AWS Puppet 配置管理云模板示例

有多个选项可用于配置云模板，以支持对 AWS 计算资源进行基于 Puppet 的配置管理。

使用用户名和密码对 AWS 进行 Puppet 管理

示例...	示例蓝图 YAML
对任何受支持的 Amazon 计算机映像进行云配置身份验证。	inputs: username: type: string title: Username default: puppet password: type: string title: Password encrypted: true default: VMware@123 resources: Webserver: type: Cloud.AWS.EC2.Instance properties: flavor: small image: centos cloudConfig: \| #cloud-config ssh_pwauth: yes chpasswd: list: \| ${input.username}:${input.password} expire: false users: - default - name: ${input.username} lock_passwd: false sudo: ['ALL=(ALL) NOPASSWD:ALL'] groups: [wheel, sudo, admin] shell: '/bin/bash' ssh-authorized-keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDytVL+Q6/+vGbmkXoRpX dmettem@dmettem-m01.vmware.com runcmd: - echo "Defaults:${input.username} !requiretty" >> /etc/sudoers.d/${input.username} Puppet_Agent: type: Cloud.Puppet properties: provider: PEOnAWS environment: production role: 'role::linux_webserver' host: '${Webserver.*}' osType: linux username: '${input.username}' password: '${input.password}' useSudo: true
使用现有用户对自定义 Amazon 计算机映像进行云配置身份验证。	inputs: username: type: string title: Username default: puppet password: type: string title: Password encrypted: true default: VMware@123 resources: Webserver: type: Cloud.AWS.EC2.Instance properties: flavor: small image: centos cloudConfig: \| #cloud-config runcmd: - sudo sed -e 's/.PasswordAuthentication no./PasswordAuthentication yes/' -i /etc/ssh/sshd_config - sudo service sshd restart Puppet_Agent: type: Cloud.Puppet properties: provider: PEOnAWS environment: production role: 'role::linux_webserver' host: '${Webserver.*}' osType: linux username: '${input.username}' password: '${input.password}' useSudo: true

示例...

示例蓝图 YAML

对任何受支持的 Amazon 计算机映像进行云配置身份验证。

inputs:
  username:
    type: string
    title: Username
    default: puppet
  password:
    type: string
    title: Password
    encrypted: true
    default: VMware@123
resources:
  Webserver:
    type: Cloud.AWS.EC2.Instance
    properties:
      flavor: small
      image: centos
      cloudConfig: |
        #cloud-config
        ssh_pwauth: yes
        chpasswd:
          list: |
            ${input.username}:${input.password}
          expire: false
        users:
          - default
          - name: ${input.username}
            lock_passwd: false
            sudo: ['ALL=(ALL) NOPASSWD:ALL']
            groups: [wheel, sudo, admin]
            shell: '/bin/bash'
            ssh-authorized-keys:
              - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDytVL+Q6/+vGbmkXoRpX dmettem@dmettem-m01.vmware.com
        runcmd:
          - echo "Defaults:${input.username}  !requiretty" >> /etc/sudoers.d/${input.username}
  Puppet_Agent:
    type: Cloud.Puppet
    properties:
      provider: PEOnAWS
      environment: production
      role: 'role::linux_webserver'
      host: '${Webserver.*}'
      osType: linux
      username: '${input.username}'
      password: '${input.password}'
      useSudo: true

使用现有用户对自定义 Amazon 计算机映像进行云配置身份验证。

inputs:
  username:
    type: string
    title: Username
    default: puppet
  password:
    type: string
    title: Password
    encrypted: true
    default: VMware@123
resources:
  Webserver:
    type: Cloud.AWS.EC2.Instance
    properties:
      flavor: small
      image: centos
      cloudConfig: |
        #cloud-config
        runcmd:
          - sudo sed -e 's/.*PasswordAuthentication no.*/PasswordAuthentication yes/' -i /etc/ssh/sshd_config
          - sudo service sshd restart
  Puppet_Agent:
    type: Cloud.Puppet
    properties:
      provider: PEOnAWS
      environment: production
      role: 'role::linux_webserver'
      host: '${Webserver.*}'
      osType: linux
      username: '${input.username}'
      password: '${input.password}'
      useSudo: true

使用 generatedPublicPrivateKey 对 AWS 进行 Puppet 管理

示例...	示例蓝图 YAML
使用 generatedPublicPrivateKey 访问权限对 AWS 进行 remoteAccess.authentication 身份验证	inputs: {} resources: Machine: type: Cloud.AWS.EC2.Instance properties: flavor: small imageRef: ami-a4dc46db remoteAccess: authentication: generatedPublicPrivateKey Puppet_Agent: type: Cloud.Puppet properties: provider: puppet-BlueprintProvisioningITSuite environment: production role: 'role::linux_webserver' host: '${Machine.*}’ osType: linux username: ubuntu useSudo: true agentConfiguration: runInterval: 15m certName: ‘${Machine.address}' useSudo: true

示例...

示例蓝图 YAML

使用 generatedPublicPrivateKey 访问权限对 AWS 进行 remoteAccess.authentication 身份验证

inputs: {}
resources:
  Machine:
    type: Cloud.AWS.EC2.Instance
    properties:
      flavor: small
      imageRef: ami-a4dc46db
      remoteAccess:
        authentication: generatedPublicPrivateKey
  Puppet_Agent:
    type: Cloud.Puppet
    properties:
      provider: puppet-BlueprintProvisioningITSuite
      environment: production
      role: 'role::linux_webserver'
      host: '${Machine.*}’
      osType: linux
      username: ubuntu
      useSudo: true
      agentConfiguration:
        runInterval: 15m
        certName: ‘${Machine.address}'
      useSudo: true