Hi all,
I am seeing some very curious behaviour with puppet enterprise (on a
trial license to evaluate, before I get redirected there :) )
I have client systems (RHEL) being kickstarted and installing pe-puppet
and a couple of other basic packages, before using
puppet agent -t --environment bootstrap --server PUPPETSERVER
To ensure the rest of the bootstrapping takes place properly.
Only puppet configuration takes place in the 'bootstrap' environment.
This part works fine - I have autosigning configured on my puppetmaster
for these hosts.
I really do not want to have to muck about NFS mounting/copying the
entire PE installation directory on all the boxes here, should we decide
to deploy it. That's really not scalable at all.
It looks like the preliminary puppet run is receiving a cert and then
using that to connect to the puppet master, which works just fine, but
then once the node has rebooted, a completely new key pair appears to
have been generated on the client system, which no longer matches that
on the master.
for more information (and info to backup my point):
http://fpaste.org/WGuW/
I can't quite figure out when this new cert is being created, unless
this is buried somewhere in the PE initial run, which appears to
configure mcollective among many other things, although thus far I
cannot find where this configuration is assigned to nodes, so I'm not
100% clear which classes are applied.
With full debugging enabled,I see the first cert being signed in the
puppetmaster logs, as I'd expect.
Anyone have any ideas or pointers as to where I should start?
I'm at a bit of a loss here.
Stuart
--
Stuart Sears RHCA etc.
"It's today!" said Piglet.
"My favourite day," said Pooh.
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
