Create a modile best
[root@pserver manifests]# pwd
/etc/puppet/modules/best/manifests
[root@pserver manifests]#
[root@pserver modules]# mkdir best
[root@pserver modules]# cd best
[root@pserver best]# ls
[root@pserver best]# pwd
/etc/puppet/modules/best
[root@pserver best]# mkdir {files,manifests}
[root@pserver best]# ls
files manifests
[root@pserver best]# cd manifests/
[root@pserver manifests]# pwd
/etc/puppet/modules/best/manifests
[root@pserver manifests]# vi ntp.pp
class best::ntp {
package {'ntp':
ensure => installed,
}
service {'ntpd':
ensure => running,
require => Package['ntp'],
}
file {'/etc/ntp.conf':
source => 'puppet:///modules/best/ntp.conf',
notify => Service['ntpd'],
require => Package['ntp'],
}
}
[root@pserver manifests]# pwd
/etc/puppet/modules/best/manifests
[root@pserver manifests]# cd ../files/
[root@pserver files]# ls
[root@pserver files]# vi ntp_uk.conf
class best::ntp_uk inherits best::ntp {
File['/etc/ntp.conf'] {
source => 'puppet:///modules/best/ntp_uk.conf',
}
}
[root@pserver files]# pwd
/etc/puppet/modules/best/files
[root@pserver files]# cd ../../../manifests/
[root@pserver manifests]# ls
site.pp
[root@pserver manifests]# vi site.pp
#include ntp
node 'node1.example.com' {
include samba
include best::ntp_uk
#include ntp
#class {'vsftpd':
# version => '3.0.2-9',
#}
}
node 'node2.example.com' {
include httpd
}
[root@pserver manifests]# cd -
/etc/puppet/modules/best/files
[root@pserver files]# pwd
/etc/puppet/modules/best/files
[root@pserver files]# ls
ntp_uk.conf
[root@pserver files]# more ntp_uk.conf
server 192.168.10.200
[root@pserver files]# cd ../manifests/
[root@pserver manifests]# ls
ntp.pp ntp_uk.pp
[root@pserver manifests]# more ntp_uk.pp
class admin::ntp_uk inherits best::ntp {
File['/etc/ntpd.conf'] {
source => 'puppet:///modules/best/ntp_uk.conf',
}
}
go to client and run
[root@node1 ~]# puppet agent -t
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for node1.example.com
Info: Applying configuration version '1511822953'
Notice: /Stage[main]/Best::Ntp/File[/etc/ntp.conf]/content:
--- /etc/ntp.conf 2014-02-11 12:18:28.000000000 -0500
+++ /tmp/puppet-file20171127-6018-86t8qm 2017-11-27 17:49:23.841400464 -0500
@@ -1,58 +1 @@
-# For more information about this file, see the man pages
-# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
-
-driftfile /var/lib/ntp/drift
-
-# Permit time synchronization with our time source, but do not
-# permit the source to query or modify the service on this system.
-restrict default nomodify notrap nopeer noquery
-
-# Permit all access over the loopback interface. This could
-# be tightened as well, but to do so would effect some of
-# the administrative functions.
-restrict 127.0.0.1
-restrict ::1
-
-# Hosts on local network are less restricted.
-#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
-
-# Use public servers from the pool.ntp.org project.
-# Please consider joining the pool (http://www.pool.ntp.org/join.html).
-server 0.rhel.pool.ntp.org iburst
-server 1.rhel.pool.ntp.org iburst
-server 2.rhel.pool.ntp.org iburst
-server 3.rhel.pool.ntp.org iburst
-
-#broadcast 192.168.1.255 autokey # broadcast server
-#broadcastclient # broadcast client
-#broadcast 224.0.1.1 autokey # multicast server
-#multicastclient 224.0.1.1 # multicast client
-#manycastserver 239.255.254.254 # manycast server
-#manycastclient 239.255.254.254 autokey # manycast client
-
-# Enable public key cryptography.
-#crypto
-
-includefile /etc/ntp/crypto/pw
-
-# Key file containing the keys and key identifiers used when operating
-# with symmetric key cryptography.
-keys /etc/ntp/keys
-
-# Specify the key identifiers which are trusted.
-#trustedkey 4 8 42
-
-# Specify the key identifier to use with the ntpdc utility.
-#requestkey 8
-
-# Specify the key identifier to use with the ntpq utility.
-#controlkey 8
-
-# Enable writing of statistics records.
-#statistics clockstats cryptostats loopstats peerstats
-
-# Disable the monitoring facility to prevent amplification attacks using ntpdc
-# monlist command when default restrict does not include the noquery flag. See
-# CVE-2013-5211 for more details.
-# Note: Monitoring will not be disabled with the limited restriction flag.
-disable monitor
+server 192.168.10.200
Info: Computing checksum on file /etc/ntp.conf
Info: /Stage[main]/Best::Ntp/File[/etc/ntp.conf]: Filebucketed /etc/ntp.conf to puppet with sum 913 c85f0fde85f83c2d6c030ecf259e9
Notice: /Stage[main]/Best::Ntp/File[/etc/ntp.conf]/content: content changed '{md5}913c85f0fde85f83c 2d6c030ecf259e9' to '{md5}489b4442e80b2fbcec12b167d15a63b9'
Info: /Stage[main]/Best::Ntp/File[/etc/ntp.conf]: Scheduling refresh of Service[ntpd]
Notice: /Stage[main]/Best::Ntp/Service[ntpd]: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 0.42 seconds
[root@node1 ~]# ntpq -q
/usr/sbin/ntpq: illegal option -- q
ntpq - standard NTP query program - Ver. 4.2.6p5
USAGE: ntpq [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]
(AutoOpts bug): could not locate the 'help' option.
[root@node1 ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
pserver.example .INIT. 16 u - 64 0 0.000 0.000 0.000
[root@node1 ~]#
[root@pserver manifests]# pwd
/etc/puppet/modules/best/manifests
[root@pserver manifests]#
[root@pserver modules]# mkdir best
[root@pserver modules]# cd best
[root@pserver best]# ls
[root@pserver best]# pwd
/etc/puppet/modules/best
[root@pserver best]# mkdir {files,manifests}
[root@pserver best]# ls
files manifests
[root@pserver best]# cd manifests/
[root@pserver manifests]# pwd
/etc/puppet/modules/best/manifests
[root@pserver manifests]# vi ntp.pp
class best::ntp {
package {'ntp':
ensure => installed,
}
service {'ntpd':
ensure => running,
require => Package['ntp'],
}
file {'/etc/ntp.conf':
source => 'puppet:///modules/best/ntp.conf',
notify => Service['ntpd'],
require => Package['ntp'],
}
}
[root@pserver manifests]# pwd
/etc/puppet/modules/best/manifests
[root@pserver manifests]# cd ../files/
[root@pserver files]# ls
[root@pserver files]# vi ntp_uk.conf
class best::ntp_uk inherits best::ntp {
File['/etc/ntp.conf'] {
source => 'puppet:///modules/best/ntp_uk.conf',
}
}
[root@pserver files]# pwd
/etc/puppet/modules/best/files
[root@pserver files]# cd ../../../manifests/
[root@pserver manifests]# ls
site.pp
[root@pserver manifests]# vi site.pp
#include ntp
node 'node1.example.com' {
include samba
include best::ntp_uk
#include ntp
#class {'vsftpd':
# version => '3.0.2-9',
#}
}
node 'node2.example.com' {
include httpd
}
[root@pserver manifests]# cd -
/etc/puppet/modules/best/files
[root@pserver files]# pwd
/etc/puppet/modules/best/files
[root@pserver files]# ls
ntp_uk.conf
[root@pserver files]# more ntp_uk.conf
server 192.168.10.200
[root@pserver files]# cd ../manifests/
[root@pserver manifests]# ls
ntp.pp ntp_uk.pp
[root@pserver manifests]# more ntp_uk.pp
class admin::ntp_uk inherits best::ntp {
File['/etc/ntpd.conf'] {
source => 'puppet:///modules/best/ntp_uk.conf',
}
}
go to client and run
[root@node1 ~]# puppet agent -t
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for node1.example.com
Info: Applying configuration version '1511822953'
Notice: /Stage[main]/Best::Ntp/File[/etc/ntp.conf]/content:
--- /etc/ntp.conf 2014-02-11 12:18:28.000000000 -0500
+++ /tmp/puppet-file20171127-6018-86t8qm 2017-11-27 17:49:23.841400464 -0500
@@ -1,58 +1 @@
-# For more information about this file, see the man pages
-# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
-
-driftfile /var/lib/ntp/drift
-
-# Permit time synchronization with our time source, but do not
-# permit the source to query or modify the service on this system.
-restrict default nomodify notrap nopeer noquery
-
-# Permit all access over the loopback interface. This could
-# be tightened as well, but to do so would effect some of
-# the administrative functions.
-restrict 127.0.0.1
-restrict ::1
-
-# Hosts on local network are less restricted.
-#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
-
-# Use public servers from the pool.ntp.org project.
-# Please consider joining the pool (http://www.pool.ntp.org/join.html).
-server 0.rhel.pool.ntp.org iburst
-server 1.rhel.pool.ntp.org iburst
-server 2.rhel.pool.ntp.org iburst
-server 3.rhel.pool.ntp.org iburst
-
-#broadcast 192.168.1.255 autokey # broadcast server
-#broadcastclient # broadcast client
-#broadcast 224.0.1.1 autokey # multicast server
-#multicastclient 224.0.1.1 # multicast client
-#manycastserver 239.255.254.254 # manycast server
-#manycastclient 239.255.254.254 autokey # manycast client
-
-# Enable public key cryptography.
-#crypto
-
-includefile /etc/ntp/crypto/pw
-
-# Key file containing the keys and key identifiers used when operating
-# with symmetric key cryptography.
-keys /etc/ntp/keys
-
-# Specify the key identifiers which are trusted.
-#trustedkey 4 8 42
-
-# Specify the key identifier to use with the ntpdc utility.
-#requestkey 8
-
-# Specify the key identifier to use with the ntpq utility.
-#controlkey 8
-
-# Enable writing of statistics records.
-#statistics clockstats cryptostats loopstats peerstats
-
-# Disable the monitoring facility to prevent amplification attacks using ntpdc
-# monlist command when default restrict does not include the noquery flag. See
-# CVE-2013-5211 for more details.
-# Note: Monitoring will not be disabled with the limited restriction flag.
-disable monitor
+server 192.168.10.200
Info: Computing checksum on file /etc/ntp.conf
Info: /Stage[main]/Best::Ntp/File[/etc/ntp.conf]: Filebucketed /etc/ntp.conf to puppet with sum 913 c85f0fde85f83c2d6c030ecf259e9
Notice: /Stage[main]/Best::Ntp/File[/etc/ntp.conf]/content: content changed '{md5}913c85f0fde85f83c 2d6c030ecf259e9' to '{md5}489b4442e80b2fbcec12b167d15a63b9'
Info: /Stage[main]/Best::Ntp/File[/etc/ntp.conf]: Scheduling refresh of Service[ntpd]
Notice: /Stage[main]/Best::Ntp/Service[ntpd]: Triggered 'refresh' from 1 events
Notice: Finished catalog run in 0.42 seconds
[root@node1 ~]# ntpq -q
/usr/sbin/ntpq: illegal option -- q
ntpq - standard NTP query program - Ver. 4.2.6p5
USAGE: ntpq [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]
(AutoOpts bug): could not locate the 'help' option.
[root@node1 ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
pserver.example .INIT. 16 u - 64 0 0.000 0.000 0.000
[root@node1 ~]#
No comments:
Post a Comment