Puppet 代理的目录与 master 不同

问题描述 投票:0回答:1

我很难让我的代理人工作。 由于某种原因,我的代理从主服务器中提取了一个空目录。

在我的一个节点上运行 

puppet agent --test
时,我得到:

root@grid:/home/jenssels# puppet agent --test
Info: Using environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Notice: Requesting catalog from puppet:8140 (192.168.1.12)
Notice: Catalog compiled by nexus.lan
Info: Caching catalog for grid.lan
Info: Applying configuration version '1712841471'
Notice: Applied catalog in 0.01 seconds

当我在主服务器上运行 

puppet catalog find grid.lan
时,我会看到正确的目录。 当我在代理节点上运行 
puppet catalog find
puppet catalog find grid.lan
时,我会得到一个完全不同的目录。

重新启动主机和代理不会改变任何事情。

我的代理正在运行默认配置。我在代理节点上使用的唯一命令是:

cd /tmp
wget https://apt.puppet.com/puppet8-release-jammy.deb
sudo dpkg -i puppet8-release-jammy.deb
apt-get update -y && apt-get install puppet-agent -y
export PATH=/opt/puppetlabs/bin:$PATH

puppet agent --test

在服务器端,我确实修改了一些设置,因为我的清单位于 nfs 共享上(安装在 /puppet 上)。 我的 /etc/puppetlabs/puppet/puppet.conf 看起来像:

# This file can be used to override the default puppet settings.
# See the following links for more details on what settings are available:
# - https://puppet.com/docs/puppet/latest/config_important_settings.html
# - https://puppet.com/docs/puppet/latest/config_about_settings.html
# - https://puppet.com/docs/puppet/latest/config_file_main.html
# - https://puppet.com/docs/puppet/latest/configuration.html
[server]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code
 
[main]
environment = production
basemodulepath = /puppet/modules
[agent]
runinterval = 1m

然后为了将生产环境指向我的 nfs 共享,我将 /etc/puppetlabs/code/environments/development/environment.conf 更改为

modulepath = /puppet/production/modules/
manifest = /puppet/production/manifests/

我通过运行 

puppet config print manifest --section main --environment production
进行了验证,它产生了

/puppet/production/manifests

通过检查 /var/log/puppetlabs/puppetserver/puppetserver.log 中的日志,我确实看到有呼叫进入主服务器

2024-04-11T14:02:31.192Z DEBUG [qtp1384966666-50] [p.r.core] Processing :post /puppet/v3/catalog/grid.lan
2024-04-11T14:02:31.195Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Evaluating match for Route /^\/puppet\//
2024-04-11T14:02:31.195Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Evaluating match for Route /v3/
2024-04-11T14:02:31.195Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Evaluating match for Route /^\/environments$/
2024-04-11T14:02:31.195Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Did not match path ("/catalog/grid.lan")
2024-04-11T14:02:31.195Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Evaluating match for Route /.*/
2024-04-11T14:02:31.196Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Evicting cache entry for environment :production
2024-04-11T14:02:31.196Z DEBUG [qtp1384966666-50] [p.s.j.puppet-environments] Removing environment 'production' from registry
2024-04-11T14:02:31.196Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Deleted text domain :production: false
2024-04-11T14:02:31.198Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Caching environment :production (ttl = 0 sec)
2024-04-11T14:02:31.199Z DEBUG [qtp1384966666-50] [p.s.j.puppet-environments] Registering environment 'production'
2024-04-11T14:02:31.205Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Found in cache :production (ttl = 0 sec)
2024-04-11T14:02:31.228Z INFO  [qtp1384966666-50] [puppetserver] Puppet Compiled catalog for grid.lan in environment production in 0.02 seconds
2024-04-11T14:02:31.228Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Found in cache :production (ttl = 0 sec)
2024-04-11T14:02:31.230Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Puppet::Network::Format[msgpack]: feature msgpack is missing
2024-04-11T14:02:31.231Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Puppet::Network::Format[pson]: feature pson is missing
2024-04-11T14:02:31.231Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Evicting cache entry for environment :production
2024-04-11T14:02:31.231Z DEBUG [qtp1384966666-50] [p.s.j.puppet-environments] Removing environment 'production' from registry
2024-04-11T14:02:31.231Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Deleted text domain :production: false
2024-04-11T14:02:31.232Z DEBUG [qtp1384966666-50] [puppetserver] Puppet Puppet::Network::Format[rich_data_msgpack]: feature msgpack is missing
2024-04-11T14:02:31.232Z DEBUG [qtp1384966666-50] [puppetserver] Puppet catalog supports formats: rich_data_json json yaml dot
2024-04-11T14:02:31.289Z DEBUG [qtp1384966666-48] [p.r.core] Processing :put /puppet/v3/report/grid.lan
2024-04-11T14:02:31.291Z DEBUG [qtp1384966666-48] [puppetserver] Puppet Evaluating match for Route /^\/puppet\//
2024-04-11T14:02:31.291Z DEBUG [qtp1384966666-48] [puppetserver] Puppet Evaluating match for Route /v3/
2024-04-11T14:02:31.292Z DEBUG [qtp1384966666-48] [puppetserver] Puppet Evaluating match for Route /^\/environments$/
2024-04-11T14:02:31.292Z DEBUG [qtp1384966666-48] [puppetserver] Puppet Did not match path ("/report/grid.lan")
2024-04-11T14:02:31.292Z DEBUG [qtp1384966666-48] [puppetserver] Puppet Evaluating match for Route /.*/
2024-04-11T14:02:31.295Z DEBUG [qtp1384966666-48] [puppetserver] Puppet Caching environment :production (ttl = 0 sec)
2024-04-11T14:02:31.295Z DEBUG [qtp1384966666-48] [p.s.j.puppet-environments] Registering environment 'production'
2024-04-11T14:02:31.296Z DEBUG [qtp1384966666-48] [puppetserver] Puppet Puppet::Network::Format[msgpack]: feature msgpack is missing
2024-04-11T14:02:31.296Z DEBUG [qtp1384966666-48] [puppetserver] Puppet Puppet::Network::Format[pson]: feature pson is missing
2024-04-11T14:02:31.296Z DEBUG [qtp1384966666-48] [puppetserver] Puppet Puppet::Network::Format[rich_data_msgpack]: feature msgpack is missing
2024-04-11T14:02:31.297Z DEBUG [qtp1384966666-48] [puppetserver] Puppet report supports formats: json yaml
2024-04-11T14:02:31.301Z DEBUG [qtp1384966666-48] [puppetserver] Puppet Received report to process from grid.lan
2024-04-11T14:02:31.301Z DEBUG [qtp1384966666-48] [puppetserver] Puppet Processing report from grid.lan with processor Puppet::Reports::Store

master 和 agent 都运行最新版本的 Ubuntu 22.04 lts。 puppet服务器版本是8.5.0

在代理上我无法让任何东西发挥作用。我尝试使用 --server 和 --debug 传递主服务器的主机名。所有调用都会成功,但会产生一个空目录。

有趣的部分是,如果我在它们都产生的代理上运行

puppet catalog find nexus.lan
puppet catalog find grid.lan

Notice: Compiled catalog for nexus.lan in environment production in 0.01 seconds
{
  "tags": [
    "settings"
  ],
  "name": "nexus.lan",
  "version": 1712844335,
  "code_id": null,
  "catalog_uuid": "2a65b3c0-a8f9-4bf3-8f28-5d57d845e9fe",
  "catalog_format": 2,
  "environment": "production",
  "resources": [
    {
      "type": "Stage",
      "title": "main",
      "tags": [
        "stage"
      ],
      "exported": false,
      "kind": "compilable_type",
      "parameters": {
        "name": "main"
      }
    },
    {
      "type": "Class",
      "title": "Settings",
      "tags": [
        "class",
        "settings"
      ],
      "exported": false,
      "kind": "unknown"
    },
    {
      "type": "Class",
      "title": "main",
      "tags": [
        "class"
      ],
      "exported": false,
      "kind": "unknown",
      "parameters": {
        "name": "main"
      }
    }
  ],
  "edges": [
    {
      "source": "Stage[main]",
      "target": "Class[Settings]"
    },
    {
      "source": "Stage[main]",
      "target": "Class[main]"
    }
  ],
  "classes": [
    "settings"
  ]
}

同样,这两个命令都会在主机上产生另一个结果。

知道我做错了什么吗?

ubuntu puppet
1个回答
0
投票

所以我会回答我自己的问题。 我错误地认为 puppet 服务器也会像代理一样以 root 身份运行,但事实并非如此。

它作为傀儡(Uid/Gid 999)运行,对 nfs 共享没有读取权限。将 puppet 用户的 uid 和 gid 更改为具有权限的用户,现在可以使用了。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.