文章目录

2.6 后puppetrun 名字变成要了puppet kick 命令用法一样。puppetrun也能使用
puppetrun –> puppet kick

参考 : http://www.puppetlabs.com/2dot6/

配置puppet kick 很简单
可参考:http://theforeman.org/projects/foreman/wiki/Puppetrun
官网上说:
修改客户端的:

namespaceauth.conf
[puppetrunner]
allow puppet.domain.com`</pre>
<pre>`auth.conf
path /run
method save
allow puppet.domain.com`</pre>
如果这么修改运行时会报:
<pre>`Error 403 on SERVER: Forbidden request`</pre>
那是因为auth.conf 里有关于认证的顺序问题。只需要修改一下:
<pre>`path /run
method save
allow puppet.domain.com

# this one is not stricly necessary, but it has the merit
# to show the default policy which is deny everything else
path /
auth any`</pre>
即把path /run 添加到path /的前面。
<pre>`# puppetrun -p 10 client.domain.com
Triggering client.domain.com
Getting status
status is success
client.domain.com finished with exit code 0
Finished`</pre>
附:
我的**namespaceauth.conf **
<pre>`[fileserver]
    allow *.domain.com

[puppetmaster]
    allow *.domain.com

[puppetrunner]
    allow *.domain.com

[puppetbucket]
    allow *.domain.com

[puppetreports]
    allow *.domain.com

[resource]
    allow puppet.domain.com`</pre>
**auth.conf **
<pre>`path ~ ^/catalog/([^/]+)$
method find
allow $1
path /certificate_revocation_list/ca
method find
allow *
path /report
method save
allow *
path /file
allow *
path /certificate/ca
auth no
method find
allow *
path /certificate/
auth no
method find
allow *
path /certificate_request
auth no
method find, save
allow *
path /run
method save
allow puppet.domain.com
path /
auth any`</pre>
**client puppet.conf **
<pre>`[main]
    logdir = /var/log/puppet
    rundir = /var/run/puppet
    ssldir = $vardir/ssl
[agent]
    classfile = $vardir/classes.txt
    localconfig = $vardir/localconfig

    listen = true
    report = true
    server = puppet.domain.com
[puppetd]
文章目录