puppet 的简单介绍：http://baike.baidu.com/view/1794764.htm

环境：
#uname -a
Linux AS-1 2.6.18-164.el5 #1 SMP Tue Aug 18 15:51:54 EDT 2009 i686 athlon i386 GNU/Linux
Linux AS-2 2.6.18-164.el5 #1 SMP Tue Aug 18 15:51:54 EDT 2009 i686 athlon i386 GNU/Linux
master AS-1
client AS-2



1 安装ruby
操作系统光盘中有，安装。
yum install ruby
2 安装puppet
因为光盘中没有puppet，使用下列方法安装
rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
master yum install puppet-server
client yum install puppet
3 配置master
#more /etc/hosts        //host文件中写入所有client和master
192.168.8.10 AS-1
192.168.8.11 AS-2
#cd /etc/puppet/manifests
#vim site.pp            //启动时必须要有
file { "/tmp/testfile":
ensure => present,
owner => "root",
group => "bin",
mode => 644,
}
#service puppetmaster start     //启动puppet服务端
4 配置client
#cd /etc/puppet
#vim puppet.com
……
在[puppetd]段中加入：
server=AS-1
listen = true
#vim namespaceauth.conf
[fileserver]
allow *
[puppetmaster]
allow *
[puppetrunner]
allow *
[puppetbucket]
allow *
[puppetreports]
allow *
[resource]
allow *
//This file specifies who has access to each namespace;
//if you create the file you must add every namespace you
//want any Puppet daemon to allow — the same file is currently used by all Puppet daemons.
//This is what you would install on your Puppet master; non-master hosts could leave off the
//‘fileserver’ and ‘puppetmaster’ namespaces.
//This file must exist to start puppetd with —listen.
#service puppet start
5 签名证书
master:
#puppetsa --list     //在客户端服务启动后，我就在服务端看到了客户端的信息
as-2            //网络上一些信息是：在客户端执行下列命令行后，才会在服务端出现客户端的信息
//#puppetd –server AS-1 –waitforcert 60 –test
//上面的命令在执行后，puppet服务会启动
#puppetsa --sign as-2    将as-2加入签名证书
6 测试：
client：
#ls /tmp
如果出现 testfile,说明配置成功。
7 问题汇总：
master:
1>     #puppetrun --host AS-2
Host AS-2 failed: HTTP-Error: 500 Internal Server Error
AS-2 finished with exit code 2
Failed: AS-2
//原因是没有namespaceauth.conf配置错误
2>    client:
没有启动 8139 端口，puppet.conf中没有加入listen=true