Chris O'Regan wrote:
>> We use a post install trigger in cobbler to connect to the cfengine host
>> and delete the old cfengine key for the newly installed machine (if one
>> exists). Then we have cfengine setup to accept new keys. I can send you
>> some examples if you like.
>
> Yes, please! :-)
Sure, we run cobbler and cfengine on two different machines, so we use
xmlrpc in python to communicate between the hosts.
On the cobbler box:
> cat /var/lib/cobbler/triggers/install/post/clientkeys.py
#!/usr/bin/python
import socket
import xmlrpclib
import sys
from cobbler import api
cobbler_api = api.BootAPI()
systems = cobbler_api.systems()
box = systems.find(sys.argv[2])
server = xmlrpclib.ServerProxy("http://cfengine:9000";)
server.update(box.get_ip_address())
On the cfengine box, we run a daemon that does the following (along with
a few steps to update our ssh_known_hosts file):
#!/usr/bin/python
import SimpleXMLRPCServer
import os
class Keys(object):
def update(self, ip):
try:
os.unlink('/var/cfengine/ppkeys/root-%s.pub' % ip)
except OSError:
pass
keys = Keys()
server = SimpleXMLRPCServer.SimpleXMLRPCServer(("cfengine",9000))
server.register_instance(keys)
server.serve_forever()
I hope that helps! Let me know if you have any questions.
--
Jennifer Cranfill
Systems Engineer
Sony Pictures Imageworks
[EMAIL PROTECTED]
_______________________________________________
cobbler mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/cobbler
