Op 4 feb. 2011 om 12:04 heeft no-re...@cfengine.com het volgende geschreven:
> Forum: Cfengine Help > Subject: Cfengine client setup howto > Author: kenneho > Link to topic: https://cfengine.com/forum/read.php?3,20442,20442#msg-20442 > > Hi all, > > > I'm about to play around with Cfengine 3 community edition, and have found > some documentation and tutorials on the net. > > The documentation I've found so far describes well how the master works and > stuff, but not how to get a client up and running. I've played around with > puppet in the past, and in puppet I'd typically go "puppetd --server > puppetmaster.example.com" or something to set up the client. Can anyone point > me to documentation on this? I've read somewhere that setting up a client is > a multistep thing (run cf-key, copy over a couple of file manully, run the > agent, etc), but I'm sure there must exist some easier way of telling a > client to connect to a server. The documentation is indeed confusing and the example starter code provided is pain wrong because the mycopy() body lacks a servers clause so it doesn't even try to copy from a server. Here's the idea how you should set it up (I'm typing on my iPhone without access to a cfengine installation so I might be wrong on the gory details. Just bear with me and look at the reference manual for the correct syntax): - Set up the server that it accepts connections from your client and that it trusts all keys. - Set up the server that it allows access to /var/cfengine/masterfiles - Run cf-key on the client. Copy it's localhost.pub to the server as /var/cfengine/ppkeys/root-clientIP.pub and copy the server localhost.pub to the client as root-serverIP.pub - Copy the masterfiles from the server to the client. Be sure that the mycopy() body has a servers slist and that it contains the trustkey => "true" line. - On the client run cf-agent --bootstrap && cf-agent In this way the client automatically trusts the server and the other way around. That is indeed a security risk, but this should get you started. Hope this helps, Erik _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
