Need some advice: Clients that change name and IP address
Dan White
New machines are built/loaded in dev and then moved, if necessary to QA or production after they have been configured and verified. In moving, the machine in question will change its IP address and hostname.
I have set up a Cobbler server to shortcut this, and I am now tasked with adding Puppet to the mixture.
Can anyone suggest a maintainable way for Puppet to handle machines that get moved and renamed as described ?
My first thought is to remove all the files generated by making the machine a puppet client and then just re-add it as a new client in the new location with the new name, but that feels like a brute-force solution.
“Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.”
Bill Waterson (Calvin & Hobbes)
Nigel Kersten
The environment I work in has dev, QA, and production divisions.
New machines are built/loaded in dev and then moved, if necessary to QA or production after they have been configured and verified. In moving, the machine in question will change its IP address and hostname.
I have set up a Cobbler server to shortcut this, and I am now tasked with adding Puppet to the mixture.
Can anyone suggest a maintainable way for Puppet to handle machines that get moved and renamed as described ?
My first thought is to remove all the files generated by making the machine a puppet client and then just re-add it as a new client in the new location with the new name, but that feels like a brute-force solution.
“Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.”
Bill Waterson (Calvin & Hobbes)
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Nigel Kersten
Product Manager, Puppet Labs
Dan White
On Tue, Aug 30, 2011 at 9:28 AM, Dan White <yg...@comcast.net> wrote:The environment I work in has dev, QA, and production divisions.
New machines are built/loaded in dev and then moved, if necessary to QA or production after they have been configured and verified. In moving, the machine in question will change its IP address and hostname.
I have set up a Cobbler server to shortcut this, and I am now tasked with adding Puppet to the mixture.
Can anyone suggest a maintainable way for Puppet to handle machines that get moved and renamed as described ?
My first thought is to remove all the files generated by making the machine a puppet client and then just re-add it as a new client in the new location with the new name, but that feels like a brute-force solution.Don't use hostnames for your certnames?I've used UUIDs for this sort of deployment in the past.
Gary Larizza
--You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Dan White
On Tue, Aug 30, 2011 at 8:43 PM, Dan White <yg...@comcast.net> wrote:Details, please.On Aug 30, 2011, at 9:17 PM, Nigel Kersten wrote:On Tue, Aug 30, 2011 at 9:28 AM, Dan White <yg...@comcast.net> wrote:
The environment I work in has dev, QA, and production divisions.
New machines are built/loaded in dev and then moved, if necessary to QA or production after they have been configured and verified. In moving, the machine in question will change its IP address and hostname.
I have set up a Cobbler server to shortcut this, and I am now tasked with adding Puppet to the mixture.
Can anyone suggest a maintainable way for Puppet to handle machines that get moved and renamed as described ?
My first thought is to remove all the files generated by making the machine a puppet client and then just re-add it as a new client in the new location with the new name, but that feels like a brute-force solution.
Don't use hostnames for your certnames?I've used UUIDs for this sort of deployment in the past.The certname setting can be changed in the agent section of puppet.conf. When I managed Puppet down to the desktop, I would typically set the client's certname to their serial number (which wouldn't change unless the Motherboard was changed). Because of this, they could change their Hostname to their heart's content and the SSL certs for Puppet wouldn't be affected.
Scott Smith
Dan White
The paragraph pointed to by the link says that a certname is "...The name to use when handling certificates. Defaults to the fully qualified domain name."
The top of the page also says that configuration settings can be specified in puppet.conf or on the command line.
So I conclude I need to put "certname=<something unique>" into /etc/puppet/puppet.conf of the client machine and the same unique name into a node on the puppetmaster.
It is my hope to generate the client conf as part of the cobbler/kickstart/puppet setup I am trying to establish. I am thinking that I should have access to facter in the kickstart %post section, so I should be able to make it happen in front of the snippet that generates the puppet certificates and signing request.
Does that shot hit the target ?
Thanks for your help and pointers.
“Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.”
Bill Waterson (Calvin & Hobbes)
Gary Larizza
OK, let me try to see if I have it. Please correct any misteaks I make in this attempt.
The paragraph pointed to by the link says that a certname is "...The name to use when handling certificates. Defaults to the fully qualified domain name."
The top of the page also says that configuration settings can be specified in puppet.conf or on the command line.
So I conclude I need to put "certname=<something unique>" into /etc/puppet/puppet.conf of the client machine and the same unique name into a node on the puppetmaster.
It is my hope to generate the client conf as part of the cobbler/kickstart/puppet setup I am trying to establish. I am thinking that I should have access to facter in the kickstart %post section, so I should be able to make it happen in front of the snippet that generates the puppet certificates and signing request.
Does that shot hit the target ?
Thanks for your help and pointers.
Dan White
I'm using the mac address instead of uuid as the mac address is a machine-unique value I can easily access.
I will post details of my implementation (cobbler snippet tweaks and all) once I am confident I have all the details covered. "Pay it forward !!"
Thanks for the pointers.
“Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.”
Bill Waterson (Calvin & Hobbes)