Re: Func 0.27 + Puppet

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2011-04-26, Norvell, Preston <Preston.Norvell@xxxxxxxxxxxxxxxxxxxx> wrote:
> Reading through it, I have a couple comments:
> - I have found no need to modify anything in /etc/certmaster on either the overlords or minions

I use the EPEL packages, and they have certmaster=certmaster in 
/etc/certmaster/minion.conf, and then the minions fails to start.

> - Depending on where you get your RPM (I get mine currently from
> RPMForge), it may want to install/run certmaster by default.  It should
> be disabled.

Oh.. I hadnÂt noticed. Thanks!

IMHO thatÂs a bug in the packaging... skvidal ?

> - There is a nascent puppet module to manage minion and overlord configurations here: http://forge.puppetlabs.com/rodjek/func.  I used it as the beginning of my work and hope to push the changes back up stream to the author.  It might be good to let folks know it exists.

I wrote my own yesterday ->

	http://blag.tanso.net/2011/04/13-puppet-as-certmaster-for-func/

> - I found that I needed to create an acl file in /etc/minion-acl.d with the hostname-certhash of the overlord/puppetmaster on each minion, because rather than defaulting to "*" it defaults to "foo" (literally) for the acl.

I didnÂt need that. My minion-acl.d/ is empty, and I can access the minions
from the overlord. Hmm.. guess I need to understand the access control
model of func better..


  -jf

_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list



[Index of Archives]     [Fedora Users]     [Linux Networking]     [Fedora Legacy List]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux