On Thu, May 10, 2012 at 9:34 PM, Daniel Sauble <djsau...@puppetlabs.com>wrote:
> On Thursday, May 10, 2012 10:39:22 AM UTC-7, windowsrefund wrote: >> >> >> On May 10, 12:44 pm, Daniel Sauble <djsau...@puppetlabs.com> wrote: >> > >> > - Securely add nodes to your deployment without manually signing >> > certificates on the CA... >> > - ...so that you can have the advantages of autosigning without >> its >> > security problems. >> > >> >> I'm about to engage on a similar effort and was thinking of writing a >> puppet face to handle this job. Can you elaborate on the work flow and >> solution you're thinking about? >> > > We're looking to implement a Puppet Face to address this need. The > workflow currently looks like: > > > 1. Login to the site host > 2. Generate a pre-shared key > 3. Join a node to the site using the pre-shared key > 4. Repeat step 3 for every node you want to add to the site > > > From the command-line, this workflow might be represented as the following: > * > node02$ ssh ad...@site02.domain.com > Last login: Mon May 7 18:15:43 2012 > site02$ mount /media/usbdisk > site02$ puppet site generate key > /media/usbdisk/site.key > site02$ umount /media/usbdisk > site02$ exit > node02$ mount /media/usbdisk > node02$ puppet node join site02.domain.com < /media/usbdisk/site.key > Trying to add node02.domain.com to the site at site02.domain.com... > > Use `puppet site status node02.domain.com` to confirm success > > To stop waiting for the command to complete, press Ctrl-C. > > The command will still complete in the background. > Added node02.domain.com to the site at site02.domain.com* > > will you allow the older workflow to co exists? would it be possible to drive all of the process via an external api? thanks, Ohad > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/puppet-users/-/dWo3QflKMogJ. > > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
