On Wed, Oct 6, 2010 at 4:32 PM, dagrundy <dagru...@gmail.com> wrote:
> This is my first posting to this group and I hope I am not asking
> something that I could have found the answer to myself. I am trying
> to set up a mechanism for quickly provisioning customized virtual
> machines (VMs) and looking at puppet as a means to implementing this.
> The concept is this. Take a base VM and offer user packages to choose
> for on their custom VM. Then use puppet to manage configuration of
> custom VM. One challenge I am experiencing is that the base VM is
> cloned for each new instance. Each custom VM then does not have a
> unique hostname, its IP address is dynamically allocated at creation
> and the IP address may not persist upon reboot. The one unique
> identifier on each VM is the mac address. Is there some way that
> puppet can be configured so that the way it identifies new nodes is by
> means of the mac addresses? I am an absolute newb to puppet so I am
> not sure if this question was dealt with in earlier postings. I am
> running 0.22.4 just because that is what was in the yum repository. I
> am certainly willing to upgrade if that is any help. I am not sure if
> I am giving enough info here so please let me know if more is
> required. Any help would be greatly appreciated.
Yes, it would be much better to upgrade to a later version. Would it
be better to configure a sensible hostname before connecting to puppet
master?
Anyhow back to your question, by default puppet will use the host fqdn
to identify itself in the certificate subject CN. if you want the
nodes to be identified by mac address so you get unique certs and can
identify them as separate nodes despite having the same hostname,
specify certname option (must be lower case):
# puppet agent --certname=`facter macaddress|tr [A-Z] [a-z]|tr -d :` -t -v
info: Creating a new SSL key for 000c298834fb
warning: peer certificate won't be verified in this SSL session
warning: peer certificate won't be verified in this SSL session
info: Creating a new SSL certificate request for 000c298834fb
info: Certificate Request fingerprint (md5):
53:54:E0:9B:53:04:B2:29:B8:24:FB:C3:BB:49:FF:83
warning: peer certificate won't be verified in this SSL session
warning: peer certificate won't be verified in this SSL session
warning: peer certificate won't be verified in this SSL session
Exiting; no certificate found and waitforcert is disabled
In the puppet manifest, this host will be
node 000c298834fb {
}
Thanks,
Nan
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
