 959 kInstalling for dependencies:augeas-libs x86_64 0.10.0-3 puppetlabs-deps 376 kfacter x86_64 1:1.7.0-1.el5 puppetlabs-products 84 khiera noarch 1.2.1-1.el5 puppetlabs-products 20 klibselinux-ruby x86_64 1.33.4-5.7.el5 Base 61 kruby x86_64 1.8.7.370-1.el5 puppetlabs-deps 378 kruby-augeas x86_64 0.4.1-1 puppetlabs-deps 22 kruby-irb x86_64 1.8.7.370-1.el5 puppetlabs-deps 343 kruby-libs x86_64 1.8.7.370-1.el5 puppetlabs-deps 2.2 Mruby-rdoc x86_64 1.8.7.370-1.el5 puppetlabs-deps 410 kruby-shadow x86_64 1.4.1-7 puppetlabs-deps 10 krubygem-json x86_64 1.5.5-1.el5 puppetlabs-depsrubygems noarch 1.3.7-1.el5 puppetlabs-deps 217 kTransaction Summary=============================================================================== =========Install 13 Package(s)Upgrade 0 Package(s)Total download size: 5.7 MIs this ok [y/N]: yDownloading Packages:(1/13): ruby-shadow-1.4.1-7.x86_64.rpm | 10 kB 00:00 (2/13): hiera-1.2.1-1.el5.noarch.rpm | 20 kB 00:00 (3/13): ruby-augeas-0.4.1-1.x86_64.rpm | 22 kB 00:00 (4/13): libselinux-ruby-1.33.4-5.7.el5.x86_64.rpm | 61 kB 00:00(5/13): facter-1.7.0-1.el5.x86_64.rpm | 84 kB 00:00(6/13): rubygems-1.3.7-1.el5.noarch.rpm | 217 kB 00:02 (7/13): ruby-irb-1.8.7.370-1.el5.x86_64.rpm | 343 kB 00:05(8/13): augeas-libs-0.10.0-3.x86_64.rpm | 376 kB 00:10(9/13): ruby-1.8.7.370-1.el5.x86_64.rpm | 378 kB 00:04(10/13): ruby-rdoc-1.8.7.370-1.el5.x86_64.rpm | 410 kB 00:04(11/13): rubygem-json-1.5.5-1.el5.x86_64.rpm | 773 kB 00:13(12/13): puppet-3.1.1-1.el5.noarch.rpm | 959 kB 00:12(13/13): ruby-libs-1.8.7.370-1.el5.x86_64.rpm | 2.2 MB 00:31----------------------------------------------------------------------------------------------------------------------------- Total57 kB/s | 5.7 MB 01:42Running rpm_check_debugRunning Transaction TestFinished Transaction TestTransaction Test SucceededRunning TransactionInstalling : ruby-libs 1/13Installing : rubyInstalling : ruby-shadow 3/13Installing : augeas-libs 4/13Installing : ruby-augeas 5/13Installing : libselinux-ruby 6/13Installing : ruby-irb 7/13Installing : ruby-rdoc 8/13Installing : rubygems 9/13Installing : rubygem-json 10/13Installing : hiera 11/13Installing : facter 12/13Installing : puppet 13/13Installed:puppet.noarch 0:3.1.1-1.el5Dependency Installed:augeas-libs.x86_64 0:0.10.0-3 facter.x86_64 1:1.7.0-1.el5 hiera.noarch 0:1.2.1-1.el5libselinux-ruby.x86_64 0:1.33.4-5.7.el5 ruby.x86_64 0:1.8.7.370-1.el5 ruby-augeas.x86_64 0:0.4.1-1ruby-irb.x86_64 0:1.8.7.370-1.el5 ruby-libs.x86_64 0:1.8.7.370-1.el5 ruby-rdoc.x86_64 0:1.8.7.370-1.el5ruby-shadow.x86_64 0:1.4.1-7 rubygem-json.x86_64 0:1.5.5-1.el5 rubygems.noarch 0:1.3.7-1.el5Complete!#service puppet startStarting puppet agent: [ OK ]#chkconfig puppet on四，Master,Client连接测试,我是一步步测试，根据出现问题再拍错然后解决1，客户端执行puppet agent -t --debug --server 其中-t 是—test 的缩写，--debug可以列出debug信息，--server接Master的FQDN名其他参数都不明白，故没有写上，可以看到在结尾处有错误信息，后面有排错方法# puppet agent -t --debug --server Debug: Using settings: adding file resource 'client_datadir': 'File[/var/lib/puppet/client_data]{:backup=>false, :loglevel=>:debug, :links=>:follow,:mode=>"750", :path=>"/var/lib/puppet/client_data", :ensure=>:directory}'Debug: Puppet::Type::User::ProviderPw: file pw does not existDebug: Failed to load library 'ldap' for feature 'ldap'Debug: Puppet::Type::User::ProviderLdap: feature ldap is missingDebug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dsimport does not existDebug: Puppet::Type::User::ProviderUser_role_add: file rolemod does not existDebug: Using settings: adding file resource 'hostpubkey': 'File[/var/lib/puppet/ssl/public_keys/.pem]{:backup=>false, :loglevel=>:debu g,:owner=>"puppet", :links=>:follow, :mode=>"644", :path=>"/var/lib/puppet/ssl/public_ keys/.pem", :ensure=>:file}'Debug: Using settings: adding file resource 'statedir': 'File[/var/lib/puppet/state]{:backup=>false, :loglevel=>:debug, :links=>:follow, :mode=>"175 5",:path=>"/var/lib/puppet/state", :ensure=>:directory}'Debug: Using settings: adding file resource 'confdir': 'File[/etc/puppet]{:backup=>false, :loglevel=>:debug, :links=>:follow, :path=>"/etc/puppet",:ensure=>:directory}'Debug: Using settings: adding file resource 'publickeydir': 'File[/var/lib/puppet/ssl/public_keys]{:backup=>false, :loglevel=>:debug, :owner=>"puppet",:links=>:follow, :path=>"/var/lib/puppet/ssl/public_keys", :ensure=>:directory}'Debug: Using settings: adding file resource 'privatedir': 'File[/var/lib/puppet/ssl/private]{:backup=>false, :loglevel=>:debug, :owner=>"puppet",:links=>:follow, :mode=>"750", :path=>"/var/lib/puppet/ssl/private", :ensure=>:director y}'Debug: Using settings: adding file resource 'plugindest': 'File[/var/lib/puppet/lib]{:backup=>false, :loglevel=>:debug, :links=>:follow,:path=>"/var/lib/puppet/lib", :ensure=>:directory}'Debug: Using settings: adding file resource 'clientbucketdir': 'File[/var/lib/puppet/clientbucket]{:backup=>false, :loglevel=>:debug, :links=>:follow,:mode=>"750", :path=>"/var/lib/puppet/clientbucket", :ensure=>:directory}'Debug: Using settings: adding file resource 'certdir': 'File[/var/lib/puppet/ssl/certs]{:backup=>false, :loglevel=>:debug, :owner=>"puppet", :links= >:follow,:path=>"/var/lib/puppet/ssl/certs", :ensure=>:directory}'Debug: Using settings: adding file resource 'graphdir': 'File[/var/lib/puppet/state/graphs]{:backup=>false, :loglevel=>:debug, :links=>:follow,:path=>"/var/lib/puppet/state/graphs", :ensure=>:directory}'Debug: Using settings: adding file resource 'vardir': 'File[/var/lib/puppet]{:backup=>false, :loglevel=>:debug, :links=>:follow, :path=>"/var/lib/pu ppet",:ensure=>:directory}'Debug: Using settings: adding file resource 'requestdir': 'File[/var/lib/puppet/ssl/certificate_requests]{:backup=>false, :loglevel=>:debug,:owner=>"puppet", :links=>:follow, :path=>"/var/lib/puppet/ssl/certificate_requests", : ensure=>:directory}'Debug: Using settings: adding file resource 'rundir': 'File[/var/run/puppet]{:backup=>false, :loglevel=>:debug, :links=>:follow, :mode=>"755",:path=>"/var/run/puppet", :ensure=>:directory}'Debug: Using settings: adding file resource 'clientyamldir': 'File[/var/lib/puppet/client_yaml]{:backup=>false, :loglevel=>:debug, :links=>:follow,:mode=>"750", :path=>"/var/lib/puppet/client_yaml", :ensure=>:directory}'Debug: Using settings: adding file resource 'hostprivkey': 'File[/var/lib/puppet/ssl/private_keys/.pem]{:backup=>false, :loglevel=>:deb ug,:owner=>"puppet", :links=>:follow, :mode=>"600", :path=>"/var/lib/puppet/ssl/private _keys/.pem", :ensure=>:file}'Debug: Puppet::Type::Group::ProviderPw: file pw does not existDebug: Failed to load library 'ldap' for feature 'ldap'Debug: Puppet::Type::Group::ProviderLdap: feature ldap is missingDebug: Puppet::Type::Group::ProviderDirectoryservice: file /usr/bin/dscl does not exist Debug: Using settings: adding file resource 'logdir': 'File[/var/log/puppet]{:backup=>false, :group=>"puppet", :loglevel=>:debug, :owner=>"pup pet",:links=>:follow, :mode=>"750", :path=>"/var/log/puppet", :ensure=>:directory}''File[/var/lib/puppet/ssl]{:backup=>false, :loglevel=>:debug, :owner=>"puppet", :links=>:foll ow,:mode=>"771", :path=>"/var/lib/puppet/ssl", :ensure=>:directory}'Debug: Using settings: adding file resource 'privatekeydir': 'File[/var/lib/puppet/ssl/private_keys]{:backup=>false, :loglevel=>:debug, :owner=>"puppet ",:links=>:follow, :mode=>"750", :path=>"/var/lib/puppet/ssl/private_keys", :ensure=>:di rectory}'Debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet]Debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] Debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]Debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state] Debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl]Debug: /File[/var/lib/puppet/ssl/private_keys/.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys]Debug: /File[/var/lib/puppet/ssl/public_keys/.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys]Debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]Debug: /File[/var/lib/puppet/client_data]: Autorequiring File[/var/lib/puppet]Debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] Debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet]Debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl]Debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl]Debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]Debug: /File[/var/lib/puppet/ssl/private_keys/.pem]/mode: mode changed '0640' to '0600'Debug: /File[/var/lib/puppet/ssl/public_keys/.pem]/mode: mode changed '0640' to '0644'Debug: Finishing transaction 23872078632760Debug: Using settings: adding file resource 'hostpubkey': 'File[/var/lib/puppet/ssl/public_keys/.pem]{:backup=>false, :loglevel=>:debu g,:owner=>"puppet", :links=>:follow, :mode=>"644", :path=>"/var/lib/puppet/ssl/public_ keys/.pem", :ensure=>:file}'Debug: Using settings: adding file resource 'statedir': 'File[/var/lib/puppet/state]{:backup=>false, :loglevel=>:debug, :links=>:follow, :mode=>"175 5",:path=>"/var/lib/puppet/state", :ensure=>:directory}''File[/etc/puppet]{:backup=>false, :loglevel=>:debug, :links=>:follow, :path=>"/etc/puppet",:ensure=>:directory}'Debug: Using settings: adding file resource 'publickeydir': 'File[/var/lib/puppet/ssl/public_keys]{:backup=>false, :loglevel=>:debug, :owner=>"puppet",:links=>:follow, :path=>"/var/lib/puppet/ssl/public_keys", :ensure=>:directory}'Debug: Using settings: adding file resource 'privatedir': 'File[/var/lib/puppet/ssl/private]{:backup=>false, :loglevel=>:debug, :owner=>"puppet",:links=>:follow, :mode=>"750", :path=>"/var/lib/puppet/ssl/private", :ensure=>:director y}'Debug: Using settings: adding file resource 'plugindest': 'File[/var/lib/puppet/lib]{:backup=>false, :loglevel=>:debug, :links=>:follow,:path=>"/var/lib/puppet/lib", :ensure=>:directory}'Debug: Using settings: adding file resource 'certdir': 'File[/var/lib/puppet/ssl/certs]{:backup=>false, :loglevel=>:debug, :owner=>"puppet", :links= >:follow,:path=>"/var/lib/puppet/ssl/certs", :ensure=>:directory}'Debug: Using settings: adding file resource 'vardir': 'File[/var/lib/puppet]{:backup=>false, :loglevel=>:debug, :links=>:follow, :path=>"/var/lib/pu ppet",:ensure=>:directory}'Debug: Using settings: adding file resource 'requestdir': 'File[/var/lib/puppet/ssl/certificate_requests]{:backup=>false, :loglevel=>:debug,:owner=>"puppet", :links=>:follow, :path=>"/var/lib/puppet/ssl/certificate_requests", : ensure=>:directory}'Debug: Using settings: adding file resource 'rundir': 'File[/var/run/puppet]{:backup=>false, :loglevel=>:debug, :links=>:follow, :mode=>"755",:path=>"/var/run/puppet", :ensure=>:directory}'Debug: Using settings: adding file resource 'hostprivkey': 'File[/var/lib/puppet/ssl/private_keys/.pem]{:backup=>false, :loglevel=>:deb ug,:owner=>"puppet", :links=>:follow, :mode=>"600", :path=>"/var/lib/puppet/ssl/private _keys/.pem", :ensure=>:file}'Debug: Using settings: adding file resource 'logdir': 'File[/var/log/puppet]{:backup=>false, :group=>"puppet", :loglevel=>:debug, :owner=>"puppet",:links=>:follow, :mode=>"750", :path=>"/var/log/puppet", :ensure=>:directory}'Debug: Using settings: adding file resource 'ssldir': 'File[/var/lib/puppet/ssl]{:backup=>false, :loglevel=>:debug, :owner=>"puppet", :links=>:foll ow,:mode=>"771", :path=>"/var/lib/puppet/ssl", :ensure=>:directory}'Debug: Using settings: adding file resource 'privatekeydir': 'File[/var/lib/puppet/ssl/private_keys]{:backup=>false, :loglevel=>:debug, :owner=>"puppet ",:links=>:follow, :mode=>"750", :path=>"/var/lib/puppet/ssl/private_keys", :ensure=>:di rectory}'Debug: /File[/var/lib/puppet/ssl/public_keys/.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys]Debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl]Debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl]Debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] Debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet]Debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] Debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl]Debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]Debug: /File[/var/lib/puppet/ssl/private_keys/.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys]Debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]Debug: Finishing transaction 23872076821240Info: Caching certificate for caInfo: Creating a new SSL certificate request for Info: Certificate Request fingerprint (SHA256): 04:48:C2:2C:8D:FC:71:E8:99:EA:50:45:B1:81:A0:68:D0:26:9D:82:58:D7:AC:CB:7B:72:19:EC:A 0:40:F5:7FDebug: Using cached certificate for caDebug: Using cached certificate for caExiting; no certificate found and waitforcert is disabled2，排错方法：从上面提示貌似是Cert问题，后来查了下资料Client在test是就给Master提供有Cert 请求，只要Master sign一下就可,具体方法如下：首先看看帮助，我最先开始的事ca ,后来发现cert这个命令也可以，而且和ca 命令用法与参数差不多#puppet help caUSAGE: puppet ca <action>。