On Tue, Jun 4, 2013 at 8:09 PM, <[email protected]> wrote: > On Tuesday, June 4, 2013 7:11:05 PM UTC-7, Nan Liu wrote: > >> You have the option of PSK, AES, and SSL for MCollective security. I >> don't believe ActiveMQ supports Kerberos. RabbitMQ added it as a plugin >> very recently, so I doubt anyone explored using this. You will need to >> write a kerberos plugin (https://github.com/**puppetlabs/marionette-** >> collective/tree/master/**plugins/mcollective/security<https://github.com/puppetlabs/marionette-collective/tree/master/plugins/mcollective/security>). >> I would ask on the MCollective mailing list or ping vulcane on IRC >> #mcollective. >> > Nan, can you give me an example operation that uses mcollective and will > break if the agent doesn't have a client cert? >
It's a plugin system, so TLS is not mandatory, simply the default recommendation. MCollective security is independent from puppet and using the puppet cert is due to convenience, and not because the two product share the same credentials. You can find out more at the following link: http://docs.puppetlabs.com/mcollective/security.html HTH, Nan -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-dev?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
