|
Метка: новое перенаправление |
(не показана 1 промежуточная версия этого же участника) |
Строка 1: |
Строка 1: |
| Smart-Proxy предоставляет API-интерфейс подсистем DNS, DHCP и т.п. для взаимодействия с системами управления инфраструктурой высокого уровня
| | #перенаправление [[Smart_Proxy]] |
| == Установка smart-proxy ==
| |
| apt-get install smart-proxy-compat
| |
| | |
| Пред запуском сервиса проверяем содержимое файлов ниже
| |
| | |
| ''/etc/smart-proxy/config/settings.d/puppetca_http_api.yml''
| |
| ---
| |
| #
| |
| # URL of the puppet master itself for API requests.
| |
| :puppet_url: <nowiki>https://sample.server.name:8140</nowiki>
| |
| #
| |
| # SSL certificates used to access the CA API.
| |
| :puppet_ssl_ca: /etc/puppet/ssl/certs/ca.pem
| |
| :puppet_ssl_cert: /etc/puppet/ssl/certs/sample.server.name.pem
| |
| :puppet_ssl_key: /etc/puppet/ssl/private_keys/sample.server.name.pem
| |
| | |
| ''/etc/smart-proxy/config/settings.d/puppet_proxy_puppet_api.yml''
| |
| ---
| |
| #
| |
| # URL of the puppet master itself for API requests.
| |
| :puppet_url: <nowiki>https://sample.server.name:8140</nowiki>
| |
| #
| |
| # SSL certificates used to access the CA API.
| |
| :puppet_ssl_ca: /etc/puppet/ssl/certs/ca.pem
| |
| :puppet_ssl_cert: /etc/puppet/ssl/certs/sample.server.name.pem
| |
| :puppet_ssl_key: /etc/puppet/ssl/private_keys/sample.server.name.pem
| |
| # Smart Proxy api timeout when Puppet's environment classes api is used and classes cache is disabled
| |
| :api_timeout: 30
| |
| | |
| ''/etc/smart-proxy/config/settings.d/puppetca.yml''
| |
| ---
| |
| #
| |
| # PuppetCA management
| |
| # Can be true, false, or http/https to enable just one of the protocols
| |
| #
| |
| :enabled: http
| |
| # valid providers:
| |
| # - puppetca_hostname_whitelisting (verify CSRs based on a hostname whitelist)
| |
| # - puppetca_token_whitelisting (verify CSRs based on a token whitelist)
| |
| :use_provider: puppetca_hostname_whitelisting
| |
| # Puppet version used
| |
| :puppet_version: 7.1.0
| |
| | |
| ''/etc/smart-proxy/config/settings.d/puppet.yml''
| |
| ---
| |
| # Can be true, false, or http/https to enable just one of the protocols
| |
| :enabled: http
| |
| # valid providers:
| |
| # puppet_proxy_mcollective (uses mco puppet)
| |
| # puppet_proxy_ssh (run puppet over ssh)
| |
| # puppet_proxy_salt (uses salt puppet.run)
| |
| # puppet_proxy_customrun (calls a custom command with args)
| |
| #:use_provider: puppet_proxy_customrun
| |
| :puppet_version: 7.1.0
| |
| | |
| ''/etc/smart-proxy/config/settings.d/puppetca_hostname_whitelisting.yml''
| |
| ---
| |
| #
| |
| # Configuration of the PuppetCA hostname_whitelisting provider
| |
| #
| |
| :autosignfile: /etc/puppet/autosign.conf
| |
| | |
| ''/etc/smart-proxy/config/settings.d/facts.yml''
| |
| ---
| |
| # Can be true, false, or http/https to enable just one of the protocols
| |
| :enabled: true
| |
| | |
| Проверяем наличие файла ''/etc/puppet/autosign.conf'' и установленные на него разрешения
| |
| | |
| touch /etc/puppet/autosign.conf
| |
| chmod 664 /etc/puppet/autosign.conf
| |
| | |
| Разрешаем и запускаем сервис smart-proxy
| |
| | |
| systemctl enable smart-proxy; systemctl start smart-proxy
| |
| | |
| == Настройка подключения Foreman и Smart-proxy ==
| |
| Настройка соединения Foreman и Smart-proxy производится через веб интерфейс Foreman.
| |
| Потребуется перейти в меню '''Инфраструктура -> Капсулы -> Create Smart Proxy'''
| |
| или по прямой ссылке
| |
| | |
| http://sample.server.name:2345/smart_proxies/new
| |
| | |
| Адрес Smart-proxy ''http://sample.server.name:8000''
| |
| | |
| Запустите (через перезапуск) smart-proxy:
| |
| | |
| # systemctl restart smart-proxy
| |
| | |
| [[Category: foreman]][[Category: foreman-puppet]]
| |
| [[Категория:Управление автоматизацией]] | |
| {{Category navigation|title=Управление автоматизацией|category=Управление автоматизацией|sortkey={{SUBPAGENAME}}}}
| |