Hi Wagner
  Could you elaborate a bit more please.  The problem for me is that
only secure updates work for the DDNS . I have got it working by doing
an update of the dhclient.conf, dhclient-exit-hooks as well as the
keys as part of the preseed late_command . But it looks more of a hack
to me and I am looking at a easier way to do this.

  Doing from puppet seems a nice thing to do but my puppet clients
cannot be signed since the reverse DNS is not working until the
nsupdate is done . I am using auto sign .

   would love to get more details about your setup

Thanks
Regards
Hari

On Jul 14, 8:41 pm, Steven Wagner <leftath...@gmail.com> wrote:
> ISC dhcpd supports secure DDNS updates.  It will send an update as  
> it's handing out an IP address.  For this to work, you do need to  
> figure out a way to determine the DDNS hostname.  You can trust the  
> hostname passed by the client, and/or you can override it with one you  
> generate yourself.
>
> The way I'm handling DDNS is:
>
> * Generic forward/reverse rules in dhcpd.conf for everybody.
> * Specifically-named host entries get added/sync'd to dhcpd.conf  
> through Cobbler.
> * An additional layer of A/PTR and CNAME records is handled through a  
> Puppet class.
>
> The first two points are pretty well-documented through Google.  The  
> last seemed like a neat way of dealing with vhosts and Puppet nodes in  
> general, and was kind of my test class for storeconfigs.  DDNS update  
> objects are exported on the Puppet clients (as part of an Apache vhost  
> declaration, for example) and collected on the server that runs  
> Cobbler and DHCP (which is authorized to send DDNS updates to the  
> domains we're working with).
>
> It works pretty well!
>
> On Jul 14, 2010, at 9:15 AM, Harihara Vinayakaram wrote:> Hi
> >  I have a set up that runs puppetmasterd, DDNS , DHCP etc on one
> > server . I have managed to PXE boot Ubuntu 10.04 clients and setup
> > puppet clients . The ultimate goal is to run Hadoop on the nodes. I
> > have some observations on the process and I am wondering if there is
> > any easier way to do . I am running this on 50 physical nodes.
>
> >     1. Puppet clients work only if the DNS (both forward and revese
> > work ). For DDNS to work (at least on Ubuntu clients) secure DDNS in
> > the only way  . This needs a dhclient-exit-hook per machine and also a
> > send fqdn.fqdn from each machine's dhclient.conf .
>
> >            To solve this my preseed.cfg contains a late-command which
> > transfers a script to the client machine which does a series of wget
> > and some sed manipulations . Looking from the outside it does looks a
> > bit complicated and I see a maintenance proble Is there a easier way
> > to do this ?
>
> > Regards
> > Hari
>
> > --
> > You received this message because you are subscribed to the Google  
> > Groups "Puppet Users" group.
> > To post to this group, send email to puppet-us...@googlegroups.com.
> > To unsubscribe from this group, send email to 
> > puppet-users+unsubscr...@googlegroups.com
> > .
> > For more options, visit this group 
> > athttp://groups.google.com/group/puppet-users?hl=en
> > .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Reply via email to