On Thu, Oct 14, 2010 at 10:23 PM, Don Jackson
<[email protected]> wrote:
>
> I'd like to extend my use of puppet to manage my desktop/notebook macs.
>
> As others have noted, the hostname of the mobile machines tends to change
> frequently, so basing the node name (in my site.pp) and the corresponding
> cert and private key names seems to be an issue.
>
> I seem to recall somewhat talking about this at Puppet Camp last week…..
>
> Generally my signing strategy is always to generate new certs and private
> keys on the puppetmaster, and install them on the client machine as part of
> the initial install (hopefully automated).
>
> Can I generate a cert based on the macaddress of the new machine?
You're better off using UUIDs in my opinion.
man uuidgen
> I tried this, and puppetca --generate made the certs and key without
> complaining.
>
> Presumably I can install these on my client machine.
>
> If so, would I then run puppetd with a the --fqdn argument, and give the mac
> address there?
no, you want to use 'certname', not fqdn.
>
> And what would the name of this machine be in a node specification in the
> manifest?
>
> I put
> node '00:1f:5b:f8:23:f8' { }
>
> in my manifest, and it was very unhappy.
>
> Any advice about how I can accomplish what I am trying to do?
>
> Thanks,
>
> Don
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
--
nigel
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
