Puppet is worth it just for mere dint of the fact of centralized control of SSH keys
Go Puppet go! --Stuart Via Apple iPhone 4S on the AT&T Wireless Network On Jul 27, 2012, at 10:58 AM, Nikolaos Hatzopoulos <nhat...@gmail.com> wrote: > My philosophy is that if you implement something would be easy to redo it and > produce > a new key, kind of something nice that puppet has, so the thing that you are > suggesting > with the export it sounds complicated and I wanted to learn what it does > because I > saw it was a new feature, but as I see it is better to be centralize and > produce > the keys on the server and distribute them to the nodes. > > thanks for the responds, > --Nikos > > On Thu, Jul 26, 2012 at 2:08 PM, jcbollinger <john.bollin...@stjude.org> > wrote: > > > On Thursday, July 26, 2012 10:41:28 AM UTC-5, Nikolaos Hatzopoulos wrote: > as far as I understand for files you need a unique title in my case > /etc/mynodes.txt > > how you can export instead of a file a variable and let's say it has a unique > "title" > and it has as content a string can you do that? > > You can only export resources, not variables. You can, however, export > resources of any type, including custom and defined types. I'm not quite > following what you don't like about the approach I've selected so far, but > most objectives of this kind can be realized by exporting and collecting > resources of some type, if you really want or need to go through Puppet as > the intermediary. > > > The scp won't work because I am trying to setup the ssh keys with taking the > key > from a specific node and putting into the authorized_keys file of the other > :) on the other > hand I can make the scp for the root user.. but if you do that what's the > point of using > puppet (i have only linux nodes)? > > Not this, actually. Puppet's main purpose is to serve as a central authority > and manager for the configuration of nodes under its purview. Copying data > from one node to another is conflicts with "central authority" because it > makes the source node the authority for the information copied. If you want > Puppet only for this purpose, then you probably don't really want Puppet at > all. > > A solution more in the Puppet style would be to generate all the keys on the > master (possibly, but not necessarily, inside Puppet), and have Puppet > distribute them to all parties that need them. > > > John > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/puppet-users/-/Y0BmPZIkL2cJ. > > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
