A long time ago in a puppet version far far away, I used to use subscribe all the time, until I discovered notify.
Now the
type docs no longer list subscibe, I'm a assuming it has been or is slated for deprecation.
but ... I have a problem that I think I can only solve using subscribe.
Certficates.
ssl certificates for each computer are put in one place, and all ssl serivces are expected to use the same certificate.
so, all computers are using the certs for ldaps://, some are using them for https://, some for other ssl based services.
file -> /etc/pki/tls/certs/localhost.crt
file -> /etc/pki/tls/private/localhost.key
group -> certifcates, members = ldap, apache, [whoever etc]
Now I need to renew all the certificates and restart the services that are using them ...
Q. howto map all this? Is there a better way than subscribing the relevant services to the cert and key files ??
Any ideas ?
Andrew.