PuppetTricks: Difference between revisions

From DISI
Jump to navigation Jump to search
Line 17: Line 17:
     $ sudo puppet cert --allow-dns-alt-names sign <client hostname>
     $ sudo puppet cert --allow-dns-alt-names sign <client hostname>


Note this can also be done through Foreman by going to the [Infrastructure -> Smart Proxies -> Puppetmaster -> Certificates page](https://foreman.ucsf.bkslab.org/smart_proxies/1-puppetmaster-cluster-ucsf-bkslab-org/puppetca)
Note this can also be done through Foreman by going to the [https://foreman.ucsf.bkslab.org/smart_proxies/1-puppetmaster-cluster-ucsf-bkslab-org/puppetca Infrastructure -> Smart Proxies -> Puppetmaster -> Certificates page]


=== On Client ===
=== On Client ===
The previous run should finish without errors (errors are in purple). It should then be possible to run `sudo puppet agent -t` without any waiting or errors.
The previous run should finish without errors (errors are in purple). It should then be possible to run `sudo puppet agent -t` without any waiting or errors.

Revision as of 17:52, 31 March 2015

This page is a collection of tricks and tips for using Puppet to administer systems.

The names master, puppetmaster, and foreman all refer to (at the time of writing this) alpha. The name client refers to any machine that is maintained by puppet.


Regenerating a Certificate

On Client

   $ sudo servce puppet stop
   $ sudo mv /var/lib/puppet/ssl /var/lib/puppet/ssl~
   $ puppet agent --no-daemonize --onetime --verbose --waitforcert=60

On Server (within 60 seconds)

   $ sudo puppet cert clean <client hostname>
   $ sudo puppet cert sign <client hostname>
      OR if you wish to allow DNS aliases
   $ sudo puppet cert --allow-dns-alt-names sign <client hostname>

Note this can also be done through Foreman by going to the Infrastructure -> Smart Proxies -> Puppetmaster -> Certificates page

On Client

The previous run should finish without errors (errors are in purple). It should then be possible to run `sudo puppet agent -t` without any waiting or errors.