I've added some code to git that makes the ports that certmaster and
func use configurable.
Certmaster
The port certmaster listens on is set in
/etc/certmaster/certmaster.conf. The option "listen_port"
is an int representing the port.
Funcd
The config file /etc/certmaster/minion.conf include the
"certmaster_port" config option. This
config file is read by funcd to see where it should make certmaster
requests to.
The config file /etc/func/minion.conf has a "listen_port" option
that specifies what port
funcd should listen on.
Func
At the moment, func overlord is also using the /etc/func/minion.conf
file and the "listen_port" to figure
out what port to talk to.
This works, but there are couple issues with it. The first is that
/etc/func/minion.conf is really supposed
to be configuration for just funcd.
The other is that this means that a given overlord must have all of
it's minions listening on the same port.
In practice, I suspect this is the primary use case. But I wonder
if there is a need for a way to configure
the funcd port for each minion.
One possibility would be the cert request could include this info,
and it could get logged along with the
cert info.
Anyone got any ideas or opinions?
_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list
