We have one script that is called to bootstrap and provision new VMs. There's
another one for destroying. These scripts are also responsible for logging
into the puppet master (via ssh), polling for the cert to be created (puppet
cert list) and then issuing the sign/clean commands.
--
You re
- Original Message -
> From: "Douglas Garstang"
> To: puppet-users@googlegroups.com
> Sent: Monday, September 17, 2012 7:16:02 PM
> Subject: Re: [Puppet Users] Re: Systems Provisioning
>
> I probably should have been clearer with my question. I was more
&g
On Sep 17, 2012, at 2:16 PM, Douglas Garstang wrote:
> I probably should have been clearer with my question. I was more
> interested in how people are managing certificates? Even if you use
> autosign, you still need to clean certificates manually.
>
> Doug.
Doug,
We autosign certs for hosts in
If you want the least amount of headache at the cost of security, here
is a sanitised extract from my kickstarts:
#LB: attempt to revoke and delete the certificate for this hostname, this
should stop us having
#to manually clean off every cert.
curl -k -X PUT -H "Content-Type: text/pson" --data
I probably should have been clearer with my question. I was more
interested in how people are managing certificates? Even if you use
autosign, you still need to clean certificates manually.
Doug.
On Mon, Sep 17, 2012 at 6:25 AM, Keiran Sweet wrote:
> Hi There,
> I manage a relatively large RHEL
