On Tuesday, 3 July 2012 02:28:28 UTC+5:30, Leej wrote: > > *Hello, new user here. I'm trying to bootstrap an aws instance and need > to change the server setting in puppet.conf on the client/instance that is > created. Is there anyway to do this beyond modifying hosts post-hoc?*
You can create a new AMI with a post install script call. (The Post install script can be kept on a webserver) and you can do what ever you want in that script like setting proper /etc/hosts, setting proper hostname and reverse mapping, setting proper resolver.conf file etc. > > > puppet node_aws bootstrap --image ami-e1e8d395 --keyname mykey --login > ubuntu --keyfile ~mykeyfile.pem --puppetagent-certname aws_server_test > --region=eu-west-1 --type t1.micro -g webserver > This provisions an instance but fails to register a cert request on the > puppetmaster with : > > notice: Puppet is now installed on: > blahblah.eu-west-1.compute.amazonaws.com > notice: No classification method selected > notice: Signing certificate ... > err: Signing certificate ... Failed > err: Signing certificate error: Could not render to pson: getaddrinfo: > Name or service not known > > Checking the instances puppet.conf shows that the server config variable > is set to "puppet" which I want to change to "myserver.somewhere.com". > Now I dont know if this behaviour is a bug, I would have thought that since > I'm running puppet from the master server, bootstrapping should be able to > update the server variable correctly or there should at least be a command > line option. > This can be done in many ways: 1. Create a puppet agent wrapper which runs puppet every x interval and syncs with the right puppet master (Agent should run like puppetd --test --server <server name> 2. If you have a DNS service set the DNS to search for the domain (If you do ping puppet, it should do ping puppet.company .com). For this you will have to set your resolver.conf file to search company.com. 3. Have a /etc/hosts file entry to resolve puppet > > I know I can run a script at somepoint and modify my hosts files but I'm > trying to keep things automated and simple. What am I missing? > > I should also note, if I ssh into the created instance I can modify the > puppet.conf file with the correct server name and a certificate request is > issued which I can then sign. > > Any help.best practices greatly appreciated - lj. > Best practices : 1. Keep your puppet master and Puppet CA separate 2. Have a proper DNS setup 3. Make all resolving through Resolver.conf file 4. Have a proper post install script which does hostname setting, hostname reverse mapping in /etc/hosts file, setting resolver.conf file, installing puppet agent or whatever wrapper you may have on top of puppet agent 4. Remove puppet default agent run from /etc/init.d and have a daemon tool service which run puppet manually like puppetd --test 5. Keep a proper hostname standard and ask puppetCA to sign only the hostnames allowed. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/LFmdgE_loigJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
