I am in an environment that has a development, QA, and production
sub-environments.
All machines are built in "dev" then moved to qa/prod as needed.
Because a machine's IP and hostname changes in this move, I set up certnames
that are the machine's MAC address.
I use cobbler to set up the machines and here's some lines from the snippet
that implements it:
MACADDR=`facter macaddress | tr "[:upper:]" "[:lower:]" | sed 's/://g' `
MACADDRHOSTNAME="macaddr${MACADDR}"
sed -i -e "/\[main\]/a\ \ \ \ certname='${MACADDRHOSTNAME}'"
/etc/puppet/puppet.conf
In addition, because my Puppet Master is also my Cobbler Server, I have the MAC
addresses of all configured machines available to me at the server.
I hope you find this info helpful.
“Sometimes I think the surest sign that intelligent life exists elsewhere in
the universe is that none of it has tried to contact us.”
Bill Waterson (Calvin & Hobbes)
----- Alexandre <alexandre.fou...@gmail.com> wrote:
> I created a feature request https://projects.puppetlabs.com/issues/10167
>
> On 19 oct, 11:06, Alexandre Fouché <alexandre.fou...@gmail.com> wrote:
> > Hi,
> >
> > I am using the cloud provisioner to bootstrap some ec2 nodes, and these
> > clients are signed using a randomly generated certname, which is put in
> > /etc/puppet.conf at the bootstrap time (eg certname =
> > d7bcd693-73fd-495f-0876-ff91ea11111e).
> >
> > But my puppet code repo also manages the puppet.conf file, so the file will
> > be overwritten on the client at the first puppet run. Nevertheless, i should
> > not lose what was the original certname for this client, because i need to
> > insert it in the puppet.conf.erb that will be pushed to this client,
> > otherwise the puppetmaster will not recognize and allow this client anymore.
> >
> > I ran "facter" on the client, and the certname does not appear. I ran
> > "puppet --genconfig |grep certname" and the certname does not appear either.
> > I can not check the cert name in /var/lib/puppet/ssl/certs because the cert
> > will appear after first puppet run.
> >
> > Is there a way to to know what certname is using a puppet client, and be
> > able to use it in erb templates, or am using puppet and the cloud
> > provisioner in a wrong way ?
> >
> > AF
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
