Never forget the DHCP does NOT necessarily mean "dynamic addresses". Depending upon your corporate culture, it may be perfectly acceptable for DHCP to hand out statically assigned addresses to your hosts. This would allow your build process to be easy, and you can have the host never DHCP again after it's up and running (until you rebuild it!).
On Feb 22, 2011, at 8:15 AM, Jonathan Gazeley wrote: > We have a small pool of DHCP IP addresses for use only in the build process. > This is our process: > > 1. We boot the servers from PXE network boot > > 2. They get one of the temporary IPs > > 3. They start a CentOS network install using a kickstart file with the bare > minimum of packages selected, including puppet > > 4. The last stage of the kickstart is to set puppet running > > 5. At this stage, human intervention is required to authorise the new machine > in puppetca. I'm aware that it is possible to have this step done > automatically, but it can be a security risk. > > 6. Once the server is authorised in puppet, it receives a basic "common" > config from puppet, which gives it the proper static IP that it should have, > disables DHCP, sets the hostname, sets up NTP, etc. > > 7. From now on, it's dead easy to use puppet to install and configure > everything else. > > Cheers, > Jonathan > > ---------------------------- > Jonathan Gazeley > Systems Support Specialist > ResNet | Wireless & VPN Team > IT Services > University of Bristol > ---------------------------- > > On 22/02/11 15:47, David Kavanagh wrote: >> I'm about to start playing with Kickstart. I never really had to >> provision bare servers beyond a normal OS install, so I need something >> to use along with Puppet. Is there a general consensus on what the best >> option is? >> I'd need to set up the node with IP/hostname/role. (I have a custom fact >> for role). I figured I'd simply ssh in to write the role file, but if >> I'd rather not use dhcp, I suppose I'll need to get the network >> interface configured in another way. What do folks generally do here? >> >> David >> >> -- >> You received this message because you are subscribed to the Google >> Groups "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
