2.5.3 Ubuntu代理端安装

这里就不讲述centos代理端的是怎么安装部署的，方法跟安装管理端的一样，没有很大的区别。使用puppet安装wazuh代理端主要在Ubuntu系统做演示。

第一步，下载puppet软件仓库安装包，并且将其导入进去。

root@wazuh-ubuntu-agent:~# wget https://apt.puppetlabs.com/puppet5-release-xenial.deb
--2021-06-26 08:13:16--  https://apt.puppetlabs.com/puppet5-release-xenial.deb
Resolving apt.puppetlabs.com (apt.puppetlabs.com)... 13.224.163.56, 13.224.163.24, 13.224.163.124, ...
Connecting to apt.puppetlabs.com (apt.puppetlabs.com)|13.224.163.56|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 11840 (12K) [application/x-debian-package]
Saving to: ‘puppet5-release-xenial.deb’
puppet5-release-xenial. 100%[==============================>]  11.56K  --.-KB/s    in 0s      
2021-06-26 08:13:22 (134 MB/s) - ‘puppet5-release-xenial.deb’ saved [11840/11840]

root@wazuh-ubuntu-agent:~# dpkg -i puppet5-release-xenial.deb
Selecting previously unselected package puppet5-release.
(Reading database ... 67500 files and directories currently installed.)
Preparing to unpack puppet5-release-xenial.deb ...
Unpacking puppet5-release (5.0.0-14xenial) ...
Setting up puppet5-release (5.0.0-14xenial) ...

第二步，更新软件仓库。

root@wazuh-ubuntu-agent:~# apt update -y
Hit:1 http://apt.puppetlabs.com xenial InRelease
Hit:2 http://cn.archive.ubuntu.com/ubuntu bionic InRelease                                         
Get:3 http://cn.archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
Get:4 http://cn.archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]
Get:5 http://cn.archive.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Hit:6 https://packages.wazuh.com/4.x/apt stable InRelease
Fetched 252 kB in 4s (61.1 kB/s)
Reading package lists... Done
Building dependency tree       
Reading state information... Done
64 packages can be upgraded. Run 'apt list --upgradable' to see them.

第三步，安装puppet客户端。

root@wazuh-ubuntu-agent:~# apt install -y puppet-agent
Reading package lists... Done
Building dependency tree       
Reading state information... Done
puppet-agent is already the newest version (5.5.22-1xenial).
0 upgraded, 0 newly installed, 0 to remove and 64 not upgraded.

puppet服务端默认安装是没有软连接，所以需要设置一个软链接进行快速操作。

root@wazuh-ubuntu-agent:~# ln -s /opt/puppetlabs/bin/puppet /bin/

与centos系统一样，修改域名指向和在puppet的配置文件上面新增puppet服务器的域名地址。

root@wazuh-ubuntu-agent:~# cat /etc/hosts
192.168.1.110  www.autodeploy.com

root@wazuh-ubuntu-agent:~# cat /etc/puppetlabs/puppet/puppet.conf 
[main]
server = www.autodeploy.com

拖取安装任务，发现没有SSL通信证书。

root@wazuh-ubuntu-agent:~# puppet agent -t
Info: Creating a new SSL key for wazuh-ubuntu-agent
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for wazuh-ubuntu-agent
Info: Certificate Request fingerprint (SHA256): CE:ED:81:34:50:F2:10:09:2B:19:75:7C:2D:F1:CC:B5:3C:5D:4C:5F:FA:55:48:EF:D2:9B:B0:7D:F5:2D:C8:61
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled

来到自动化部署服务器上面，批准Ubuntu这台服务器的通信证书。

[root@autodeploy manifests]# puppet cert list
Warning: `puppet cert` is deprecated and will be removed in a future release.
   (location: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:370:in `run')
  "wazuh-ubuntu-agent" (SHA256) CE:ED:81:34:50:F2:10:09:2B:19:75:7C:2D:F1:CC:B5:3C:5D:4C:5F:FA:55:48:EF:D2:9B:B0:7D:F5:2D:C8:61
  
[root@autodeploy manifests]# puppet cert sign wazuh-ubuntu-agent
Warning: `puppet cert` is deprecated and will be removed in a future release.
   (location: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:370:in `run')
Signing Certificate Request for:
  "wazuh-ubuntu-agent" (SHA256) CE:ED:81:34:50:F2:10:09:2B:19:75:7C:2D:F1:CC:B5:3C:5D:4C:5F:FA:55:48:EF:D2:9B:B0:7D:F5:2D:C8:61
Notice: Signed certificate request for wazuh-ubuntu-agent
Notice: Removing file Puppet::SSL::CertificateRequest wazuh-ubuntu-agent at '/etc/puppetlabs/puppet/ssl/ca/requests/wazuh-ubuntu-agent.pem'

再次使用puppet agent命令拖取剧本安装。

root@wazuh-ubuntu-agent:~# puppet agent -t
Info: Caching certificate for wazuh-ubuntu-agent
Info: Caching certificate_revocation_list for ca
Info: Caching certificate for wazuh-ubuntu-agent
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
........................
Info: Retrieving locales
Notice: /File[/opt/puppetlabs/puppet/cache/locales/ja]/ensure: created
Notice: /File[/opt/puppetlabs/puppet/cache/locales/ja/puppetlabs-apt.po]/ensure: defined content as '{md5}129cd352e440bd317a8c5493d4fbf5f3'
Notice: /File[/opt/puppetlabs/puppet/cache/locales/ja/puppetlabs-concat.po]/ensure: defined content as '{md5}c9dad056a76901974ded7b150267573a'
Notice: /File[/opt/puppetlabs/puppet/cache/locales/ja/puppetlabs-stdlib.po]/ensure: defined content as '{md5}805e5d893d2025ad57da8ec0614a6753'
Info: Loading facts
Info: Caching catalog for wazuh-ubuntu-agent
Info: Applying configuration version '1624695758'
Info: Creating state file /opt/puppetlabs/puppet/cache/state/state.yaml
Notice: Applied catalog in 0.02 seconds