Thanks much. I have things up and running with a couple mods from below. Once I've got a good, repeatable process down, I'll update the wiki page.
;P mn On 2011 Mar 30, at 7:11 PM, Greg Swift wrote: > > > On Wed, Mar 30, 2011 at 18:42, Norvell, Preston > <[email protected]> wrote: > I've read the func man page and trolled the list as much as I can to find an > answer to this; apologies if I've been blind. > > I'm interested in running Func in conjunction with our pre-existing Puppet > infrastructure. Per the wiki > <https://fedorahosted.org/func/wiki/FuncWithPuppet> the wiki itself is no > longer an appropriate reference for doing the integration work as of 0.27 > (I've got func-0.27 from rpmforge and certmaster-0.27 from another location). > Is there a reference for what the new proper integration is? I am (and my > team is) new to Func so perhaps I'm missing something that would intuitive to > a seasoned user, but I'm down to reading the patch commits and such to try to > figure things out. I would appreciate any pointers, and I'd be happy to > provide an updated wiki page if one is not already elsewhere. > > > I've never set it up, and this might not work (but i hope it can at least get > you going the right direction till someone more in the know answers), however > to the best of my knowledge: > > 1: overlord must be on the same host as puppetmaster > 2: in /etc/func/overlord.conf: > a: you need to set "puppet_minions = True" under the [main] section. > b: set ca_file, cert_file, key_file based on where puppet places its > files > c: If the following is not true for you environment you need to set how > your system is configured in /etc/func/overlord.conf: > puppet_inventory = /var/lib/puppet/ssl/ca/inventory.txt > puppet_signed_certs_dir = /var/lib/puppet/ssl/ca/ca_crl.pem > 3: On minion in /etc/func/minion.conf: > a: set "use_certmaster = False" > b: set ca_file, cert_file, key_file, and crl_location paths based on > where puppet places its files > c: start daemon > 4: Back on overlord try running 'func "*" ping' > > If that doesn't work then 2b might need to be augmented with the previous > "passphrase/key removal" steps from the wiki. > > Cleanup help on the wiki is always appreciated :) > > -greg/xaeth -- Preston M Norvell <[email protected]> Systems/Network Engineer Serials Solutions <http://www.serialssolutions.com> Phone: (866) SERIALS (737-4257) ext 1094 _______________________________________________ Func-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/func-list
