{"id":34965,"date":"2024-09-11T10:39:07","date_gmt":"2024-09-11T03:39:07","guid":{"rendered":"http:\/\/jupitek.maudemo.vip\/index.php\/2024\/09\/11\/getting-started-with-puppet-installation-and-setup\/"},"modified":"2024-09-11T10:39:07","modified_gmt":"2024-09-11T03:39:07","slug":"getting-started-with-puppet-installation-and-setup","status":"publish","type":"post","link":"https:\/\/jupitek.maudemo.vip\/index.php\/2024\/09\/11\/getting-started-with-puppet-installation-and-setup\/","title":{"rendered":"B\u1eaft \u0111\u1ea7u v\u1edbi Puppet \u2013 C\u00e0i \u0111\u1eb7t v\u00e0 thi\u1ebft l\u1eadp"},"content":{"rendered":"<p><a href=\"https:\/\/puppet.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Puppet<\/a>&nbsp;l\u00e0 m\u1ed9t c\u00f4ng c\u1ee5 qu\u1ea3n l\u00fd c\u1ea5u h\u00ecnh gi\u00fap \u0111\u01a1n gi\u1ea3n h\u00f3a vi\u1ec7c qu\u1ea3n tr\u1ecb h\u1ec7 th\u1ed1ng. Puppet s\u1eed d\u1ee5ng m\u00f4 h\u00ecnh m\u00e1y kh\u00e1ch\/m\u00e1y ch\u1ee7 trong \u0111\u00f3 c\u00e1c n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd c\u1ee7a b\u1ea1n, ch\u1ea1y m\u1ed9t quy tr\u00ecnh g\u1ecdi l\u00e0&nbsp;<em>t\u00e1c nh\u00e2n<\/em>&nbsp;Puppet , trao \u0111\u1ed5i v\u00e0 k\u00e9o xu\u1ed1ng c\u00e1c c\u1ea5u h\u00ecnh t\u1eeb m\u1ed9t&nbsp;<em>m\u00e1y ch\u1ee7<\/em>&nbsp;Puppet .<\/p>\n<p>Tri\u1ec3n khai Puppet c\u00f3 th\u1ec3 bao g\u1ed3m t\u1eeb nh\u00f3m m\u00e1y ch\u1ee7 nh\u1ecf \u0111\u1ebfn ho\u1ea1t \u0111\u1ed9ng c\u1ea5p doanh nghi\u1ec7p. H\u01b0\u1edbng d\u1eabn n\u00e0y s\u1ebd tr\u00ecnh b\u00e0y c\u00e1ch c\u00e0i \u0111\u1eb7t Puppet 6.1 tr\u00ean ba m\u00e1y ch\u1ee7:<\/p>\n<ul>\n<li>M\u1ed9t Puppet master ch\u1ea1y Ubuntu 18.04<\/li>\n<li>M\u1ed9t n\u00fat Puppet \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd ch\u1ea1y Ubuntu 18.04<\/li>\n<li>M\u1ed9t n\u00fat Puppet \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd ch\u1ea1y CentOS 7<\/li>\n<\/ul>\n<p>Sau khi c\u00e0i \u0111\u1eb7t, ph\u1ea7n ti\u1ebfp theo s\u1ebd ch\u1ec9 cho b\u1ea1n c\u00e1ch b\u1ea3o m\u1eadt c\u00e1c m\u00e1y ch\u1ee7 n\u00e0y th\u00f4ng qua Puppet. Ph\u1ea7n n\u00e0y s\u1ebd tr\u00ecnh b\u00e0y c\u00e1c t\u00ednh n\u0103ng c\u1ed1t l\u00f5i c\u1ee7a ng\u00f4n ng\u1eef Puppet.<\/p>\n<p class=\"has-background\" style=\"background-color:#74f78c33\">Ghi ch\u00fa: H\u1ea7u h\u1ebft c\u00e1c h\u01b0\u1edbng d\u1eabn s\u1ebd h\u01b0\u1edbng d\u1eabn b\u1ea1n l\u00e0m theo h\u01b0\u1edbng d\u1eabn&nbsp;<a href=\"https:\/\/www.linode.com\/docs\/products\/compute\/compute-instances\/guides\/set-up-and-secure\/\">Thi\u1ebft l\u1eadp v\u00e0 B\u1ea3o m\u1eadt Phi\u00ean b\u1ea3n Compute<\/a>&nbsp;tr\u01b0\u1edbc khi ti\u1ebfn h\u00e0nh. V\u00ec Puppet s\u1ebd \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 th\u1ef1c hi\u1ec7n t\u00e1c v\u1ee5 n\u00e0y, b\u1ea1n n\u00ean b\u1eaft \u0111\u1ea7u h\u01b0\u1edbng d\u1eabn n\u00e0y v\u1edbi t\u01b0 c\u00e1ch l\u00e0 ng\u01b0\u1eddi&nbsp;<code>root<\/code>d\u00f9ng. Ng\u01b0\u1eddi d\u00f9ng b\u1ecb gi\u1edbi h\u1ea1n v\u1edbi c\u00e1c \u0111\u1eb7c quy\u1ec1n qu\u1ea3n tr\u1ecb s\u1ebd \u0111\u01b0\u1ee3c c\u1ea5u h\u00ecnh th\u00f4ng qua Puppet trong c\u00e1c b\u01b0\u1edbc sau.<\/p>\n<h2 id=\"before-you-begin\">Tr\u01b0\u1edbc khi b\u1ea1n b\u1eaft \u0111\u1ea7u<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#before-you-begin\"><\/a><\/h2>\n<p>B\u1ea3ng sau \u0111\u00e2y hi\u1ec3n th\u1ecb th\u00f4ng tin h\u1ec7 th\u1ed1ng m\u1eabu cho c\u00e1c m\u00e1y ch\u1ee7 s\u1ebd \u0111\u01b0\u1ee3c tri\u1ec3n khai trong h\u01b0\u1edbng d\u1eabn n\u00e0y:<\/p>\n<figure class=\"wp-block-table\">\n<table>\n<thead>\n<tr>\n<th>S\u1ef1 mi\u00eau t\u1ea3<\/th>\n<th>B\u1ea0N<\/th>\n<th>T\u00ean m\u00e1y ch\u1ee7<\/th>\n<th>S\u1ed1 hi\u1ec7u \u0111\u1ea7y \u0111\u1ee7<\/th>\n<th>\u0110\u1ecba ch\u1ec9 IP<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n r\u1ed1i<\/td>\n<td>Ubuntu 18.04<\/td>\n<td>con r\u1ed1i<\/td>\n<td>puppet.example.com<\/td>\n<td>192.0.2.2<\/td>\n<\/tr>\n<tr>\n<td>N\u00fat 1 (Ubuntu)<\/td>\n<td>Ubuntu 18.04<\/td>\n<td>t\u00e1c nh\u00e2n r\u1ed1i-ubuntu<\/td>\n<td>con r\u1ed1i-agent-ubuntu.example.com<\/td>\n<td>192.0.2.3<\/td>\n<\/tr>\n<tr>\n<td>N\u00fat 2 (CentOS)<\/td>\n<td>CentOS 7<\/td>\n<td>con r\u1ed1i-\u0111\u1ea1i l\u00fd-centos<\/td>\n<td>con r\u1ed1i-agent-centos.example.com<\/td>\n<td>192.0.2.4<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n<p>B\u1ea1n c\u00f3 th\u1ec3 ch\u1ecdn t\u00ean m\u00e1y ch\u1ee7 kh\u00e1c nhau v\u00e0 t\u00ean mi\u1ec1n \u0111\u1ee7 \u0111i\u1ec1u ki\u1ec7n (FQDN) cho m\u1ed7i m\u00e1y ch\u1ee7 c\u1ee7a m\u00ecnh v\u00e0 \u0111\u1ecba ch\u1ec9 IP cho m\u00e1y ch\u1ee7 c\u1ee7a b\u1ea1n s\u1ebd kh\u00e1c v\u1edbi c\u00e1c \u0111\u1ecba ch\u1ec9 v\u00ed d\u1ee5 \u0111\u01b0\u1ee3c li\u1ec7t k\u00ea. B\u1ea1n s\u1ebd c\u1ea7n ph\u1ea3i c\u00f3 t\u00ean mi\u1ec1n \u0111\u00e3 \u0111\u0103ng k\u00fd \u0111\u1ec3 ch\u1ec9 \u0111\u1ecbnh FQDN cho m\u00e1y ch\u1ee7 c\u1ee7a m\u00ecnh.<\/p>\n<p>Trong su\u1ed1t h\u01b0\u1edbng d\u1eabn n\u00e0y, c\u00e1c l\u1ec7nh v\u00e0 \u0111o\u1ea1n m\u00e3 s\u1ebd tham chi\u1ebfu \u0111\u1ebfn c\u00e1c gi\u00e1 tr\u1ecb \u0111\u01b0\u1ee3c hi\u1ec3n th\u1ecb trong b\u1ea3ng n\u00e0y. B\u1ea5t c\u1ee9 khi n\u00e0o gi\u00e1 tr\u1ecb nh\u01b0 v\u1eady xu\u1ea5t hi\u1ec7n, h\u00e3y thay th\u1ebf b\u1eb1ng gi\u00e1 tr\u1ecb c\u1ee7a ri\u00eang b\u1ea1n.<\/p>\n<h3 id=\"create-your-linodes\">T\u1ea1o Linode c\u1ee7a b\u1ea1n<\/h3>\n<ol>\n<li>T\u1ea1o ba Linode t\u01b0\u01a1ng \u1ee9ng v\u1edbi c\u00e1c m\u00e1y ch\u1ee7 \u0111\u01b0\u1ee3c li\u1ec7t k\u00ea trong b\u1ea3ng tr\u00ean. Puppet master Linode c\u1ee7a b\u1ea1n ph\u1ea3i c\u00f3 \u00edt nh\u1ea5t b\u1ed1n l\u00f5i CPU; g\u00f3i&nbsp;<a href=\"https:\/\/www.linode.com\/pricing\" target=\"_blank\" rel=\"noreferrer noopener\">Linode 8GB<\/a>&nbsp;\u0111\u01b0\u1ee3c khuy\u1ebfn ngh\u1ecb. Hai n\u00fat c\u00f2n l\u1ea1i c\u00f3 th\u1ec3 c\u00f3 b\u1ea5t k\u1ef3 k\u00edch th\u01b0\u1edbc g\u00f3i n\u00e0o, t\u00f9y thu\u1ed9c v\u00e0o c\u00e1ch b\u1ea1n \u0111\u1ecbnh s\u1eed d\u1ee5ng ch\u00fang sau khi Puppet \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t v\u00e0 c\u1ea5u h\u00ecnh.<\/li>\n<li><a href=\"https:\/\/www.linode.com\/docs\/products\/compute\/compute-instances\/guides\/set-up-and-secure\/#set-the-timezone\">C\u1ea5u h\u00ecnh m\u00fai gi\u1edd<\/a>&nbsp;tr\u00ean c\u00e1c n\u00fat ch\u00ednh v\u00e0 n\u00fat t\u00e1c nh\u00e2n c\u1ee7a b\u1ea1n \u0111\u1ec3 t\u1ea5t c\u1ea3 ch\u00fang \u0111\u1ec1u c\u00f3 c\u00f9ng d\u1eef li\u1ec7u th\u1eddi gian.<\/li>\n<li><a href=\"https:\/\/www.linode.com\/docs\/products\/compute\/compute-instances\/guides\/set-up-and-secure\/#configure-a-custom-hostname\">\u0110\u1eb7t t\u00ean m\u00e1y ch\u1ee7<\/a>&nbsp;cho m\u1ed7i m\u00e1y ch\u1ee7.<\/li>\n<li><a href=\"https:\/\/www.linode.com\/docs\/guides\/using-your-systems-hosts-file\/\">\u0110\u1eb7t FQDN<\/a>&nbsp;cho m\u1ed7i Linode b\u1eb1ng c\u00e1ch ch\u1ec9nh s\u1eeda c\u00e1c t\u1ec7p c\u1ee7a m\u00e1y ch\u1ee7&nbsp;<code>\/etc\/hosts<\/code>.<\/li>\n<li><a href=\"https:\/\/www.linode.com\/docs\/products\/networking\/dns-manager\/guides\/manage-dns-records\/\">Thi\u1ebft l\u1eadp b\u1ea3n ghi DNS<\/a>&nbsp;cho FQDN c\u1ee7a Linode. \u0110\u1ed1i v\u1edbi m\u1ed7i Linode, h\u00e3y t\u1ea1o m\u1ed9t&nbsp;<em>b\u1ea3n ghi A<\/em>&nbsp;m\u1edbi v\u1edbi t\u00ean \u0111\u01b0\u1ee3c ch\u1ec9 \u0111\u1ecbnh b\u1edfi FQDN c\u1ee7a n\u00f3 v\u00e0 g\u00e1n n\u00f3 cho \u0111\u1ecba ch\u1ec9 IP c\u1ee7a Linode \u0111\u00f3.N\u1ebfu b\u1ea1n kh\u00f4ng s\u1eed d\u1ee5ng m\u00e1y ch\u1ee7 t\u00ean c\u1ee7a Linode cho t\u00ean mi\u1ec1n c\u1ee7a m\u00ecnh, h\u00e3y tham kh\u1ea3o trang web c\u1ee7a c\u01a1 quan qu\u1ea3n l\u00fd m\u00e1y ch\u1ee7 t\u00ean \u0111\u1ec3 bi\u1ebft h\u01b0\u1edbng d\u1eabn v\u1ec1 c\u00e1ch ch\u1ec9nh s\u1eeda b\u1ea3n ghi DNS.<\/li>\n<\/ol>\n<h2 id=\"puppet-master\">Ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n r\u1ed1i<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#puppet-master\"><\/a><\/h2>\n<h3 id=\"install-the-puppet-server-software\">C\u00e0i \u0111\u1eb7t ph\u1ea7n m\u1ec1m Puppet Server<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#install-the-puppet-server-software\"><\/a><\/h3>\n<p>Puppet master ch\u1ea1y&nbsp;<code>puppetserver<\/code>d\u1ecbch v\u1ee5, c\u00f3 tr\u00e1ch nhi\u1ec7m bi\u00ean d\u1ecbch v\u00e0 cung c\u1ea5p h\u1ed3 s\u01a1 c\u1ea5u h\u00ecnh cho c\u00e1c n\u00fat \u0111\u01b0\u1ee3c b\u1ea1n qu\u1ea3n l\u00fd.<\/p>\n<p>D\u1ecbch&nbsp;<code>puppetserver<\/code>v\u1ee5 c\u00f3 d\u1ecbch v\u1ee5 t\u00e1c nh\u00e2n Puppet l\u00e0m ph\u1ee5 thu\u1ed9c (ch\u1ec9 \u0111\u01b0\u1ee3c g\u1ecdi&nbsp;<code>puppet<\/code>khi ch\u1ea1y tr\u00ean h\u1ec7 th\u1ed1ng c\u1ee7a b\u1ea1n). \u0110i\u1ec1u n\u00e0y c\u00f3 ngh\u0129a l\u00e0 ph\u1ea7n m\u1ec1m t\u00e1c nh\u00e2n c\u0169ng s\u1ebd \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t v\u00e0 c\u00f3 th\u1ec3 ch\u1ea1y tr\u00ean m\u00e1y ch\u1ee7 c\u1ee7a b\u1ea1n. V\u00ec m\u00e1y ch\u1ee7 c\u1ee7a b\u1ea1n c\u00f3 th\u1ec3 ch\u1ea1y d\u1ecbch v\u1ee5 t\u00e1c nh\u00e2n, b\u1ea1n c\u00f3 th\u1ec3 c\u1ea5u h\u00ecnh m\u00e1y ch\u1ee7 c\u1ee7a m\u00ecnh th\u00f4ng qua Puppet gi\u1ed1ng nh\u01b0 b\u1ea1n c\u00f3 th\u1ec3 c\u1ea5u h\u00ecnh c\u00e1c n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd kh\u00e1c c\u1ee7a m\u00ecnh.<\/p>\n<p>1.\u0110\u0103ng nh\u1eadp v\u00e0o Puppet master c\u1ee7a b\u1ea1n th\u00f4ng qua SSH (v\u1edbi t\u01b0 c\u00e1ch l\u00e0 root):<\/p>\n<pre class=\"wp-block-code\"><code>ssh root@puppet.example.com\n<\/code><\/pre>\n<p>2.T\u1ea3i xu\u1ed1ng kho l\u01b0u tr\u1eef Puppet, c\u1eadp nh\u1eadt c\u00e1c g\u00f3i h\u1ec7 th\u1ed1ng c\u1ee7a b\u1ea1n v\u00e0 c\u00e0i \u0111\u1eb7t&nbsp;<code>puppetserver<\/code>:<\/p>\n<pre class=\"wp-block-code\"><code>wget https:\/\/apt.puppet.com\/puppet-release-bionic.deb\ndpkg -i puppet-release-bionic.deb\napt update\napt install puppetserver<\/code><\/pre>\n<h3 id=\"configure-the-server-software\">C\u1ea5u h\u00ecnh ph\u1ea7n m\u1ec1m m\u00e1y ch\u1ee7<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#configure-the-server-software\"><\/a><\/h3>\n<p>1.S\u1eed d\u1ee5ng&nbsp;<code>puppet config<\/code>l\u1ec7nh \u0111\u1ec3 thi\u1ebft l\u1eadp gi\u00e1 tr\u1ecb cho&nbsp;<code>dns_alt_names<\/code>c\u00e0i \u0111\u1eb7t:<\/p>\n<pre class=\"wp-block-code\"><code>\/opt\/puppetlabs\/bin\/puppet config set dns_alt_names 'puppet,puppet.example.com' --section main\n<\/code><\/pre>\n<p>N\u1ebfu b\u1ea1n ki\u1ec3m tra t\u1ec7p c\u1ea5u h\u00ecnh, b\u1ea1n s\u1ebd th\u1ea5y c\u00e0i \u0111\u1eb7t \u0111\u00e3 \u0111\u01b0\u1ee3c th\u00eam v\u00e0o:<\/p>\n<pre class=\"wp-block-code\"><code>cat \/etc\/puppetlabs\/puppet\/puppet.conf\n<\/code><\/pre>\n<pre class=\"wp-block-code\"><code>&#91;main]\ndns_alt_names = puppet,puppet.example.com\n# ...<\/code><\/pre>\n<p class=\"has-background\" style=\"background-color:#74f78c33\">Ghi ch\u00fa:Theo m\u1eb7c \u0111\u1ecbnh, l\u1ec7nh&nbsp;<code>puppet<\/code>kh\u00f4ng \u0111\u01b0\u1ee3c th\u00eam v\u00e0o PATH c\u1ee7a b\u1ea1n. S\u1eed d\u1ee5ng l\u1ec7nh t\u01b0\u01a1ng t\u00e1c c\u1ee7a Puppet y\u00eau c\u1ea7u \u0111\u01b0\u1eddng d\u1eabn t\u1ec7p \u0111\u1ea7y \u0111\u1ee7. \u0110\u1ec3 tr\u00e1nh \u0111i\u1ec1u n\u00e0y, h\u00e3y c\u1eadp nh\u1eadt PATH cho phi\u00ean shell hi\u1ec7n t\u1ea1i c\u1ee7a b\u1ea1n:<\/p>\n<pre class=\"wp-block-code\"><code>export PATH=\/opt\/puppetlabs\/bin:$PATH\n<\/code><\/pre>\n<p>M\u1ed9t gi\u1ea3i ph\u00e1p l\u00e2u d\u00e0i h\u01a1n l\u00e0 th\u00eam \u0111i\u1ec1u n\u00e0y v\u00e0o t\u1ec7p c\u1ee7a&nbsp;<code>.profile<\/code>b\u1ea1n&nbsp;<code>.bashrc<\/code>.<\/p>\n<p>2.C\u1eadp nh\u1eadt Puppet master c\u1ee7a b\u1ea1n&nbsp;<code>\/etc\/hosts<\/code>\u0111\u1ec3 gi\u1ea3i quy\u1ebft \u0111\u1ecba ch\u1ec9 IP c\u1ee7a c\u00e1c n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd c\u1ee7a b\u1ea1n. V\u00ed d\u1ee5,&nbsp;<code>\/etc\/hosts<\/code>t\u1ec7p c\u1ee7a b\u1ea1n c\u00f3 th\u1ec3 tr\u00f4ng nh\u01b0 sau:<\/p>\n<pre class=\"wp-block-code\"><code>127.0.0.1   localhost\n192.0.2.2   puppet.example.com puppet\n\n192.0.2.3   puppet-agent-ubuntu.example.com puppet-agent-ubuntu\n192.0.2.4   puppet-agent-centos.example.com puppet-agent-centos\n\n# The following lines are desirable for IPv6 capable hosts\n::1     localhost ip6-localhost ip6-loopback\nff02::1 ip6-allnodes\nff02::2 ip6-allrouters<\/code><\/pre>\n<p>Ghi ch\u00fa: \u0110o\u1ea1n m\u00e3 n\u00e0y k\u1ebft h\u1ee3p khai b\u00e1o FQDN \u0111\u01b0\u1ee3c m\u00f4 t\u1ea3 trong ph\u1ea7n&nbsp;<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#create-your-linodes\">T\u1ea1o Linodes c\u1ee7a b\u1ea1n<\/a>&nbsp;.<\/p>\n<p>3.Kh\u1edfi \u0111\u1ed9ng v\u00e0 k\u00edch ho\u1ea1t&nbsp;<code>puppetserver<\/code>d\u1ecbch v\u1ee5:<\/p>\n<pre class=\"wp-block-code\"><code>systemctl start puppetserver\nsystemctl enable puppetserver<\/code><\/pre>\n<p>Theo m\u1eb7c \u0111\u1ecbnh, Puppet master s\u1ebd l\u1eafng nghe c\u00e1c k\u1ebft n\u1ed1i c\u1ee7a m\u00e1y kh\u00e1ch tr\u00ean c\u1ed5ng 8140. N\u1ebfu d\u1ecbch&nbsp;<code>puppetserver<\/code>v\u1ee5 kh\u00f4ng kh\u1edfi \u0111\u1ed9ng \u0111\u01b0\u1ee3c, h\u00e3y ki\u1ec3m tra xem c\u1ed5ng \u0111\u00f3 \u0111\u00e3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng ch\u01b0a:<\/p>\n<pre class=\"wp-block-code\"><code>netstat -anpl | grep 8140<\/code><\/pre>\n<h2 id=\"puppet-agents\">C\u00e1c t\u00e1c nh\u00e2n b\u00f9 nh\u00ecn<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#puppet-agents\"><\/a><\/h2>\n<h3 id=\"install-puppet-agent\">C\u00e0i \u0111\u1eb7t Puppet Agent<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#install-puppet-agent\"><\/a><\/h3>\n<p>1.Tr\u00ean n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd c\u1ee7a b\u1ea1n ch\u1ea1y&nbsp;<strong>Ubuntu 18.04<\/strong>&nbsp;, h\u00e3y c\u00e0i \u0111\u1eb7t&nbsp;<code>puppet-agent<\/code>g\u00f3i:<\/p>\n<pre class=\"wp-block-code\"><code>wget https:\/\/apt.puppet.com\/puppet-release-bionic.deb\ndpkg -i puppet-release-bionic.deb\napt update\napt install puppet-agent<\/code><\/pre>\n<p>2.Tr\u00ean n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd c\u1ee7a b\u1ea1n \u0111ang ch\u1ea1y&nbsp;<strong>CentOS 7<\/strong>&nbsp;, h\u00e3y nh\u1eadp:<\/p>\n<pre class=\"wp-block-code\"><code>rpm -Uvh https:\/\/yum.puppet.com\/puppet\/puppet-release-el-7.noarch.rpm\nyum install puppet-agent<\/code><\/pre>\n<h3 id=\"configure-puppet-agent\">C\u1ea5u h\u00ecnh Puppet Agent<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#configure-puppet-agent\"><\/a><\/h3>\n<p>1.S\u1eeda \u0111\u1ed5i c\u00e1c t\u1ec7p m\u00e1y ch\u1ee7 c\u1ee7a c\u00e1c n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd c\u1ee7a b\u1ea1n \u0111\u1ec3 gi\u1ea3i quy\u1ebft IP c\u1ee7a Puppet master. \u0110\u1ec3 th\u1ef1c hi\u1ec7n, h\u00e3y th\u00eam m\u1ed9t d\u00f2ng nh\u01b0 sau:<\/p>\n<pre class=\"wp-block-code\"><code>192.0.2.2    puppet.example.com puppet<\/code><\/pre>\n<p>2.Tr\u00ean m\u1ed7i n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd, h\u00e3y s\u1eed d\u1ee5ng&nbsp;<code>puppet config<\/code>l\u1ec7nh \u0111\u1ec3 \u0111\u1eb7t gi\u00e1 tr\u1ecb cho&nbsp;<code>server<\/code>c\u00e0i \u0111\u1eb7t c\u1ee7a b\u1ea1n th\u00e0nh FQDN c\u1ee7a m\u00e1y ch\u1ee7 ch\u00ednh:<\/p>\n<pre class=\"wp-block-code\"><code>\/opt\/puppetlabs\/bin\/puppet config set server 'puppet.example.com' --section main\n<\/code><\/pre>\n<p>N\u1ebfu b\u1ea1n ki\u1ec3m tra t\u1ec7p c\u1ea5u h\u00ecnh tr\u00ean c\u00e1c n\u00fat, b\u1ea1n s\u1ebd th\u1ea5y c\u00e0i \u0111\u1eb7t \u0111\u00e3 \u0111\u01b0\u1ee3c th\u00eam v\u00e0o:<\/p>\n<pre class=\"wp-block-code\"><code>cat \/etc\/puppetlabs\/puppet\/puppet.conf<\/code><\/pre>\n<pre class=\"wp-block-code\"><code>&#91;main]\nserver = puppet.example.com\n# ...<\/code><\/pre>\n<p>3.S\u1eed d\u1ee5ng&nbsp;<code>puppet resource<\/code>l\u1ec7nh \u0111\u1ec3 kh\u1edfi \u0111\u1ed9ng v\u00e0 k\u00edch ho\u1ea1t d\u1ecbch v\u1ee5 t\u00e1c nh\u00e2n Puppet:<\/p>\n<pre class=\"wp-block-code\"><code>\/opt\/puppetlabs\/bin\/puppet resource service puppet ensure=running enable=true\n<\/code><\/pre>\n<p class=\"has-background\" style=\"background-color:#74f78c33\">Ghi ch\u00fa:Tr\u00ean h\u1ec7 th\u1ed1ng systemd, l\u1ec7nh tr\u00ean t\u01b0\u01a1ng \u0111\u01b0\u01a1ng v\u1edbi vi\u1ec7c s\u1eed d\u1ee5ng hai&nbsp;<code>systemctl<\/code>l\u1ec7nh sau:<\/p>\n<pre class=\"wp-block-code\"><code>systemctl start puppet\nsystemctl enable puppet<\/code><\/pre>\n<h3 id=\"generate-and-sign-certificates\">T\u1ea1o v\u00e0 k\u00fd ch\u1ee9ng ch\u1ec9<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#generate-and-sign-certificates\"><\/a><\/h3>\n<p>Tr\u01b0\u1edbc khi c\u00e1c n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd c\u1ee7a b\u1ea1n c\u00f3 th\u1ec3 nh\u1eadn c\u1ea5u h\u00ecnh t\u1eeb m\u00e1y ch\u1ee7, tr\u01b0\u1edbc ti\u00ean ch\u00fang c\u1ea7n \u0111\u01b0\u1ee3c x\u00e1c th\u1ef1c:<\/p>\n<p>1.Tr\u00ean&nbsp;<strong>c\u00e1c t\u00e1c nh\u00e2n Puppet<\/strong>&nbsp;c\u1ee7a b\u1ea1n , h\u00e3y t\u1ea1o m\u1ed9t ch\u1ee9ng ch\u1ec9 \u0111\u1ec3 ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n Puppet k\u00fd:<\/p>\n<pre class=\"wp-block-code\"><code><code>\/opt\/puppetlabs\/bin\/puppet agent -t <\/code><\/code><\/pre>\n<p>L\u1ec7nh n\u00e0y s\u1ebd xu\u1ea5t ra l\u1ed7i, th\u00f4ng b\u00e1o r\u1eb1ng kh\u00f4ng t\u00ecm th\u1ea5y ch\u1ee9ng ch\u1ec9 n\u00e0o. L\u1ed7i n\u00e0y l\u00e0 do ch\u1ee9ng ch\u1ec9 \u0111\u01b0\u1ee3c t\u1ea1o ra c\u1ea7n \u0111\u01b0\u1ee3c Puppet master ch\u1ea5p thu\u1eadn.<\/p>\n<p>2.\u0110\u0103ng nh\u1eadp v\u00e0o&nbsp;<strong>Puppet master<\/strong>&nbsp;c\u1ee7a b\u1ea1n v\u00e0 li\u1ec7t k\u00ea c\u00e1c ch\u1ee9ng ch\u1ec9 c\u1ea7n ph\u00ea duy\u1ec7t:<\/p>\n<pre class=\"wp-block-code\"><code><code>\/opt\/puppetlabs\/bin\/puppetserver ca list <\/code><\/code><\/pre>\n<p>N\u00f3 s\u1ebd xu\u1ea5t ra danh s\u00e1ch t\u00ean m\u00e1y ch\u1ee7 c\u1ee7a c\u00e1c n\u00fat t\u00e1c nh\u00e2n c\u1ee7a b\u1ea1n.<\/p>\n<p>3.Ph\u00ea duy\u1ec7t ch\u1ee9ng ch\u1ec9:<\/p>\n<pre class=\"wp-block-code\"><code>\/opt\/puppetlabs\/bin\/puppetserver ca sign --certname puppet-agent-ubuntu.example.com,puppet-agent-centos.example.com\n<\/code><\/pre>\n<p>4.Quay l\u1ea1i c\u00e1c n\u00fat&nbsp;<strong>t\u00e1c nh\u00e2n Puppet<\/strong>&nbsp;v\u00e0 ch\u1ea1y l\u1ea1i t\u00e1c nh\u00e2n Puppet:<\/p>\n<pre class=\"wp-block-code\"><code>\/opt\/puppetlabs\/bin\/puppet agent -t\n<\/code><\/pre>\n<p>B\u1ea1n s\u1ebd th\u1ea5y n\u1ed9i dung t\u01b0\u01a1ng t\u1ef1 nh\u01b0 sau:<\/p>\n<pre class=\"wp-block-code\"><code>Info: Downloaded certificate for hostname.example.com from puppet\nInfo: Using configured environment 'production'\nInfo: Retrieving pluginfacts\nInfo: Retrieving plugin\nInfo: Retrieving locales\nInfo: Caching catalog for hostname.example.com\nInfo: Applying configuration version '1547066428'\nInfo: Creating state file \/opt\/puppetlabs\/puppet\/cache\/state\/state.yaml\nNotice: Applied catalog in 0.02 seconds<\/code><\/pre>\n<h2 id=\"add-modules-to-configure-agent-nodes\">Th\u00eam M\u00f4-\u0111un \u0111\u1ec3 C\u1ea5u h\u00ecnh N\u00fat \u0110\u1ea1i l\u00fd<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#add-modules-to-configure-agent-nodes\"><\/a><\/h2>\n<p>C\u00e1c n\u00fat Puppet master v\u00e0 agent hi\u1ec7n \u0111\u00e3 ho\u1ea1t \u0111\u1ed9ng, nh\u01b0ng ch\u00fang kh\u00f4ng an to\u00e0n. D\u1ef1a tr\u00ean c\u00e1c kh\u00e1i ni\u1ec7m t\u1eeb h\u01b0\u1edbng d\u1eabn&nbsp;<a href=\"https:\/\/www.linode.com\/docs\/products\/compute\/compute-instances\/guides\/set-up-and-secure\/\">Thi\u1ebft l\u1eadp v\u00e0 b\u1ea3o m\u1eadt Compute Instance<\/a>&nbsp;, n\u00ean c\u1ea5u h\u00ecnh m\u1ed9t ng\u01b0\u1eddi d\u00f9ng gi\u1edbi h\u1ea1n v\u00e0 t\u01b0\u1eddng l\u1eeda. \u0110i\u1ec1u n\u00e0y c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n tr\u00ean t\u1ea5t c\u1ea3 c\u00e1c n\u00fat th\u00f4ng qua vi\u1ec7c t\u1ea1o c\u00e1c m\u00f4-\u0111un Puppet c\u01a1 b\u1ea3n, \u0111\u01b0\u1ee3c hi\u1ec3n th\u1ecb b\u00ean d\u01b0\u1edbi.<\/p>\n<p class=\"has-background\" style=\"background-color:#74f78c33\">Ghi ch\u00fa: \u0110i\u1ec1u n\u00e0y kh\u00f4ng nh\u1eb1m m\u1ee5c \u0111\u00edch cung c\u1ea5p c\u01a1 s\u1edf cho m\u1ed9t m\u00e1y ch\u1ee7 \u0111\u01b0\u1ee3c b\u1ea3o v\u1ec7 ho\u00e0n to\u00e0n v\u00e0 ch\u1ec9 nh\u1eb1m m\u1ee5c \u0111\u00edch l\u00e0 \u0111i\u1ec3m kh\u1edfi \u0111\u1ea7u. Thay \u0111\u1ed5i v\u00e0 th\u00eam c\u00e1c quy t\u1eafc t\u01b0\u1eddng l\u1eeda v\u00e0 c\u00e1c t\u00f9y ch\u1ecdn c\u1ea5u h\u00ecnh kh\u00e1c, t\u00f9y thu\u1ed9c v\u00e0o nhu c\u1ea7u c\u1ee5 th\u1ec3 c\u1ee7a b\u1ea1n.<\/p>\n<p>C\u00e1c m\u00f4-\u0111un Puppet l\u00e0 c\u00e1ch Puppet quy \u0111\u1ecbnh \u0111\u1ec3 t\u1ed5 ch\u1ee9c m\u00e3 c\u1ea5u h\u00ecnh nh\u1eb1m ph\u1ee5c v\u1ee5 c\u00e1c m\u1ee5c \u0111\u00edch c\u1ee5 th\u1ec3, nh\u01b0 c\u00e0i \u0111\u1eb7t v\u00e0 c\u1ea5u h\u00ecnh \u1ee9ng d\u1ee5ng. B\u1ea1n c\u00f3 th\u1ec3 t\u1ea1o c\u00e1c m\u00f4-\u0111un t\u00f9y ch\u1ec9nh ho\u1eb7c c\u00f3 th\u1ec3 t\u1ea3i xu\u1ed1ng v\u00e0 s\u1eed d\u1ee5ng c\u00e1c m\u00f4-\u0111un \u0111\u01b0\u1ee3c xu\u1ea5t b\u1ea3n tr\u00ean&nbsp;<a href=\"https:\/\/forge.puppet.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Puppet Forge<\/a>&nbsp;.<\/p>\n<h3 id=\"add-a-limited-user\">Th\u00eam Ng\u01b0\u1eddi d\u00f9ng b\u1ecb gi\u1edbi h\u1ea1n<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#add-a-limited-user\"><\/a><\/h3>\n<p>\u0110\u1ec3 t\u1ea1o ng\u01b0\u1eddi d\u00f9ng gi\u1edbi h\u1ea1n m\u1edbi tr\u00ean c\u00e1c n\u00fat c\u1ee7a b\u1ea1n, b\u1ea1n s\u1ebd t\u1ea1o v\u00e0 \u00e1p d\u1ee5ng m\u1ed9t m\u00f4-\u0111un m\u1edbi c\u00f3 t\u00ean l\u00e0&nbsp;<code>accounts<\/code>. M\u00f4-\u0111un n\u00e0y s\u1ebd s\u1eed d\u1ee5ng&nbsp;<a href=\"https:\/\/puppet.com\/docs\/puppet\/6.1\/types\/user.html\" target=\"_blank\" rel=\"noreferrer noopener\"><code>user<\/code>t\u00e0i nguy\u00ean<\/a>&nbsp;.<\/p>\n<p>1.T\u1eeb&nbsp;<strong>Puppet master<\/strong>&nbsp;, \u0111i\u1ec1u h\u01b0\u1edbng \u0111\u1ebfn th\u01b0&nbsp;<code>\/etc\/puppetlabs\/code\/environments\/production\/modules<\/code>m\u1ee5c. Khi m\u1ed9t n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd y\u00eau c\u1ea7u c\u1ea5u h\u00ecnh c\u1ee7a n\u00f3 t\u1eeb master, quy tr\u00ecnh m\u00e1y ch\u1ee7 Puppet s\u1ebd t\u00ecm ki\u1ebfm c\u00e1c m\u00f4-\u0111un c\u1ee7a b\u1ea1n \u1edf v\u1ecb tr\u00ed n\u00e0y:<\/p>\n<pre class=\"wp-block-code\"><code>cd \/etc\/puppetlabs\/code\/environments\/production\/modules\/\n<\/code><\/pre>\n<p>2.T\u1ea1o th\u01b0 m\u1ee5c cho m\u00f4&nbsp;<code>accounts<\/code>-\u0111un m\u1edbi:<\/p>\n<pre class=\"wp-block-code\"><code>mkdir accounts\ncd accounts<\/code><\/pre>\n<p>3.T\u1ea1o c\u00e1c th\u01b0 m\u1ee5c sau b\u00ean trong&nbsp;<code>accounts<\/code>m\u00f4-\u0111un:<\/p>\n<pre class=\"wp-block-code\"><code>mkdir {examples,files,manifests,templates}<\/code><\/pre>\n<figure class=\"wp-block-table\">\n<table>\n<thead>\n<tr>\n<th>Th\u01b0 m\u1ee5c<\/th>\n<th>S\u1ef1 mi\u00eau t\u1ea3<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>manifests<\/code><\/td>\n<td>M\u00e3 Puppet cung c\u1ea5p n\u0103ng l\u01b0\u1ee3ng cho m\u00f4-\u0111un<\/td>\n<\/tr>\n<tr>\n<td><code>files<\/code><\/td>\n<td>C\u00e1c t\u1eadp tin t\u0129nh \u0111\u01b0\u1ee3c sao ch\u00e9p v\u00e0o c\u00e1c n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd<\/td>\n<\/tr>\n<tr>\n<td><code>templates<\/code><\/td>\n<td>C\u00e1c t\u1ec7p m\u1eabu s\u1ebd \u0111\u01b0\u1ee3c sao ch\u00e9p v\u00e0o c\u00e1c n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd c\u00f3 th\u1ec3 t\u00f9y ch\u1ec9nh b\u1eb1ng c\u00e1c bi\u1ebfn<\/td>\n<\/tr>\n<tr>\n<td><code>examples<\/code><\/td>\n<td>M\u00e3 v\u00ed d\u1ee5 cho th\u1ea5y c\u00e1ch s\u1eed d\u1ee5ng m\u00f4-\u0111un<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n<p class=\"has-background\" style=\"background-color:#74f78c33\">Ghi ch\u00fa: <a href=\"https:\/\/puppet.com\/docs\/puppet\/6.1\/modules_fundamentals.html#module-structure\" target=\"_blank\" rel=\"noreferrer noopener\">Xem l\u1ea1i b\u00e0i vi\u1ebft v\u1ec1 nguy\u00ean t\u1eafc c\u01a1 b\u1ea3n c\u1ee7a Module<\/a>&nbsp;c\u1ee7a Puppet&nbsp;\u0111\u1ec3 bi\u1ebft th\u00eam th\u00f4ng tin v\u1ec1 c\u00e1ch c\u1ea5u tr\u00fac m\u1ed9t module.<\/p>\n<p>4.\u0110i\u1ec1u h\u01b0\u1edbng \u0111\u1ebfn th\u01b0&nbsp;<code>manifests<\/code>m\u1ee5c:<\/p>\n<pre class=\"wp-block-code\"><code>cd manifests<\/code><\/pre>\n<p>5.B\u1ea5t k\u1ef3 t\u1ec7p n\u00e0o ch\u1ee9a m\u00e3 Puppet \u0111\u1ec1u \u0111\u01b0\u1ee3c g\u1ecdi l\u00e0&nbsp;<em>manifest<\/em>&nbsp;v\u00e0 m\u1ed7i t\u1ec7p manifest \u0111\u1ec1u k\u1ebft th\u00fac b\u1eb1ng&nbsp;<code>.pp<\/code>. Khi n\u1eb1m b\u00ean trong m\u1ed9t m\u00f4-\u0111un, manifest ch\u1ec9 n\u00ean \u0111\u1ecbnh ngh\u0129a m\u1ed9t l\u1edbp. N\u1ebfu th\u01b0 m\u1ee5c manifests c\u1ee7a m\u00f4-\u0111un c\u00f3 m\u1ed9t&nbsp;<code>init.pp<\/code>t\u1ec7p, \u0111\u1ecbnh ngh\u0129a l\u1edbp m\u00e0 n\u00f3 ch\u1ee9a \u0111\u01b0\u1ee3c coi l\u00e0 l\u1edbp ch\u00ednh cho m\u00f4-\u0111un. \u0110\u1ecbnh ngh\u0129a l\u1edbp b\u00ean trong&nbsp;<code>init.pp<\/code>ph\u1ea3i c\u00f3 c\u00f9ng t\u00ean v\u1edbi m\u00f4-\u0111un.<\/p>\n<p>T\u1ea1o m\u1ed9t&nbsp;<code>init.pp<\/code>t\u1ec7p c\u00f3 n\u1ed9i dung c\u1ee7a \u0111o\u1ea1n m\u00e3 sau. Thay th\u1ebf t\u1ea5t c\u1ea3 c\u00e1c tr\u01b0\u1eddng h\u1ee3p&nbsp;<code>username<\/code>b\u1eb1ng t\u00ean ng\u01b0\u1eddi d\u00f9ng b\u1ea1n ch\u1ecdn:<\/p>\n<pre class=\"wp-block-code\"><code>class accounts {\n\n  user { 'username':\n    ensure      =&gt; present,\n    home        =&gt; '\/home\/username',\n    shell       =&gt; '\/bin\/bash',\n    managehome  =&gt; true,\n    gid         =&gt; 'username',\n  }\n\n}<\/code><\/pre>\n<figure class=\"wp-block-table\">\n<table>\n<thead>\n<tr>\n<th>L\u1ef1a ch\u1ecdn<\/th>\n<th>S\u1ef1 mi\u00eau t\u1ea3<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>ensure<\/code><\/td>\n<td>\u0110\u1ea3m b\u1ea3o r\u1eb1ng ng\u01b0\u1eddi d\u00f9ng t\u1ed3n t\u1ea1i n\u1ebfu \u0111\u01b0\u1ee3c \u0111\u1eb7t th\u00e0nh&nbsp;<code>present<\/code>ho\u1eb7c kh\u00f4ng t\u1ed3n t\u1ea1i n\u1ebfu \u0111\u01b0\u1ee3c \u0111\u1eb7t th\u00e0nh<code>absent<\/code><\/td>\n<\/tr>\n<tr>\n<td><code>home<\/code><\/td>\n<td>\u0110\u01b0\u1eddng d\u1eabn \u0111\u1ebfn th\u01b0 m\u1ee5c home c\u1ee7a ng\u01b0\u1eddi d\u00f9ng<\/td>\n<\/tr>\n<tr>\n<td><code>managehome<\/code><\/td>\n<td>Ki\u1ec3m so\u00e1t xem c\u00f3 n\u00ean t\u1ea1o th\u01b0 m\u1ee5c g\u1ed1c khi t\u1ea1o ng\u01b0\u1eddi d\u00f9ng hay kh\u00f4ng<\/td>\n<\/tr>\n<tr>\n<td><code>shell<\/code><\/td>\n<td>\u0110\u01b0\u1eddng d\u1eabn \u0111\u1ebfn shell cho ng\u01b0\u1eddi d\u00f9ng<\/td>\n<\/tr>\n<tr>\n<td><code>gid<\/code><\/td>\n<td>Nh\u00f3m ch\u00ednh c\u1ee7a ng\u01b0\u1eddi d\u00f9ng<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n<p>6.M\u1eb7c d\u00f9 l\u1edbp khai b\u00e1o nh\u00f3m ch\u00ednh c\u1ee7a ng\u01b0\u1eddi d\u00f9ng l\u00e0 g\u00ec, nh\u01b0ng n\u00f3 s\u1ebd kh\u00f4ng t\u1ef1 t\u1ea1o nh\u00f3m. T\u1ea1o m\u1ed9t t\u1ec7p m\u1edbi c\u00f3 t\u00ean&nbsp;<code>groups.pp<\/code>b\u00ean trong&nbsp;<code>manifests<\/code>th\u01b0 m\u1ee5c v\u1edbi n\u1ed9i dung sau. Thay th\u1ebf&nbsp;<code>username<\/code>b\u1eb1ng t\u00ean ng\u01b0\u1eddi d\u00f9ng b\u1ea1n \u0111\u00e3 ch\u1ecdn:<\/p>\n<pre class=\"wp-block-code\"><code>class accounts::groups {\n\n  group { 'username':\n    ensure  =&gt; present,\n  }\n\n}<\/code><\/pre>\n<p><code>7.accounts<\/code>L\u1edbp&nbsp;c\u1ee7a b\u1ea1n c\u00f3 th\u1ec3&nbsp;<a href=\"https:\/\/puppet.com\/docs\/puppet\/6.1\/lang_classes.html#declaring-classes\" target=\"_blank\" rel=\"noreferrer noopener\">khai b\u00e1o<\/a>&nbsp;l\u1edbp m\u1edbi c\u1ee7a b\u1ea1n&nbsp;<code>accounts::groups<\/code>\u0111\u1ec3 s\u1eed d\u1ee5ng trong&nbsp;<code>accounts<\/code>ph\u1ea1m vi l\u1edbp. M\u1edf&nbsp;<code>init.pp<\/code>trong tr\u00ecnh so\u1ea1n th\u1ea3o c\u1ee7a b\u1ea1n v\u00e0 nh\u1eadp m\u1ed9t&nbsp;<code>include<\/code>khai b\u00e1o m\u1edbi v\u00e0o \u0111\u1ea7u l\u1edbp:<\/p>\n<pre class=\"wp-block-code\"><code>class accounts {\n\n  include accounts::groups\n\n  # ...\n\n}<\/code><\/pre>\n<p>8.Ng\u01b0\u1eddi d\u00f9ng m\u1edbi ph\u1ea3i c\u00f3 quy\u1ec1n qu\u1ea3n tr\u1ecb. V\u00ec ch\u00fang t\u00f4i c\u00f3 c\u00e1c n\u00fat t\u00e1c nh\u00e2n tr\u00ean c\u1ea3 h\u1ec7 th\u1ed1ng d\u1ef1a tr\u00ean Debian v\u00e0 Red Hat, n\u00ean ng\u01b0\u1eddi d\u00f9ng m\u1edbi c\u1ea7n ph\u1ea3i n\u1eb1m trong nh\u00f3m&nbsp;<code>sudo<\/code>tr\u00ean h\u1ec7 th\u1ed1ng Debian v\u00e0&nbsp;<code>wheel<\/code>nh\u00f3m tr\u00ean h\u1ec7 th\u1ed1ng Red Hat.<\/p>\n<p>Gi\u00e1 tr\u1ecb n\u00e0y c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c thi\u1ebft l\u1eadp \u0111\u1ed9ng th\u00f4ng qua vi\u1ec7c s\u1eed d\u1ee5ng&nbsp;<a href=\"https:\/\/puppet.com\/docs\/puppet\/6.1\/lang_facts_and_builtin_vars.html\" target=\"_blank\" rel=\"noreferrer noopener\">Puppet&nbsp;<em>facts<\/em><\/a>&nbsp;. H\u1ec7 th\u1ed1ng facts thu th\u1eadp th\u00f4ng tin h\u1ec7 th\u1ed1ng v\u1ec1 c\u00e1c n\u00fat c\u1ee7a b\u1ea1n v\u00e0 cung c\u1ea5p th\u00f4ng tin \u0111\u00f3 trong manifest c\u1ee7a b\u1ea1n.<\/p>\n<p>Th\u00eam c\u00e2u l\u1ec7nh ch\u1ecdn v\u00e0o \u0111\u1ea7u&nbsp;<code>accounts<\/code>l\u1edbp c\u1ee7a b\u1ea1n:<\/p>\n<pre class=\"wp-block-code\"><code>class accounts {\n\n  $rootgroup = $osfamily ? {\n    'Debian'  =&gt; 'sudo',\n    'RedHat'  =&gt; 'wheel',\n    default   =&gt; warning('This distribution is not supported by the Accounts module'),\n  }\n\n  include accounts::groups\n\n  # ...\n\n}<\/code><\/pre>\n<p>M\u00e3 n\u00e0y \u0111\u1ecbnh ngh\u0129a gi\u00e1 tr\u1ecb cho&nbsp;<code>$rootgroup<\/code>bi\u1ebfn b\u1eb1ng c\u00e1ch ki\u1ec3m tra gi\u00e1 tr\u1ecb c\u1ee7a , \u0111\u00e2y l\u00e0 m\u1ed9t trong&nbsp;<a href=\"https:\/\/puppet.com\/docs\/facter\/6.1\/core_facts.html\" target=\"_blank\" rel=\"noreferrer noopener\">nh\u1eefng s\u1ef1 ki\u1ec7n c\u1ed1t l\u00f5i<\/a><code>$osfamily<\/code>&nbsp;c\u1ee7a Puppet&nbsp;. N\u1ebfu gi\u00e1 tr\u1ecb c\u1ee7a&nbsp;kh\u00f4ng kh\u1edbp v\u1edbi Debian ho\u1eb7c Red Hat, gi\u00e1&nbsp;tr\u1ecb s\u1ebd \u0111\u01b0a ra c\u1ea3nh b\u00e1o r\u1eb1ng b\u1ea3n ph\u00e2n ph\u1ed1i \u0111\u00e3 ch\u1ecdn kh\u00f4ng \u0111\u01b0\u1ee3c m\u00f4-\u0111un n\u00e0y h\u1ed7 tr\u1ee3.<a href=\"https:\/\/puppet.com\/docs\/facter\/6.1\/core_facts.html\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><code>$osfamilydefault<\/code><\/p>\n<p class=\"has-background\" style=\"background-color:#74f78c33\">Ghi ch\u00fa: Ng\u00f4n ng\u1eef c\u1ea5u h\u00ecnh Puppet th\u1ef1c thi m\u00e3 t\u1eeb tr\u00ean xu\u1ed1ng d\u01b0\u1edbi. V\u00ec&nbsp;<code>user<\/code>khai b\u00e1o t\u00e0i nguy\u00ean s\u1ebd tham chi\u1ebfu \u0111\u1ebfn&nbsp;<code>$rootgroup<\/code>bi\u1ebfn, b\u1ea1n ph\u1ea3i \u0111\u1ecbnh ngh\u0129a&nbsp;<code>$rootgroup<\/code>&nbsp;<em>tr\u01b0\u1edbc khi<\/em>&nbsp;khai&nbsp;<code>user<\/code>b\u00e1o.<\/p>\n<p>9.C\u1eadp nh\u1eadt t\u00e0i nguy\u00ean ng\u01b0\u1eddi d\u00f9ng \u0111\u1ec3 bao g\u1ed3m&nbsp;<code>groups<\/code>t\u00f9y ch\u1ecdn nh\u01b0 sau:<\/p>\n<pre class=\"wp-block-code\"><code># ...\n\nuser { 'username':\n  ensure      =&gt; present,\n  home        =&gt; '\/home\/username',\n  shell       =&gt; '\/bin\/bash',\n  managehome  =&gt; true,\n  gid         =&gt; 'username',\n  groups      =&gt; \"$rootgroup\",\n}\n\n# ...<\/code><\/pre>\n<p>Gi\u00e1 tr\u1ecb&nbsp;<code>\"$rootgroup\"<\/code>\u0111\u01b0\u1ee3c \u0111\u1eb7t trong d\u1ea5u ngo\u1eb7c k\u00e9p&nbsp;<code>\" \"<\/code>thay v\u00ec d\u1ea5u ngo\u1eb7c \u0111\u01a1n&nbsp;<code>' '<\/code>v\u00ec \u0111\u00e2y l\u00e0 bi\u1ebfn c\u1ea7n \u0111\u01b0\u1ee3c n\u1ed9i suy trong m\u00e3 c\u1ee7a b\u1ea1n.<\/p>\n<p>10.Gi\u00e1 tr\u1ecb cu\u1ed1i c\u00f9ng c\u1ea7n th\u00eam v\u00e0o l\u00e0 m\u1eadt kh\u1ea9u c\u1ee7a ng\u01b0\u1eddi d\u00f9ng. V\u00ec ch\u00fang ta kh\u00f4ng mu\u1ed1n s\u1eed d\u1ee5ng v\u0103n b\u1ea3n thu\u1ea7n t\u00fay, n\u00ean m\u1eadt kh\u1ea9u ph\u1ea3i \u0111\u01b0\u1ee3c cung c\u1ea5p cho Puppet d\u01b0\u1edbi d\u1ea1ng t\u00f3m t\u1eaft SHA1, \u0111\u01b0\u1ee3c h\u1ed7 tr\u1ee3 theo m\u1eb7c \u0111\u1ecbnh. T\u1ea1o t\u00f3m t\u1eaft b\u1eb1ng l\u1ec7nh&nbsp;<code>openssl<\/code>:<\/p>\n<pre class=\"wp-block-code\"><code>openssl passwd -1<\/code><\/pre>\n<p>B\u1ea1n s\u1ebd \u0111\u01b0\u1ee3c nh\u1eafc nh\u1eadp m\u1eadt kh\u1ea9u. M\u1eadt kh\u1ea9u b\u0103m s\u1ebd \u0111\u01b0\u1ee3c xu\u1ea5t ra. Sao ch\u00e9p gi\u00e1 tr\u1ecb n\u00e0y v\u00e0o b\u1ea3ng t\u1ea1m c\u1ee7a b\u1ea1n.<\/p>\n<p>11.C\u1eadp nh\u1eadt t\u00e0i nguy\u00ean ng\u01b0\u1eddi d\u00f9ng \u0111\u1ec3 bao g\u1ed3m t\u00f9y&nbsp;<code>password<\/code>ch\u1ecdn nh\u01b0 sau; ch\u00e8n h\u00e0m b\u0103m m\u1eadt kh\u1ea9u \u0111\u00e3 sao ch\u00e9p c\u1ee7a b\u1ea1n l\u00e0m gi\u00e1 tr\u1ecb cho t\u00f9y ch\u1ecdn:<\/p>\n<pre class=\"wp-block-code\"><code># ...\n\nuser { 'username':\n  ensure      =&gt; present,\n  home        =&gt; '\/home\/username',\n  shell       =&gt; '\/bin\/bash',\n  managehome  =&gt; true,\n  gid         =&gt; 'username',\n  groups      =&gt; \"$rootgroup\",\n  password    =&gt; 'your_password_hash',\n}\n\n# ...<\/code><\/pre>\n<p class=\"has-background\" style=\"background-color:#f32a2a33\">Quan tr\u1ecdng: M\u1eadt kh\u1ea9u b\u0103m&nbsp;<strong>ph\u1ea3i<\/strong>&nbsp;\u0111\u01b0\u1ee3c \u0111\u1eb7t trong d\u1ea5u ngo\u1eb7c \u0111\u01a1n&nbsp;<code>' '<\/code>.<\/p>\n<p>12.Sau khi l\u01b0u c\u00e1c thay \u0111\u1ed5i, h\u00e3y s\u1eed d\u1ee5ng tr\u00ecnh ph\u00e2n t\u00edch c\u00fa ph\u00e1p Puppet \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o m\u00e3 l\u00e0 ch\u00ednh x\u00e1c:<\/p>\n<pre class=\"wp-block-code\"><code>\/opt\/puppetlabs\/bin\/puppet parser validate init.pp<\/code><\/pre>\n<p>B\u1ea5t k\u1ef3 l\u1ed7i n\u00e0o c\u1ea7n \u0111\u01b0\u1ee3c x\u1eed l\u00fd s\u1ebd \u0111\u01b0\u1ee3c ghi v\u00e0o \u0111\u1ea7u ra chu\u1ea9n. N\u1ebfu kh\u00f4ng c\u00f3 g\u00ec \u0111\u01b0\u1ee3c tr\u1ea3 v\u1ec1, m\u00e3 c\u1ee7a b\u1ea1n l\u00e0 h\u1ee3p l\u1ec7.<\/p>\n<p>13.\u0110i\u1ec1u h\u01b0\u1edbng \u0111\u1ebfn th\u01b0&nbsp;<code>examples<\/code>m\u1ee5c v\u00e0 t\u1ea1o m\u1ed9t&nbsp;<code>init.pp<\/code>t\u1ec7p kh\u00e1c:<\/p>\n<pre class=\"wp-block-code\"><code>cd ..\/examples\n<\/code><\/pre>\n<pre class=\"wp-block-code\"><code>include accounts<\/code><\/pre>\n<p>14.Khi v\u1eabn c\u00f2n trong&nbsp;<code>examples<\/code>th\u01b0 m\u1ee5c, h\u00e3y ki\u1ec3m tra m\u00f4-\u0111un:<\/p>\n<pre class=\"wp-block-code\"><code>\/opt\/puppetlabs\/bin\/puppet apply --noop init.pp\n<\/code><\/pre>\n<p class=\"has-background\" style=\"background-color:#74f78c33\">Ghi ch\u00fa: Tham s\u1ed1 n\u00e0y&nbsp;<code>--noop<\/code>ng\u0103n kh\u00f4ng cho Puppet \u00e1p d\u1ee5ng m\u00f4-\u0111un v\u00e0o h\u1ec7 th\u1ed1ng c\u1ee7a b\u1ea1n v\u00e0 th\u1ef1c hi\u1ec7n b\u1ea5t k\u1ef3 thay \u0111\u1ed5i n\u00e0o.<\/p>\n<pre class=\"wp-block-code\"><code>Notice: Compiled catalog for puppet.example.com in environment production in 0.26 seconds\nNotice: \/Stage&#91;main]\/Accounts::Groups\/Group&#91;username]\/ensure: current_value absent, should be present (noop)\nNotice: Class&#91;Accounts::Groups]: Would have triggered 'refresh' from 1 events\nNotice: \/Stage&#91;main]\/Accounts\/User&#91;username]\/ensure: current_value absent, should be present (noop)\nNotice: Class&#91;Accounts]: Would have triggered 'refresh' from 1 events\nNotice: Stage&#91;main]: Would have triggered 'refresh' from 2 events\nNotice: Finished catalog run in 0.02 seconds<\/code><\/pre>\n<p>15.M\u1ed9t l\u1ea7n n\u1eefa t\u1eeb&nbsp;<code>examples<\/code>th\u01b0 m\u1ee5c, ch\u1ea1y&nbsp;<code>puppet apply<\/code>\u0111\u1ec3 th\u1ef1c hi\u1ec7n nh\u1eefng thay \u0111\u1ed5i sau cho m\u00e1y ch\u1ee7 Puppet master:<\/p>\n<pre class=\"wp-block-code\"><code>\/opt\/puppetlabs\/bin\/puppet apply init.pp<\/code><\/pre>\n<p>Puppet s\u1ebd t\u1ea1o ng\u01b0\u1eddi d\u00f9ng Linux gi\u1edbi h\u1ea1n tr\u00ean m\u00e1y ch\u1ee7 c\u1ee7a b\u1ea1n.<\/p>\n<p>16.\u0110\u0103ng xu\u1ea5t&nbsp;<code>root<\/code>v\u00e0 \u0111\u0103ng nh\u1eadp v\u00e0o Puppet master v\u1edbi t\u01b0 c\u00e1ch l\u00e0 ng\u01b0\u1eddi d\u00f9ng m\u1edbi c\u1ee7a b\u1ea1n.<\/p>\n<h3 id=\"edit-ssh-settings\">Ch\u1ec9nh s\u1eeda c\u00e0i \u0111\u1eb7t SSH<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#edit-ssh-settings\"><\/a><\/h3>\n<p>M\u1eb7c d\u00f9 ng\u01b0\u1eddi d\u00f9ng gi\u1edbi h\u1ea1n m\u1edbi \u0111\u00e3 \u0111\u01b0\u1ee3c th\u00eam th\u00e0nh c\u00f4ng v\u00e0o Puppet master, v\u1eabn c\u00f3 th\u1ec3 \u0111\u0103ng nh\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng v\u1edbi t\u01b0 c\u00e1ch l\u00e0 root. \u0110\u1ec3 b\u1ea3o m\u1eadt h\u1ec7 th\u1ed1ng c\u1ee7a b\u1ea1n \u0111\u00fang c\u00e1ch, quy\u1ec1n truy c\u1eadp root ph\u1ea3i b\u1ecb v\u00f4 hi\u1ec7u h\u00f3a.<\/p>\n<p class=\"has-background\" style=\"background-color:#74f78c33\">Ghi ch\u00fa: V\u00ec hi\u1ec7n t\u1ea1i b\u1ea1n \u0111\u00e3 \u0111\u0103ng nh\u1eadp v\u00e0o Puppet master v\u1edbi t\u01b0 c\u00e1ch l\u00e0 ng\u01b0\u1eddi d\u00f9ng b\u1ecb gi\u1edbi h\u1ea1n n\u00ean b\u1ea1n s\u1ebd c\u1ea7n th\u1ef1c thi l\u1ec7nh v\u00e0 ch\u1ec9nh s\u1eeda t\u1ec7p b\u1eb1ng quy\u1ec1n sudo c\u1ee7a ng\u01b0\u1eddi d\u00f9ng.<\/p>\n<p>1.\u0110i\u1ec1u h\u01b0\u1edbng \u0111\u1ebfn&nbsp;<code>files<\/code>th\u01b0 m\u1ee5c trong&nbsp;<code>accounts<\/code>m\u00f4-\u0111un:<\/p>\n<pre class=\"wp-block-code\"><code><code>cd \/etc\/puppetlabs\/code\/\/production\/modules\/accounts\/files<\/code><\/code><\/pre>\n<p>2.Sao ch\u00e9p t\u1eadp tin hi\u1ec7n c\u00f3 c\u1ee7a h\u1ec7 th\u1ed1ng&nbsp;<code>sshd_config<\/code>v\u00e0o th\u01b0 m\u1ee5c n\u00e0y:<\/p>\n<pre class=\"wp-block-code\"><code><code>sudo cp \/etc\/ssh\/sshd_config .<\/code><\/code><\/pre>\n<p>3.M\u1edf t\u1ec7p trong tr\u00ecnh so\u1ea1n th\u1ea3o c\u1ee7a b\u1ea1n (\u0111\u1ea3m b\u1ea3o r\u1eb1ng b\u1ea1n m\u1edf t\u1ec7p b\u1eb1ng&nbsp;<code>sudo<\/code>quy\u1ec1n) v\u00e0 \u0111\u1eb7t&nbsp;<code>PermitRootLogin<\/code>gi\u00e1 tr\u1ecb th\u00e0nh&nbsp;<code>no<\/code>:<\/p>\n<pre class=\"wp-block-code\"><code>PermitRootLogin no<\/code><\/pre>\n<p>4.PermitRootLogin no<\/p>\n<pre class=\"wp-block-code\"><code>cd ..\/manifests\n<\/code><\/pre>\n<p>5.T\u1ea1o m\u1ed9t manifest m\u1edbi c\u00f3 t\u00ean l\u00e0&nbsp;<code>ssh.pp<\/code>. S\u1eed d\u1ee5ng&nbsp;<code>file<\/code>t\u00e0i nguy\u00ean \u0111\u1ec3 thay th\u1ebf t\u1ec7p c\u1ea5u h\u00ecnh SSH m\u1eb7c \u0111\u1ecbnh b\u1eb1ng t\u1ec7p do Puppet qu\u1ea3n l\u00fd:<\/p>\n<pre class=\"wp-block-code\"><code>class accounts::ssh {\n\n  file { '\/etc\/ssh\/sshd_config':\n    ensure  =&gt; present,\n    source  =&gt; 'puppet:\/\/\/modules\/accounts\/sshd_config',\n  }\n\n}<\/code><\/pre>\n<p class=\"has-background\" style=\"background-color:#74f78c33\">Ghi ch\u00fa: Th\u01b0&nbsp;<code>files<\/code>m\u1ee5c b\u1ecb b\u1ecf qua kh\u1ecfi&nbsp;<code>source<\/code>d\u00f2ng v\u00ec&nbsp;<code>files<\/code>th\u01b0 m\u1ee5c l\u00e0 v\u1ecb tr\u00ed m\u1eb7c \u0111\u1ecbnh c\u1ee7a c\u00e1c t\u1ec7p trong m\u1ed9t m\u00f4-\u0111un. \u0110\u1ec3 bi\u1ebft th\u00eam th\u00f4ng tin v\u1ec1 \u0111\u1ecbnh d\u1ea1ng \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 truy c\u1eadp t\u00e0i nguy\u00ean trong m\u1ed9t m\u00f4-\u0111un, h\u00e3y tham kh\u1ea3o&nbsp;<a href=\"https:\/\/docs.puppet.com\/puppet\/6.1\/modules_fundamentals.html#module-layout\" target=\"_blank\" rel=\"noreferrer noopener\">t\u00e0i li\u1ec7u m\u00f4-\u0111un Puppet ch\u00ednh th\u1ee9c<\/a>&nbsp;.<\/p>\n<p>6.T\u1ea1o m\u1ed9t t\u00e0i nguy\u00ean th\u1ee9 hai \u0111\u1ec3 kh\u1edfi \u0111\u1ed9ng l\u1ea1i d\u1ecbch v\u1ee5 SSH v\u00e0 thi\u1ebft l\u1eadp \u0111\u1ec3 ch\u1ea1y b\u1ea5t c\u1ee9 khi n\u00e0o&nbsp;<code>sshd_config<\/code>c\u00f3 thay \u0111\u1ed5i. \u0110i\u1ec1u n\u00e0y c\u0169ng s\u1ebd y\u00eau c\u1ea7u m\u1ed9t c\u00e2u l\u1ec7nh selector v\u00ec d\u1ecbch v\u1ee5 SSH \u0111\u01b0\u1ee3c \u0111\u1eb7t t\u00ean&nbsp;<code>ssh<\/code>tr\u00ean h\u1ec7 th\u1ed1ng Debian v\u00e0&nbsp;<code>sshd<\/code>tr\u00ean h\u1ec7 th\u1ed1ng Red Hat:<\/p>\n<pre class=\"wp-block-code\"><code>class accounts::ssh {\n\n  $sshname = $osfamily ? {\n    'Debian'  =&gt; 'ssh',\n    'RedHat'  =&gt; 'sshd',\n    default   =&gt; warning('This distribution is not supported by the Accounts module'),\n  }\n\n  file { '\/etc\/ssh\/sshd_config':\n    ensure  =&gt; present,\n    source  =&gt; 'puppet:\/\/\/modules\/accounts\/sshd_config',\n    notify  =&gt; Service&#91;\"$sshname\"],\n  }\n\n  service { \"$sshname\":\n    hasrestart  =&gt; true,\n  }\n\n}<\/code><\/pre>\n<p class=\"has-background\" style=\"background-color:#74f78c33\">Ghi ch\u00fa: <code>notify<\/code> <a href=\"https:\/\/puppet.com\/docs\/puppet\/6.1\/lang_relationships.html\" target=\"_blank\" rel=\"noreferrer noopener\">l\u00e0 m\u1ed9t trong nh\u1eefng si\u00eau tham s\u1ed1 quan h\u1ec7<\/a>&nbsp;c\u1ee7a Puppet&nbsp;.<\/p>\n<p>7.Bao g\u1ed3m&nbsp;<code>accounts::ssh<\/code>l\u1edbp trong&nbsp;<code>accounts<\/code>l\u1edbp trong&nbsp;<code>init.pp<\/code>:<\/p>\n<pre class=\"wp-block-code\"><code>class accounts {\n\n  # ...\n\n  include accounts::groups\n  include accounts::ssh\n\n  # ...\n\n}<\/code><\/pre>\n<p>N\u1ed9i dung c\u1ee7a b\u1ea1n&nbsp;<code>init.pp<\/code>b\u00e2y gi\u1edd s\u1ebd tr\u00f4ng gi\u1ed1ng nh\u01b0 \u0111o\u1ea1n tr\u00edch sau:<\/p>\n<pre class=\"wp-block-code\"><code>class accounts {\n\n    $rootgroup = $osfamily ? {\n        'Debian' =&gt; 'sudo',\n        'RedHat' =&gt; 'wheel',\n        default =&gt; warning('This distro not supported by Accounts module'),\n    }\n\n    include accounts::groups\n    include accounts::ssh\n\n    user { 'example':\n        ensure  =&gt; present,\n        home    =&gt; '\/home\/username',\n        shell   =&gt; '\/bin\/bash',\n        managehome  =&gt; true,\n        gid     =&gt; 'username',\n        groups  =&gt; \"$rootgroup\",\n        password =&gt; 'your_password_hash'\n    }\n\n}<\/code><\/pre>\n<p>8.Ch\u1ea1y tr\u00ecnh ph\u00e2n t\u00edch c\u00fa ph\u00e1p Puppet \u0111\u1ec3 ki\u1ec3m tra c\u00fa ph\u00e1p c\u1ee7a l\u1edbp m\u1edbi, sau \u0111\u00f3 \u0111i\u1ec1u h\u01b0\u1edbng \u0111\u1ebfn th\u01b0&nbsp;<code>examples<\/code>m\u1ee5c \u0111\u1ec3 ki\u1ec3m tra v\u00e0 ch\u1ea1y b\u1ea3n c\u1eadp nh\u1eadt cho&nbsp;<code>accounts<\/code>l\u1edbp c\u1ee7a b\u1ea1n:<\/p>\n<pre class=\"wp-block-code\"><code>sudo \/opt\/puppetlabs\/bin\/puppet parser validate ssh.pp\ncd ..\/examples\nsudo \/opt\/puppetlabs\/bin\/puppet apply --noop init.pp\nsudo \/opt\/puppetlabs\/bin\/puppet apply init.pp<\/code><\/pre>\n<p>Ghi ch\u00fa: B\u1ea1n c\u00f3 th\u1ec3 th\u1ea5y d\u00f2ng sau trong \u0111\u1ea7u ra khi x\u00e1c th\u1ef1c:<\/p>\n<pre class=\"wp-block-code\"><code>Error: Removing mount \"files\": \/etc\/puppet\/files does not exist or is not a directory<\/code><\/pre>\n<p>\u0110i\u1ec1u n\u00e0y \u0111\u1ec1 c\u1eadp \u0111\u1ebfn t\u1ec7p c\u1ea5u h\u00ecnh Puppet, kh\u00f4ng ph\u1ea3i t\u00e0i nguy\u00ean m\u00f4-\u0111un m\u00e0 b\u1ea1n \u0111ang c\u1ed1 g\u1eafng sao ch\u00e9p. N\u1ebfu \u0111\u00e2y l\u00e0 l\u1ed7i duy nh\u1ea5t trong \u0111\u1ea7u ra c\u1ee7a b\u1ea1n, thao t\u00e1c v\u1eabn c\u00f3 th\u1ec3 th\u00e0nh c\u00f4ng.<\/p>\n<p>9.\u0110\u1ec3 \u0111\u1ea3m b\u1ea3o&nbsp;<code>ssh<\/code>l\u1edbp h\u1ecdc ho\u1ea1t \u0111\u1ed9ng b\u00ecnh th\u01b0\u1eddng, h\u00e3y \u0111\u0103ng xu\u1ea5t kh\u1ecfi Puppet master r\u1ed3i th\u1eed \u0111\u0103ng nh\u1eadp b\u1eb1ng&nbsp;<code>root<\/code>. B\u1ea1n s\u1ebd kh\u00f4ng th\u1ec3 l\u00e0m nh\u01b0 v\u1eady.<\/p>\n<h3 id=\"add-and-configure-iptables\">h\u00eam v\u00e0 c\u1ea5u h\u00ecnh IPtables<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#add-and-configure-iptables\"><\/a><\/h3>\n<p>\u0110\u1ec3 ho\u00e0n t\u1ea5t c\u00e0i \u0111\u1eb7t b\u1ea3o m\u1eadt c\u1ee7a h\u01b0\u1edbng d\u1eabn n\u00e0y, t\u01b0\u1eddng l\u1eeda c\u1ea7n \u0111\u01b0\u1ee3c c\u1ea5u h\u00ecnh tr\u00ean Puppet master v\u00e0 c\u00e1c n\u00fat c\u1ee7a b\u1ea1n. Ph\u1ea7n&nbsp;<code>iptables<\/code>m\u1ec1m t\u01b0\u1eddng l\u1eeda s\u1ebd \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng.<\/p>\n<p>1.Theo m\u1eb7c \u0111\u1ecbnh, c\u00e1c thay \u0111\u1ed5i \u0111\u1ed1i v\u1edbi&nbsp;<code>iptables<\/code>quy t\u1eafc c\u1ee7a b\u1ea1n s\u1ebd kh\u00f4ng t\u1ed3n t\u1ea1i qua c\u00e1c l\u1ea7n kh\u1edfi \u0111\u1ed9ng l\u1ea1i. \u0110\u1ec3 tr\u00e1nh \u0111i\u1ec1u n\u00e0y, h\u00e3y c\u00e0i \u0111\u1eb7t g\u00f3i ph\u00f9 h\u1ee3p tr\u00ean Puppet master v\u00e0 c\u00e1c n\u00fat c\u1ee7a b\u1ea1n:<\/p>\n<p><strong>Ubuntu\/Debian<\/strong>&nbsp;:<\/p>\n<pre class=\"wp-block-code\"><code>sudo apt install iptables-persistent\n<\/code><\/pre>\n<p><strong>CentOS 7<\/strong>&nbsp;:<\/p>\n<p>CentOS 7 s\u1eed d\u1ee5ng firewalld theo m\u1eb7c \u0111\u1ecbnh l\u00e0m b\u1ed9 \u0111i\u1ec1u khi\u1ec3n cho iptables. H\u00e3y \u0111\u1ea3m b\u1ea3o firewalld \u0111\u00e3 d\u1eebng v\u00e0 v\u00f4 hi\u1ec7u h\u00f3a tr\u01b0\u1edbc khi b\u1eaft \u0111\u1ea7u l\u00e0m vi\u1ec7c tr\u1ef1c ti\u1ebfp v\u1edbi iptables:<\/p>\n<pre class=\"wp-block-code\"><code>sudo systemctl stop firewalld &amp;&amp; sudo systemctl disable firewalld\nsudo yum install iptables-services\n<\/code><\/pre>\n<p>2.Tr\u00ean m\u00e1y ch\u1ee7 Puppet c\u1ee7a b\u1ea1n, h\u00e3y c\u00e0i \u0111\u1eb7t&nbsp;<a href=\"https:\/\/forge.puppet.com\/puppetlabs\/firewall\" target=\"_blank\" rel=\"noreferrer noopener\">m\u00f4-\u0111un t\u01b0\u1eddng l\u1eeda c\u1ee7a Puppet Lab<\/a>&nbsp;t\u1eeb Puppet Forge:<\/p>\n<pre class=\"wp-block-code\"><code>sudo \/opt\/puppetlabs\/bin\/puppet module install puppetlabs-firewall\n<\/code><\/pre>\n<p>M\u00f4-\u0111un s\u1ebd \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t trong&nbsp;<code>\/etc\/puppetlabs\/code\/environments\/production\/modules<\/code>th\u01b0 m\u1ee5c c\u1ee7a b\u1ea1n.<\/p>\n<p>3.\u0110i\u1ec1u h\u01b0\u1edbng \u0111\u1ebfn&nbsp;<code>manifests<\/code>th\u01b0 m\u1ee5c b\u00ean trong m\u00f4-\u0111un m\u1edbi&nbsp;<code>firewall<\/code>:<\/p>\n<pre class=\"wp-block-code\"><code>cd \/etc\/puppetlabs\/code\/environments\/production\/modules\/firewall\/manifests\/\n<\/code><\/pre>\n<p>4.T\u1ea1o m\u1ed9t t\u1ec7p c\u00f3 ti\u00eau \u0111\u1ec1&nbsp;<code>pre.pp<\/code>, trong \u0111\u00f3 s\u1ebd ch\u1ee9a t\u1ea5t c\u1ea3 c\u00e1c quy t\u1eafc m\u1ea1ng c\u01a1 b\u1ea3n c\u1ea7n ch\u1ea1y tr\u01b0\u1edbc ti\u00ean:<\/p>\n<pre class=\"wp-block-code\"><code>class firewall::pre {\n\n  Firewall {\n    require =&gt; undef,\n  }\n\n   # Accept all loopback traffic\n  firewall { '000 lo traffic':\n    proto       =&gt; 'all',\n    iniface     =&gt; 'lo',\n    action      =&gt; 'accept',\n  }-&gt;\n\n   #Drop non-loopback traffic\n  firewall { '001 reject non-lo':\n    proto       =&gt; 'all',\n    iniface     =&gt; '! lo',\n    destination =&gt; '127.0.0.0\/8',\n    action      =&gt; 'reject',\n  }-&gt;\n\n   #Accept established inbound connections\n  firewall { '002 accept established':\n    proto       =&gt; 'all',\n    state       =&gt; &#91;'RELATED', 'ESTABLISHED'],\n    action      =&gt; 'accept',\n  }-&gt;\n\n   #Allow all outbound traffic\n  firewall { '003 allow outbound':\n    chain       =&gt; 'OUTPUT',\n    action      =&gt; 'accept',\n  }-&gt;\n\n   #Allow ICMP\/ping\n  firewall { '004 allow icmp':\n    proto       =&gt; 'icmp',\n    action      =&gt; 'accept',\n  }\n\n   #Allow SSH connections\n  firewall { '005 Allow SSH':\n    dport    =&gt; '22',\n    proto   =&gt; 'tcp',\n    action  =&gt; 'accept',\n  }-&gt;\n\n   #Allow HTTP\/HTTPS connections\n  firewall { '006 HTTP\/HTTPS connections':\n    dport    =&gt; &#91;'80', '443'],\n    proto   =&gt; 'tcp',\n    action  =&gt; 'accept',\n  }\n\n}<\/code><\/pre>\n<p>5.Trong c\u00f9ng th\u01b0 m\u1ee5c, t\u1ea1o&nbsp;<code>post.pp<\/code>, l\u1ec7nh n\u00e0y s\u1ebd ch\u1ea1y b\u1ea5t k\u1ef3 quy t\u1eafc t\u01b0\u1eddng l\u1eeda n\u00e0o c\u1ea7n \u0111\u01b0\u1ee3c nh\u1eadp cu\u1ed1i c\u00f9ng:<\/p>\n<pre class=\"wp-block-code\"><code>class firewall::post {\n\n  firewall { '999 drop all':\n    proto  =&gt; 'all',\n    action =&gt; 'drop',\n    before =&gt; undef,\n  }\n\n}<\/code><\/pre>\n<p>C\u00e1c quy t\u1eafc n\u00e0y s\u1ebd ch\u1ec9 \u0111\u1ea1o h\u1ec7 th\u1ed1ng lo\u1ea1i b\u1ecf m\u1ecdi l\u01b0u l\u01b0\u1ee3ng truy c\u1eadp \u0111\u1ebfn ch\u01b0a \u0111\u01b0\u1ee3c ph\u00e9p qua t\u01b0\u1eddng l\u1eeda.<\/p>\n<p>6.Ch\u1ea1y tr\u00ecnh ph\u00e2n t\u00edch c\u00fa ph\u00e1p Puppet tr\u00ean c\u1ea3 hai t\u1ec7p \u0111\u1ec3 ki\u1ec3m tra l\u1ed7i c\u00fa ph\u00e1p:<\/p>\n<pre class=\"wp-block-code\"><code>sudo \/opt\/puppetlabs\/bin\/puppet parser validate pre.pp\nsudo \/opt\/puppetlabs\/bin\/puppet parser validate post.pp<\/code><\/pre>\n<p>7.\u0110i\u1ec1u h\u01b0\u1edbng \u0111\u1ebfn th\u01b0 m\u1ee5c ch\u00ednh&nbsp;<code>manifests<\/code>:<\/p>\n<pre class=\"wp-block-code\"><code>cd \/etc\/puppetlabs\/code\/environments\/production\/manifests\n<\/code><\/pre>\n<p>8.T\u1ea1o m\u1ed9t t\u1ec7p c\u00f3 t\u00ean&nbsp;<code>site.pp<\/code>b\u00ean trong&nbsp;<code>\/etc\/puppetlabs\/code\/environments\/production\/manifests<\/code>. T\u1ec7p n\u00e0y l\u00e0&nbsp;<a href=\"https:\/\/puppet.com\/docs\/puppet\/6.1\/dirs_manifest.html\" target=\"_blank\" rel=\"noreferrer noopener\">manifest ch\u00ednh<\/a>&nbsp;cho d\u1ecbch v\u1ee5 m\u00e1y ch\u1ee7 Puppet. T\u1ec7p n\u00e0y \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 \u00e1nh x\u1ea1 c\u00e1c m\u00f4-\u0111un, l\u1edbp v\u00e0 t\u00e0i nguy\u00ean v\u00e0o c\u00e1c n\u00fat m\u00e0 ch\u00fang c\u1ea7n \u0111\u01b0\u1ee3c \u00e1p d\u1ee5ng.<\/p>\n<pre class=\"wp-block-code\"><code>node default {\n\n}\n\nnode 'puppet.example.com' {\n\n  include accounts\n\n  resources { 'firewall':\n    purge =&gt; true,\n  }\n\n  Firewall {\n    before        =&gt; Class&#91;'firewall::post'],\n    require       =&gt; Class&#91;'firewall::pre'],\n  }\n\n  class { &#91;'firewall::pre', 'firewall::post']: }\n\n  firewall { '200 Allow Puppet Master':\n    dport         =&gt; '8140',\n    proto         =&gt; 'tcp',\n    action        =&gt; 'accept',\n  }\n\n}<\/code><\/pre>\n<p>9.Ch\u1ea1y&nbsp;<code>site.pp<\/code>t\u1ec7p qua tr\u00ecnh ph\u00e2n t\u00edch c\u00fa ph\u00e1p Puppet \u0111\u1ec3 ki\u1ec3m tra l\u1ed7i c\u00fa ph\u00e1p. Sau \u0111\u00f3, ki\u1ec3m tra t\u1ec7p b\u1eb1ng t\u00f9y&nbsp;<code>--noop<\/code>ch\u1ecdn \u0111\u1ec3 xem t\u1ec7p c\u00f3 ch\u1ea1y \u0111\u01b0\u1ee3c kh\u00f4ng:<\/p>\n<pre class=\"wp-block-code\"><code>sudo \/opt\/puppetlabs\/bin\/puppet parser validate site.pp\nsudo \/opt\/puppetlabs\/bin\/puppet apply --noop site.pp<\/code><\/pre>\n<p>N\u1ebfu th\u00e0nh c\u00f4ng, h\u00e3y ch\u1ea1y&nbsp;<code>puppet apply<\/code>m\u00e0 kh\u00f4ng c\u00f3&nbsp;<code>--noop<\/code>t\u00f9y ch\u1ecdn:<\/p>\n<pre class=\"wp-block-code\"><code>sudo \/opt\/puppetlabs\/bin\/puppet apply site.pp\n<\/code><\/pre>\n<p>10.Sau khi Puppet ho\u00e0n t\u1ea5t vi\u1ec7c \u00e1p d\u1ee5ng c\u00e1c thay \u0111\u1ed5i, h\u00e3y ki\u1ec3m tra c\u00e1c quy t\u1eafc iptables c\u1ee7a Puppet master:<\/p>\n<pre class=\"wp-block-code\"><code>sudo iptables -L\n<\/code><\/pre>\n<p>N\u00f3 s\u1ebd tr\u1ea3 v\u1ec1:<\/p>\n<pre class=\"wp-block-code\"><code>Chain INPUT (policy ACCEPT)\ntarget     prot opt source               destination\nACCEPT     all  --  anywhere             anywhere             \/* 000 lo traffic *\/\nREJECT     all  --  anywhere             127.0.0.0\/8          \/* 001 reject non-lo *\/ reject-with icmp-port-unreachable\nACCEPT     all  --  anywhere             anywhere             \/* 002 accept established *\/ state RELATED,ESTABLISHED\nACCEPT     icmp --  anywhere             anywhere             \/* 004 allow icmp *\/\nACCEPT     tcp  --  anywhere             anywhere             multiport ports ssh \/* 005 Allow SSH *\/\nACCEPT     tcp  --  anywhere             anywhere             multiport ports http,https \/* 006 HTTP\/HTTPS connections *\/\nACCEPT     tcp  --  anywhere             anywhere             multiport ports 8140 \/* 200 Allow Puppet Master *\/\nDROP       all  --  anywhere             anywhere             \/* 999 drop all *\/\n\nChain FORWARD (policy ACCEPT)\ntarget     prot opt source               destination\n\nChain OUTPUT (policy ACCEPT)\ntarget     prot opt source               destination\nACCEPT     tcp  --  anywhere             anywhere             \/* 003 allow outbound *\/<\/code><\/pre>\n<h3 id=\"apply-modules-to-the-agent-nodes\">\u00c1p d\u1ee5ng c\u00e1c m\u00f4-\u0111un cho c\u00e1c n\u00fat t\u00e1c nh\u00e2n<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/#apply-modules-to-the-agent-nodes\"><\/a><\/h3>\n<p>B\u00e2y gi\u1edd c\u00e1c m\u00f4-\u0111un&nbsp;<code>accounts<\/code>v\u00e0&nbsp;<code>firewall<\/code>\u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o, th\u1eed nghi\u1ec7m v\u00e0 ch\u1ea1y tr\u00ean Puppet master, \u0111\u00e3 \u0111\u1ebfn l\u00fac \u00e1p d\u1ee5ng ch\u00fang v\u00e0o c\u00e1c n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd c\u1ee7a b\u1ea1n.<\/p>\n<p>1.Tr\u00ean&nbsp;<strong>Puppet master<\/strong>&nbsp;, \u0111i\u1ec1u h\u01b0\u1edbng \u0111\u1ebfn&nbsp;<code>\/etc\/puppetlabs\/code\/environments\/production\/manifests<\/code>:<\/p>\n<pre class=\"wp-block-code\"><code>cd \/etc\/puppetlabs\/code\/environments\/production\/manifest<\/code><\/pre>\n<p>2.C\u1eadp nh\u1eadt&nbsp;<code>site.pp<\/code>\u0111\u1ec3 khai b\u00e1o c\u00e1c m\u00f4-\u0111un, l\u1edbp v\u00e0 t\u00e0i nguy\u00ean c\u1ea7n \u00e1p d\u1ee5ng cho m\u1ed7i n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd:<\/p>\n<pre class=\"wp-block-code\"><code>node default {\n\n}\n\nnode 'puppet.example.com' {\n  # ...\n}\n\nnode 'puppet-agent-ubuntu.example.com' {\n\n  include accounts\n\n  resources { 'firewall':\n    purge =&gt; true,\n  }\n\n  Firewall {\n    before        =&gt; Class&#91;'firewall::post'],\n    require       =&gt; Class&#91;'firewall::pre'],\n  }\n\n  class { &#91;'firewall::pre', 'firewall::post']: }\n\n}\n\nnode 'puppet-agent-centos.example.com' {\n\n  include accounts\n\n  resources { 'firewall':\n    purge =&gt; true,\n  }\n\n  Firewall {\n    before        =&gt; Class&#91;'firewall::post'],\n    require       =&gt; Class&#91;'firewall::pre'],\n  }\n\n  class { &#91;'firewall::pre', 'firewall::post']: }\n\n}<\/code><\/pre>\n<p>3.Theo m\u1eb7c \u0111\u1ecbnh, d\u1ecbch v\u1ee5 t\u00e1c nh\u00e2n Puppet tr\u00ean c\u00e1c n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd c\u1ee7a b\u1ea1n s\u1ebd t\u1ef1 \u0111\u1ed9ng ki\u1ec3m tra v\u1edbi m\u00e1y ch\u1ee7 ch\u00ednh sau m\u1ed7i 30 ph\u00fat v\u00e0 \u00e1p d\u1ee5ng b\u1ea5t k\u1ef3 c\u1ea5u h\u00ecnh m\u1edbi n\u00e0o t\u1eeb m\u00e1y ch\u1ee7 ch\u00ednh. B\u1ea1n c\u0169ng c\u00f3 th\u1ec3 g\u1ecdi th\u1ee7 c\u00f4ng quy tr\u00ecnh t\u00e1c nh\u00e2n Puppet gi\u1eefa c\u00e1c l\u1ea7n ch\u1ea1y t\u00e1c nh\u00e2n t\u1ef1 \u0111\u1ed9ng.<\/p>\n<p>\u0110\u0103ng nh\u1eadp v\u00e0o t\u1eebng n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd (v\u1edbi t\u01b0 c\u00e1ch l\u00e0 root) v\u00e0 ch\u1ea1y t\u00e1c nh\u00e2n Puppet:<\/p>\n<pre class=\"wp-block-code\"><code>\/opt\/puppetlabs\/bin\/puppet agent -t<\/code><\/pre>\n<p>4.\u0110\u1ec3 \u0111\u1ea3m b\u1ea3o t\u00e1c nh\u00e2n Puppet ho\u1ea1t \u0111\u1ed9ng:<\/p>\n<ul>\n<li>\u0110\u0103ng xu\u1ea5t kh\u1ecfi phi\u00ean SSH g\u1ed1c c\u1ee7a b\u1ea1n v\u00e0 \u0111\u0103ng nh\u1eadp l\u1ea1i v\u1edbi t\u01b0 c\u00e1ch l\u00e0 ng\u01b0\u1eddi d\u00f9ng gi\u1edbi h\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o.<\/li>\n<li>Ki\u1ec3m tra c\u00e1c quy t\u1eafc t\u01b0\u1eddng l\u1eeda c\u1ee7a n\u00fat:<\/li>\n<\/ul>\n<pre class=\"wp-block-code\"><code>sudo iptables -L\n<\/code><\/pre>\n<p>Xin ch\u00fac m\u1eebng! B\u1ea1n \u0111\u00e3 c\u00e0i \u0111\u1eb7t th\u00e0nh c\u00f4ng Puppet tr\u00ean m\u1ed9t m\u00e1y ch\u1ee7 ch\u00ednh v\u00e0 hai n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd. B\u00e2y gi\u1edd b\u1ea1n \u0111\u00e3 x\u00e1c nh\u1eadn m\u1ecdi th\u1ee9 \u0111ang ho\u1ea1t \u0111\u1ed9ng, b\u1ea1n c\u00f3 th\u1ec3 t\u1ea1o th\u00eam c\u00e1c m\u00f4-\u0111un \u0111\u1ec3 t\u1ef1 \u0111\u1ed9ng h\u00f3a vi\u1ec7c qu\u1ea3n l\u00fd c\u1ea5u h\u00ecnh tr\u00ean c\u00e1c n\u00fat c\u1ee7a m\u00ecnh. \u0110\u1ec3 bi\u1ebft th\u00eam th\u00f4ng tin, h\u00e3y xem&nbsp;<a href=\"https:\/\/docs.puppet.com\/puppet\/latest\/reference\/modules_fundamentals.html\" target=\"_blank\" rel=\"noreferrer noopener\">t\u00e0i li\u1ec7u ngu\u1ed3n m\u1edf<\/a>&nbsp;c\u1ee7a Puppet . B\u1ea1n c\u0169ng c\u00f3 th\u1ec3 c\u00e0i \u0111\u1eb7t v\u00e0 s\u1eed d\u1ee5ng c\u00e1c m\u00f4-\u0111un m\u00e0 ng\u01b0\u1eddi kh\u00e1c \u0111\u00e3 t\u1ea1o tr\u00ean&nbsp;<a href=\"https:\/\/docs.puppet.com\/puppet\/latest\/reference\/modules_installing.html\" target=\"_blank\" rel=\"noreferrer noopener\">Puppet Forge<\/a>&nbsp;.<\/p>\n<h2 id=\"more-information\">Th\u00f4ng tin th\u00eam<\/h2>\n<p>B\u1ea1n c\u00f3 th\u1ec3 mu\u1ed1n tham kh\u1ea3o c\u00e1c ngu\u1ed3n sau \u0111\u1ec3 bi\u1ebft th\u00eam th\u00f4ng tin v\u1ec1 ch\u1ee7 \u0111\u1ec1 n\u00e0y. M\u1eb7c d\u00f9 ch\u00fang t\u00f4i cung c\u1ea5p v\u1edbi hy v\u1ecdng r\u1eb1ng ch\u00fang s\u1ebd h\u1eefu \u00edch, nh\u01b0ng xin l\u01b0u \u00fd r\u1eb1ng ch\u00fang t\u00f4i kh\u00f4ng th\u1ec3 \u0111\u1ea3m b\u1ea3o t\u00ednh ch\u00ednh x\u00e1c ho\u1eb7c t\u00ednh k\u1ecbp th\u1eddi c\u1ee7a c\u00e1c t\u00e0i li\u1ec7u \u0111\u01b0\u1ee3c l\u01b0u tr\u1eef b\u00ean ngo\u00e0i.<\/p>\n<ul>\n<li><a href=\"https:\/\/puppet.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Ph\u00f2ng th\u00ed nghi\u1ec7m r\u1ed1i<\/a><\/li>\n<li><a href=\"https:\/\/docs.puppet.com\/puppet\/\" target=\"_blank\" rel=\"noreferrer noopener\">T\u00e0i li\u1ec7u ngu\u1ed3n m\u1edf Puppet<\/a><\/li>\n<li><a href=\"https:\/\/puppet.com\/docs\/pe\/2019.0\/config_java_args.html\" target=\"_blank\" rel=\"noreferrer noopener\">C\u1ea5u h\u00ecnh \u0111\u1ed1i s\u1ed1 Java<\/a><\/li>\n<\/ul>\n<p>Ngu\u1ed3n: https:\/\/www.linode.com\/docs\/guides\/getting-started-with-puppet-6-1-basic-installation-and-setup\/<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Puppet&nbsp;l\u00e0 m\u1ed9t c\u00f4ng c\u1ee5 qu\u1ea3n l\u00fd c\u1ea5u h\u00ecnh gi\u00fap \u0111\u01a1n gi\u1ea3n h\u00f3a vi\u1ec7c qu\u1ea3n tr\u1ecb h\u1ec7 th\u1ed1ng. Puppet s\u1eed d\u1ee5ng m\u00f4 h\u00ecnh m\u00e1y kh\u00e1ch\/m\u00e1y ch\u1ee7 trong \u0111\u00f3 c\u00e1c n\u00fat \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd c\u1ee7a b\u1ea1n, ch\u1ea1y m\u1ed9t quy tr\u00ecnh g\u1ecdi l\u00e0&nbsp;t\u00e1c nh\u00e2n&nbsp;Puppet , trao \u0111\u1ed5i v\u00e0 k\u00e9o xu\u1ed1ng c\u00e1c c\u1ea5u h\u00ecnh t\u1eeb m\u1ed9t&nbsp;m\u00e1y ch\u1ee7&nbsp;Puppet . Tri\u1ec3n<\/p>\n","protected":false},"author":1,"featured_media":35986,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[123],"tags":[],"class_list":["post-34965","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-puppet"],"_links":{"self":[{"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/posts\/34965","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/comments?post=34965"}],"version-history":[{"count":0,"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/posts\/34965\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/media\/35986"}],"wp:attachment":[{"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/media?parent=34965"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/categories?post=34965"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/tags?post=34965"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}