Hi,
The situation ;
Whenever I bring up a vagrant box, I do a puppet run against my puppet
master to configure some common things I need.
And I want to avoid the remove/new request and sign cycle after a
vagrant destroy.
This can be done using following vagrant config :
vm_config.vm.provision :puppet_server do |puppet_server|
puppet_server.client_cert_path =
"box_certs/rspecfc20/cert_rspecfc20.koewacht.net.pem"
puppet_server.client_private_key_path =
"box_certs/rspecfc20/priv_rspecfc20.koewacht.net.pem"
puppet_server.puppet_node = "rspecfc20.koewacht.net"
puppet_server.puppet_server = "puppet.koewacht.net"
end
but it does not work,
I get a "Error: Could not request certificate: stack level too deep"
so, i stumbled against https://projects.puppetlabs.com/issues/21869
This bug seemed to be solved in 3.4.x, but I'm running 3.4.3
But I think, when I want to reuse my certs on my clean vagrant box,
CA public key of the server should also be provided with both the
generated cert/private key of the node.
Even if i stumbled against this bug, which did give the solution of my
problem, I think puppetmasters CA public key should always be provided.
I added in my fork of the vagrant code this extra config option, and now
I my puppet run against my master, reusing my certs works :
puppet_server.server_ca_public_key = "box_certs/ca.pem"
But is this the way to do this, or a bug ?
Grts
Johan
--
Johan De Wit
Open Source Consultant
Red Hat Certified Engineer (805008667232363)
Puppet Certified Professional 2013 (PCP0000006)
_________________________________________________________
Open-Future Phone +32 (0)2/255 70 70
Zavelstraat 72 Fax +32 (0)2/255 70 71
3071 KORTENBERG Mobile +32 (0)474/42 40 73
BELGIUM http://www.open-future.be
_________________________________________________________
Next Events:
Zabbix Certified Training |
http://www.open-future.be/zabbix-certified-training-10-till-12th-march
Zabbix for Large Environments Training |
http://www.open-future.be/zabbix-large-environments-training-13-till-14th-march
Puppet Intruction Course |
http://www.open-future.be/puppet-introduction-course-14th-april
Puppet Advanced Training |
http://www.open-future.be/puppet-advanced-training-15-till-17th-april
Subscribe to our newsletter | http://eepurl.com/BUG8H
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/530F9D6F.2090002%40open-future.be.
For more options, visit https://groups.google.com/groups/opt_out.
