I''m trying to setup a puppetmaster, and I''ve got a couple of questions. The first, is a design question. Since I expect to eventually have multiple puppetmaster servers, I''d like to name this one to be named puppet1.example.com. But I''d like my clients to connect via a cname as puppet.example.com. Is this pretty standard? Is there some more common way? puppetmaster seems to want to create the CA certs as puppet1.example.com. I assume one of the configuration parameters would tell it otherwise. I''m not sure which. From the docs, certdnsnames sounds right, though I don''t know which section of the config file to put it in. thanks seph --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On 4/20/09, seph <seph@directionless.org> wrote:> The first, is a design question. Since I expect to eventually have > multiple puppetmaster servers, I''d like to name this one to be named > puppet1.example.com. But I''d like my clients to connect via a cname as > puppet.example.com. Is this pretty standard? Is there some more common > way?That''s basically how we''re doing it; it works great.> puppetmaster seems to want to create the CA certs as > puppet1.example.com. I assume one of the configuration parameters would > tell it otherwise. I''m not sure which. From the docs, certdnsnames > sounds right, though I don''t know which section of the config file to > put it in.certdnsnames is indeed the config parameter you are looking for. You want to put it in [puppetmasterd] I think. --Paul --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Paul Lathrop <paul@tertiusfamily.net> writes:>> puppetmaster seems to want to create the CA certs as >> puppet1.example.com. I assume one of the configuration parameters would >> tell it otherwise. I''m not sure which. From the docs, certdnsnames >> sounds right, though I don''t know which section of the config file to >> put it in. > > certdnsnames is indeed the config parameter you are looking for. You > want to put it in [puppetmasterd] I think.Hrm, this is what I''d done. Poking a little more, I see that it did create the puppet1.example.com cert that way, though not the ca cert that way. Is there a way to change the CA name as well, or do I have to manually creating the CA for that? seph --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---