Hi Guys! The certificat of the client itself is not used for communication to puppet-master. Agent use for this its private key that can be schared between your immutable PXE hosts. You cat just rename (m.b. in rc.local) this private key during machine startup to correspond to new hostname of server and than start puppet-agent service. In this case puppet agent will use this shared private key. Old servers will continue to communicate with the master as if nothing had happened after a reboot. New servers will receive a new certificate. But each certificate will correspond to a single private key. Although they will have different Canonical Name (CN == hostname).
понедельник, 31 мая 2010 г., 16:41:55 UTC+3 пользователь julien написал: > > Hi list, > > In our platform we have a lot of machines in which the system is a > single disk image loaded on RAM from PXE. > > The problem is quite simple : if I install puppetd on the image, I > will end up using the same certificate for 100 different servers with > different names (the hostname is setup at boot time from dhcp) and I > guess the puppetmaster won't allow that. > > In other words : what should I do to create a hundred nodes with the > same certificate ? > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/8bf8f018-bd37-4f62-a5c7-225f19cb10e5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
