On Mon, Oct 24, 2011 at 8:28 PM, heriyanto <shell.heriya...@gmail.com>wrote:
> Base on CVE-2011-3872, i want to upgrade all puppet master and agent, > my plan upgrade puppet master first then the agent, whether the > configuration I can still be used? > if use version 2.6.12 as a puppet master and agent still 2.6.6 for > temporary then after that i upgrade to 2.6.12 for the agent? > because my configuration already complex, and also using certdnsnames. > Or anybody have good plan for upgrading? i can't recreate CA because i have > much hosts. > Upgrading the master is the important part, not the agents, but you should ultimately do them as well anyway. How many hosts do you have? If you can cluster SSH commands to them you can follow the SSH recipe for migrating them to a new CA. https://github.com/puppetlabs/puppetlabs-cve20113872/blob/master/README-ssh-only.markdown or if you can cope with a webrick master, we have a recipe there that will work for 2.6.x and 2.7.x webrick puppet masters. https://github.com/puppetlabs/puppetlabs-cve20113872/tree/master/bin/webrick If you have some other setup, you may be able to fork that module and modify it to work with your deployment. > > Best regards, > Heriyanto > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@** > googlegroups.com <puppet-users%2bunsubscr...@googlegroups.com>. > For more options, visit this group at http://groups.google.com/** > group/puppet-users?hl=en<http://groups.google.com/group/puppet-users?hl=en> > . > > -- Nigel Kersten Product Manager, Puppet Labs -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
