Adrian Likins wrote:
Michael DeHaan wrote:
It's always kind of bugged me that if I have a valid certificate, and
I start funcd when certmaster can NOT be contacted, that funcd fails.
I think there are a couple of ways to fix this. If the machine
already has a cert from the configured certmaster, how about we have
it not try to contact certmaster?
We have a bit of a catch-22 with the funcd starting with no
certmaster. We try to figure out the fqdn name in some cases by
talking to the certmaster, since we need the fqdn to know what the
cert names are so we can if they exist.
We could just fallback to the less effictive get_hostname, but I think
that behaves incorrectly in many cases.
We could store some way of knowing which cert the minion uses as it's
own.
- we could symlink "self" or something to the right certs in the dir
- we could store the hostname we create the certs with somewhere
(config file presumably). Not entirely sure what to do in
cases where the hostname changes though.
http://github.com/alikins/func-alikins-devel/tree/func_no_certmaster has
a version of a fix that seems to work, though
I'm not sure I like it yet. But it's a shot...
Adrian
_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list
