On Friday, July 6, 2012 3:17:15 PM UTC-5, llo...@oreillyauto.com wrote:
>
> Just as an update, I found a workaround by setting certname to the IP, but
> I was still wondering if this is the best solution when there isn't a
> "real" hostname on the system(s)?
>
It is not the best solution. In fact, it's quite a bad solution if there
is any chance the machine's IP will ever change (e.g. if it gets its IP
number via DHCP, or if it might ever be moved to a different network).
Setting a non-default certname might conceivably prove to be appropriate
for you, but I haven't yet heard anything to make me think so.
If the machine is its own source of truth for its host name, then setting
the server parameter to whatever host name you have chosen should be fine.
Do verify that the machine can resolve its own name, but that's not
normally a problem. Alternatively, use the default server name ("puppet")
and in /etc/hosts add "puppet" as an alias for 127.0.0.1.
Since you have already set up SSL certificates, however, you will need to
clear those out to change certnames and servers. To do so, shut down the
master and agent, then completely remove directory /var/lib/puppet/ssl.
John
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/WZ3cRpr1GeEJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
