AWS Puppet 組態管理雲端範本範例

有多個選項可用於設定雲端範本，以支援 AWS 計算資源上以 Puppet 為基礎的組態管理。

具有使用者名稱和密碼的 AWS 上的 Puppet 管理

範例...	範例藍圖 YAML
在任何支援的 Amazon Machine Image 上進行雲端組態驗證。	inputs: username: type: string title: Username default: puppet password: type: string title: Password encrypted: true default: VMware@123 resources: Webserver: type: Cloud.AWS.EC2.Instance properties: flavor: small image: centos cloudConfig: \| #cloud-config ssh_pwauth: yes chpasswd: list: \| ${input.username}:${input.password} expire: false users: - default - name: ${input.username} lock_passwd: false sudo: ['ALL=(ALL) NOPASSWD:ALL'] groups: [wheel, sudo, admin] shell: '/bin/bash' ssh-authorized-keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDytVL+Q6/+vGbmkXoRpX [email protected] runcmd: - echo "Defaults:${input.username} !requiretty" >> /etc/sudoers.d/${input.username} Puppet_Agent: type: Cloud.Puppet properties: provider: PEOnAWS environment: production role: 'role::linux_webserver' host: '${Webserver.*}' osType: linux username: '${input.username}' password: '${input.password}' useSudo: true
在自訂 Amazon Machine Image 上對現有使用者進行雲端組態驗證。	inputs: username: type: string title: Username default: puppet password: type: string title: Password encrypted: true default: VMware@123 resources: Webserver: type: Cloud.AWS.EC2.Instance properties: flavor: small image: centos cloudConfig: \| #cloud-config runcmd: - sudo sed -e 's/.PasswordAuthentication no./PasswordAuthentication yes/' -i /etc/ssh/sshd_config - sudo service sshd restart Puppet_Agent: type: Cloud.Puppet properties: provider: PEOnAWS environment: production role: 'role::linux_webserver' host: '${Webserver.*}' osType: linux username: '${input.username}' password: '${input.password}' useSudo: true

範例...

範例藍圖 YAML

在任何支援的 Amazon Machine Image 上進行雲端組態驗證。

inputs:
  username:
    type: string
    title: Username
    default: puppet
  password:
    type: string
    title: Password
    encrypted: true
    default: VMware@123
resources:
  Webserver:
    type: Cloud.AWS.EC2.Instance
    properties:
      flavor: small
      image: centos
      cloudConfig: |
        #cloud-config
        ssh_pwauth: yes
        chpasswd:
          list: |
            ${input.username}:${input.password}
          expire: false
        users:
          - default
          - name: ${input.username}
            lock_passwd: false
            sudo: ['ALL=(ALL) NOPASSWD:ALL']
            groups: [wheel, sudo, admin]
            shell: '/bin/bash'
            ssh-authorized-keys:
              - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDytVL+Q6/+vGbmkXoRpX [email protected]
        runcmd:
          - echo "Defaults:${input.username}  !requiretty" >> /etc/sudoers.d/${input.username}
  Puppet_Agent:
    type: Cloud.Puppet
    properties:
      provider: PEOnAWS
      environment: production
      role: 'role::linux_webserver'
      host: '${Webserver.*}'
      osType: linux
      username: '${input.username}'
      password: '${input.password}'
      useSudo: true

在自訂 Amazon Machine Image 上對現有使用者進行雲端組態驗證。

inputs:
  username:
    type: string
    title: Username
    default: puppet
  password:
    type: string
    title: Password
    encrypted: true
    default: VMware@123
resources:
  Webserver:
    type: Cloud.AWS.EC2.Instance
    properties:
      flavor: small
      image: centos
      cloudConfig: |
        #cloud-config
        runcmd:
          - sudo sed -e 's/.*PasswordAuthentication no.*/PasswordAuthentication yes/' -i /etc/ssh/sshd_config
          - sudo service sshd restart
  Puppet_Agent:
    type: Cloud.Puppet
    properties:
      provider: PEOnAWS
      environment: production
      role: 'role::linux_webserver'
      host: '${Webserver.*}'
      osType: linux
      username: '${input.username}'
      password: '${input.password}'
      useSudo: true

具有已產生 PublicPrivateKey 的 AWS 上的 Puppet 管理

範例...	範例藍圖 YAML
具有 generatedPublicPrivateKey acces 的 AWS 上的 remoteAccess.authentication 驗證。	inputs: {} resources: Machine: type: Cloud.AWS.EC2.Instance properties: flavor: small imageRef: ami-a4dc46db remoteAccess: authentication: generatedPublicPrivateKey Puppet_Agent: type: Cloud.Puppet properties: provider: puppet-BlueprintProvisioningITSuite environment: production role: 'role::linux_webserver' host: '${Machine.*}’ osType: linux username: ubuntu useSudo: true agentConfiguration: runInterval: 15m certName: ‘${Machine.address}' useSudo: true

範例...

範例藍圖 YAML

具有 generatedPublicPrivateKey acces 的 AWS 上的 remoteAccess.authentication 驗證。

inputs: {}
resources:
  Machine:
    type: Cloud.AWS.EC2.Instance
    properties:
      flavor: small
      imageRef: ami-a4dc46db
      remoteAccess:
        authentication: generatedPublicPrivateKey
  Puppet_Agent:
    type: Cloud.Puppet
    properties:
      provider: puppet-BlueprintProvisioningITSuite
      environment: production
      role: 'role::linux_webserver'
      host: '${Machine.*}’
      osType: linux
      username: ubuntu
      useSudo: true
      agentConfiguration:
        runInterval: 15m
        certName: ‘${Machine.address}'
      useSudo: true