On Thursday, May 10, 2012 10:39:22 AM UTC-7, windowsrefund wrote: > > > On May 10, 12:44 pm, Daniel Sauble <djsau...@puppetlabs.com> wrote: > > > > - Securely add nodes to your deployment without manually signing > > certificates on the CA... > > - ...so that you can have the advantages of autosigning without > its > > security problems. > > > > I'm about to engage on a similar effort and was thinking of writing a > puppet face to handle this job. Can you elaborate on the work flow and > solution you're thinking about? >
We're looking to implement a Puppet Face to address this need. The workflow currently looks like: 1. Login to the site host 2. Generate a pre-shared key 3. Join a node to the site using the pre-shared key 4. Repeat step 3 for every node you want to add to the site >From the command-line, this workflow might be represented as the following: * node02$ ssh ad...@site02.domain.com Last login: Mon May 7 18:15:43 2012 site02$ mount /media/usbdisk site02$ puppet site generate key > /media/usbdisk/site.key site02$ umount /media/usbdisk site02$ exit node02$ mount /media/usbdisk node02$ puppet node join site02.domain.com < /media/usbdisk/site.key Trying to add node02.domain.com to the site at site02.domain.com... Use `puppet site status node02.domain.com` to confirm success To stop waiting for the command to complete, press Ctrl-C. The command will still complete in the background. Added node02.domain.com to the site at site02.domain.com* -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/dWo3QflKMogJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.