重庆分公司,新征程启航
为企业提供网站建设、域名注册、服务器等服务
前言:
为淅川等地区用户提供了全套网页设计制作服务,及淅川网站建设行业解决方案。主营业务为成都网站设计、网站制作、淅川网站设计,以传统方式定制建设网站,并提供域名空间备案等一条龙服务,秉承以专业、用心的态度为用户提供真诚的服务。我们深信只要达到每一位用户的要求,就会得到认可,从而选择与我们长期合作。这样,我们也可以走得更远!本篇博客参考了
在领略了puppet种种神奇后,由于puppet通过catalog来更新内容,期间还可能下载插件,下载file,同步file的内容等,这必然要消耗掉master的诸多性能,在获取的过程中master和agent说白了是https的通信,agent通过ruby内置的Webrick服务器获得catalog,而现在流行的webserver肯定对于静态内容效率与效果要更好,于是对master的扩展的一种方式演变为webserver的升级
1 准备工作
zypper in ruby apache2 libcurl libcurl-devel apr apr-devel apache2-devel(yum -y install ruby httpd ...) gem install rack passenger rails passenger-install-apache2-module.ruby2.1 ...提示... 如果这里提示你什么包头文件没装,请不要进行下一步,自己去尝试安装devel cat /etc/apache2/vhost.d/liuliancao.com.conf LoadModule passenger_module /usr/lib64/ruby/gems/2.1.0/gems/passenger-5.0.22/buildout/apache2/mod_passenger.so PassengerRoot /usr/lib64/ruby/gems/2.1.0/gems/passenger-5.0.22 PassengerDefaultRuby /usr/bin/ruby.ruby2.1 # And the passenger performance tuning settings: PassengerHighPerformance On # now it is on # PassengerUseGlobalQueue On # Set this to about 1.5 times the number of CPU cores in your master: PassengerMaxPoolSize 3 # Recycle master processes after they service 1000 requests PassengerMaxRequests 1000 # Stop processes if they sit idle for 10 minutes PassengerPoolIdleTime 600 Listen 8140SSLEngine On # Only allow high security cryptography, ALter if needed for compatibility SSLProtocol ALL -SSLv2 SSLCipherSuite HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP SSLCertificateFile /var/lib/puppet/ssl/certs/puppet-master.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet-master.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem SSLVerifyCLient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +ExportCertData # These request headers are used to pass the client certificates # authentication infomation on to the puppet master process RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e #RackAutoDetect On DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/ 检查语法错误,下面错误不是重点就不管了 httpd2 -t AH00558: httpd2: Could not reliably determine the server's fully qualified domain name, using 172.16.236.1. Set the 'ServerName' directive globally to suppress this message Syntax OK systemctl start apache2 netstat -tnlp|grep 8140 tcp 0 0 :::8140 :::* LISTEN 11371/httpd2-preforOptions None AllowOverride None Order Allow,Deny Allow from All
这是apache端已经配置好,还要启动master才行,否则会报500的错误
puppet master start
回到我们的agent端进行测试
puppet agent --server puppet-master --test --noop ... notice: Class[Nginx]: Would have triggered 'refresh' from 9 events notice: Stage[main]: Would have triggered 'refresh' from 1 events notice: Finished catalog run in 13.62 seconds
查看master日志的情况
tail /var/log/apache2/access_log 172.16.236.101 - - [20/Dec/2015:21:15:03 +0800] "POST /production/catalog/puppet-agent HTTP/1.1" 200 11044 "-" "-" 172.16.236.101 - - [20/Dec/2015:21:15:04 +0800] "GET /production/file_metadata/modules/user/file_from_module?links=manage HTTP/1.1" 200 303 "-" "-" 172.16.236.101 - - [20/Dec/2015:21:15:18 +0800] "PUT /production/report/puppet-agent HTTP/1.1" 200 9 "-" "-"
就实现了nginx辅助进行catalog的传递这个过程
另外有需要云服务器可以了解下创新互联scvps.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。