I have tried copying over the contents of the /var/lib/puppet/ssl/ca directory, but apparently something with in it is specific to the host, such it then complains that the certificates and keys do not match. I also saw http://reductivelabs.com/trac/puppet/wiki/MultipleCertificateAuthorities, but I do not want to put apache on each host. With cfengine2, it was very simple to have cfservd running on each host, distribute the keys to each, and then pull result files from the clients to the central server. I cannot seem to find an example of a similar setup with puppet.
Luke On Sep 22, 4:30 pm, Luke Schierer <luke.schie...@gmail.com> wrote: > On Sat, Sep 19, 2009 at 7:53 AM, Luke Schierer <luke.schie...@gmail.com>wrote: > > > > > > > On Sep 19, 2009, at 05:11 EDT, Peter Meier wrote: > > >> The standard way to do that is: > >>>> source => > >>>> ["puppet:///foo/file-$hostname","puppet:///foo/file-$lsbdistcodename > >>>> ","puppet:///foo/file"] > >>>> - check for modules/foo/file-www4, then file-jaunty, then file > > >>>> * sourceselect: > > >> Whether to copy all valid sources, or just the first one. This parameter > >> is only used in recursive copies; by default, the first valid source is > >> the only one used as a recursive source, but if this parameter is set to > >> all, then all valid sources will have all of their contents copied to > >> the local host, and for sources that have the same file, the source > >> earlier in the list will be used. Valid values are first, all. > > >> So you can have both variants. > > >> cheers pete > > > When I tried to do this with > > source => [ 'puppet://host1/files/target','puppet://host2/files/target'] > it works fine for the first host, which acts as the puppetmaster, but not > for the second one. It complains about an unknown CA. > > I realize that this is because the CA certificates differ on the two hosts, > and the certificate puppet is using to pull files is only signed by one of > the two, the one it gets its configuration from. > > Is there a key or keys I can distribute to each node so that I can pull > files from all of them? > > Thanks! > > Luke- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
