As far as i could see, the Puppet cloud provisionner also generates a random name and creates a certificate request based on it. Then Puppet client is run with the certname option, set with this previously generated hostname
2011/10/17 James A. Peltier <jpelt...@sfu.ca> > ----- Original Message ----- > <snip>| > | Is there a best practice or a solution for this problem? I do need to > | use > | the same hostnames sometimes for instances that generate new > | certificates > | when they come up, I've been trying to clean the certificates once in > | a > | while for instances that are no longer responding but that didn't go > | very > | well and I also understand that I need to restart the master in order > | for > | that to take effect which I don't want to do. > | > | Once solution that I thought about is to generate a certificate for > | each > | hostname and make sure that when an instance comes up it gets the > | specific > | certificate that was already generated and signed by the master. Is > | this a > | good idea? Any other thoughts about this? > | > | Thanks, > | Galed. > | > > I use server generated certificates and copy those certificates to the host > upon re-install. Works very well for me. > > -- > James A. Peltier > IT Services - Research Computing Group > Simon Fraser University - Burnaby Campus > Phone : 778-782-6573 > Fax : 778-782-3045 > E-Mail : jpelt...@sfu.ca > Website : http://www.sfu.ca/itservices > http://blogs.sfu.ca/people/jpeltier > I will do the best I can with the talent I have > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
