Hi,
Such a mechanizim is already available via foreman[1], where it handles the
autosign file for you, upon a provisioning request, it would enable the
machine (assuming its allowed to be built) and disable it once puppet has
run on the client.
If you don't want to use the full blown foreman just
I too have been after this for some time. I will take a read of this.
Thanks so much for taking the time to write this up Dan.
Thanks!
On Nov 12, 8:26 pm, "luke.bigum" wrote:
> Excellent, thanks for that Dan I'll take a look.
>
> On Nov 11, 5:42 pm, Dan Bode wrote:
>
> > Hi,
>
> > On Thu, No
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alternatively to using auto-sign, you can do server-side cert generation
with puppetca -g, then figure a good secure way to transfer that stuff
during OS install.
On 11/14/2010 01:09 PM, Matthew Macdonald-Wallace wrote:
> Hi all,
>
> I'm trying to wo
Matthew Macdonald-Wallace writes:
> I'm trying to work out the best way to ensure that my systems run puppet at
> first boot without having to run puppetca --sign or have wildcards in my
> auth file.
Use autosign, which will tell the puppet master to sign the certificate
request without needing
On Thu, Nov 11, 2010 at 11:53 PM, Derek J. Balling wrote:
>
> On Nov 11, 2010, at 6:26 PM, donavan wrote:
>> From your comment in #3958 I think autosign[1] with "*.domain.tld"
>> would work for you.
>
> Nope. Because "autosign" doesn't also "auto-overwrite".
Actually it has meant that in some ver
Hi all,
I'm trying to work out the best way to ensure that my systems run puppet at
first boot without having to run puppetca --sign or have wildcards in my
auth file.
All nodes are stored in an external database so what I want to tell puppet
is "if it's in the database, authenticate it, othwis
Thanks Patrick, Stefan,
Have installed puppetmaster package and have sorted the 'ownner' typo
and file permissions. Have re-tested and everything is now looking
good for me to start playing!
Thanks again,
Edd!
On Nov 14, 12:46 pm, Stefan Schulte
wrote:
> On Sat, Nov 13, 2010 at 12:53:35PM +000
On Wed, Nov 10, 2010 at 1:08 AM, luke.bigum wrote:
> I've seen the same issue as well. I just tested then, adding a simple
> notify resource to a node and it took three consecutive runs of
> puppetd before the message appeared:
Is it the number of runs or is it simply time based?
>
> # puppetd -
On Sat, Nov 13, 2010 at 12:53:35PM +, Edd Grant wrote:
> Hi all,
>
> 1: sudo apt-get install puppet, installation completed but I noted the
> following warning (is this important?):
> *adduser*: *Warning: The home directory* `/*var/lib/*
> *puppet*' *does not belong to the user you are current
Is the clock of the troublesome host synchronized with all of the
others? This is often the cause of certificate verification failures.
Hope this helps,
--
Jeff McCune - (+1-503-208-4484)
On Nov 13, 2010, at 10:49 PM, David Birdsong
wrote:
> I am banging my head against the wall for recently b
10 matches
Mail list logo
