Steven VanDevender wrote: > I'm not our local Cobbler/Kickstart expert, but the guy who created > our Cobbler installation even figured out how to script a new host's > initial registration with the puppetmaster (I believe the key idea > is that there is a command-locked ssh identity key that allows the > host to get in to the puppetmaster and issue the right "puppetca" > command). I'd have to do some digging to look up the specifics.
I handle this in my environment by generate the new host key on the puppetmaster and packaging that into an rpm, which gets installed in the kickstart along with puppet. That way an initial puppet run can happen during install. Doesn't exactly scale, unless you automate the key generation though, like you mentioned doing. -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ There are severe limits to the good that the government can do for the economy, but there are almost no limits to the harm it can do. -- Milton Friedman. Nobel laureate
pgpjSQTb3suHT.pgp
Description: PGP signature