I started with this as my foundation:
<http://fedoraproject.org/wiki/Infrastructure_Host_Rename_SOP#Telling_Puppet_about_the_new_host>
and then decided to use a string formed by the primary MAC address as my
certname like this:
MACADDR=`facter macaddress | tr "[:upper:]" "[:lower:]" | sed 's/://g' `
MY_NEW_CERTNAME="macaddr${MACADDR}"
I thought I would save myself from the trouble in the referenced web-page by
using a machine-unique certname rather than something as non-unique as the FQDN
or IP address.
How wrong I was !!
I had my first occasion to test drive this (faulty) idea.
Set up a machine as described, then it was moved to another sub-net, new IP,
new hostname, and so I thought it would fly when I ran puppetd from the new
location.
What I got was a message saying:
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could
not find default node or by name with 'macaddr1234567890a, example.foo.bar,
example.foo, example' on node macaddr1234567890a
example.foo.bar is the new FQDN of the machine.
Now ain't that a kick in the Planters ?
So now I have to ask, how is it looking for the FQDN and the not-so-FQDN and
just the hostname ? I was under the impression that everything keyed from the
certname.
Now, to add insult to injury, the above referenced process no longer works !
I went as far as doung rm -frv /var/lib/puppet on the client and after doing
puppetca --revoke --clean on the master, I found two more references to
"macaddr1234567890a" -- one in /var/lib/puppet/yaml/node and one in
/var/lib/puppet/yaml/facts -- which I removed. And I even restarted the
puppetmaster daemon a few times.
The only thing I have NOT yet done is to wipe /var/lib/puppet on the Master and
re-certify everything. This setup is still in its infancy, so doing that is
not a big deal, but once things snowball a bit, I will not have the luxury of
rebuilding the PuppetMaster every time a machine moves.
Suggestions, please !
“Sometimes I think the surest sign that intelligent life exists elsewhere in
the universe is that none of it has tried to contact us.”
Bill Waterson (Calvin & Hobbes)
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
