Puppet-Foreman:主机未按照默认运行间隔更新,可能是什么原因造成的?

tag-icon tag-icon puppet foreman
Puppet-Foreman:主机未按照默认运行间隔更新,可能是什么原因造成的?

我公司的Linux服务器由与Foreman一起安装的Puppet进行配置和管理。

查看 Foreman 仪表板时,我可以看到 95% 的服务器显示为已同步和已更新(蓝色图标),而 20 台没有已知共同点的服务器显示为未同步且未更新。

当查看/etc/puppet/puppet.conf任何 Puppet 代理(已更新或未更新的代理)上的文件时,我看到它的配置如下:

[main]
    # The Puppet log directory.
    # The default value is '$vardir/log'.
    logdir = /var/log/puppet

    # Where Puppet PID files are kept.
    # The default value is '$vardir/run'.
    rundir = /var/run/puppet

    # Where SSL certificates are kept.
    # The default value is '$confdir/ssl'.
    ssldir = $vardir/ssl

[agent]
    # The file in which puppetd stores a list of the classes
    # associated with the retrieved configuratiion.  Can be loaded in
    # the separate ``puppet`` executable using the ``--loadclasses``
    # option.
    # The default value is '$confdir/classes.txt'.
    classfile = $vardir/classes.txt

    # Where puppetd caches the local configuration.  An
    # extension indicating the cache format is added automatically.
    # The default value is '$confdir/localconfig'.
    localconfig = $vardir/localconfig

这是包中附带的默认配置。

您可以看到,在该[agent]部分下唯一配置的指令是classfile,而localconfig在 Puppet 服务器上,/etc/puppet/puppet.conf“[agent]”部分如下所示:

[agent]
    # The file in which puppetd stores a list of the classes
    # associated with the retrieved configuratiion.  Can be loaded in
    # the separate ``puppet`` executable using the ``--loadclasses``
    # option.
    # The default value is '$statedir/classes.txt'.
    classfile = $vardir/classes.txt

    # Where puppetd caches the local configuration.  An
    # extension indicating the cache format is added automatically.
    # The default value is '$confdir/localconfig'.
    localconfig = $vardir/localconfig

    # Disable the default schedules as they cause continual skipped
    # resources to be displayed in Foreman - only for Puppet >= 3.4
    default_schedules = false

    report        = true
    pluginsync    = true
    masterport    = 8140
    environment   = production
    certname      = puppet.nj.company.com
    server        = puppet.nj.company.com
    listen        = false
    splay         = false
    runinterval   = 1800
    noop          = false
    configtimeout = 120

我的问题是:

  1. 我是否应该将 Puppet 服务器中代理部分的内容复制到客户端?
  2. 如果所有特定服务器均由 Puppet 自动配置,并且都以相同的方式配置,那么什么原因导致 Puppet 服务器无法更新这些特定服务器?

答案1

服务器上的大多数设置[agent]都是默认设置,您无需将它们复制到客户端。唯一真正重要的是server默认设置puppet(依赖搜索域)是否不够用。既然您说手动运行 Puppet 有效,我想您甚至不必担心这一点。

这听起来就像您的客户端没有运行 Puppet 代理服务。启动它并确保它配置为在启动时启动。

Puppet 使用拉取模型,因此您需要运行代理以从主服务器拉取配置,当代理作为服务运行时,默认情况下每 30 分钟一次。通常,您会在配置期间将代理配置为在启动时启动。

例如运行service puppet startsystemctl start puppet(systemd),如果您使用的是 Red Hat 类型的操作系统,也可以运行systemctl enable puppet(systemd)或chkconfig puppet on

相关内容