How can I pre-sign a server which doesn''t yet have a domain pointing to it? I''m trying to get an EC2 "base image" together which is pre-signed with our master, so I can spin-up as many instances as required. These instances which will all share the same characteristics and files (they''re basically dupes), and will all sit behind a load-balancer, so they''ve all been given the same hostname/fqdn. I''ve tried following the steps outlined in a serverfault[1] answer but I seem to only get the following error: # puppetd --fqdn webserver --server puppet.my.org --waitforcert 60 -- test err: Could not retrieve catalog from remote server: hostname not match with the server certificate warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run Can anyone point me to, or possibly provide, the steps I need to follow to (pre-)sign this "image"? [1] http://serverfault.com/questions/137292 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Should probably mention: Master is a CentOS 5.2 box running puppet 0.25.4, not running inside EC2. Client is a CentOS 5.4 box also running puppet 0.25.4, EC2 instance. Puppet has been installed from yum on both machines, and both are "clean". -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
This looks like http://groups.google.com/group/puppet-users/browse_thread/thread/d31811e3d9f883f4/348e4f48a7fd66e1 to me. On May 6, 2010, at 6:46 AM, Phillip B Oldham wrote:> How can I pre-sign a server which doesn''t yet have a domain pointing > to it? > > I''m trying to get an EC2 "base image" together which is pre-signed > with our master, so I can spin-up as many instances as required. These > instances which will all share the same characteristics and files > (they''re basically dupes), and will all sit behind a load-balancer, so > they''ve all been given the same hostname/fqdn. > > I''ve tried following the steps outlined in a serverfault[1] answer but > I seem to only get the following error: > > # puppetd --fqdn webserver --server puppet.my.org --waitforcert 60 -- > test > err: Could not retrieve catalog from remote server: hostname not match > with the server certificate > warning: Not using cache on failed catalog > err: Could not retrieve catalog; skipping run > > Can anyone point me to, or possibly provide, the steps I need to > follow to (pre-)sign this "image"? > > [1] http://serverfault.com/questions/137292 > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Possibly Parallel Threads
- Puppet & EC2: Attach an EBS volume at boot?
- Re-attaching zpools after machine termination [amazon ebs & ec2]
- Error after signing certificate step
- Puppet Dashboard error.
- err: Signing certificate error: Could not render to pson: getaddrinfo: Name or service not known