Hi, I recently wrote a blog post for absolute beginners with Puppet, hopefully the first in a tutorial series called ''Powering Up With Puppet''. I''d be grateful for some feedback on it, both from beginners (to let me know if it helps them) and from the experts here (to point out my mistakes). http://bitfieldconsulting.com/puppet-tutorial I''m also giving a talk on Puppet at the November LRUG meeting in London ( http://lrug.org/ ) if anyone''s interested in coming along to that - the now-legendary Julian Simpson will also be talking about Puppet, and at the end we''ll fight bare-chested in a cage, or something. Regards, John -- http://bitfieldconsulting.com http://twitter.com/bitfield --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
There doesn''t seem to be any mention of cert signing... On Oct 22, 1:48 pm, John Arundel <j...@bitfieldconsulting.com> wrote:> Hi, > > I recently wrote a blog post for absolute beginners with Puppet, > hopefully the first in a tutorial series called ''Powering Up With > Puppet''. I''d be grateful for some feedback on it, both from beginners > (to let me know if it helps them) and from the experts here (to point > out my mistakes). > > http://bitfieldconsulting.com/puppet-tutorial > > I''m also giving a talk on Puppet at the November LRUG meeting in > London (http://lrug.org/) if anyone''s interested in coming along to > that - the now-legendary Julian Simpson will also be talking about > Puppet, and at the end we''ll fight bare-chested in a cage, or > something. > > Regards, > John > --http://bitfieldconsulting.comhttp://twitter.com/bitfield--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On Thu, Oct 22, 2009 at 9:39 PM, joe <lavaman@gmail.com> wrote:> On Oct 22, 1:48 pm, John Arundel <j...@bitfieldconsulting.com> wrote: >> http://bitfieldconsulting.com/puppet-tutorial > > There doesn''t seem to be any mention of cert signing...That''s all coming up in part 2! In the first article, I wanted to get as quickly as possible to the point where you can get a win with Puppet by controlling something on the box. J -- http://bitfieldconsulting.com http://twitter.com/bitfield --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 John Arundel wrote:> On Thu, Oct 22, 2009 at 9:39 PM, joe <lavaman@gmail.com> wrote: >> On Oct 22, 1:48 pm, John Arundel <j...@bitfieldconsulting.com> wrote: >>> http://bitfieldconsulting.com/puppet-tutorial >> There doesn''t seem to be any mention of cert signing... > > That''s all coming up in part 2! In the first article, I wanted to get > as quickly as possible to the point where you can get a win with > Puppet by controlling something on the box. >But you can''t connect a client to the master without signing a certificate or turning autosign on. Regards James Turnbull - -- Author of: * Pro Linux Systems Administration (http://tinyurl.com/linuxadmin) * Pulling Strings with Puppet (http://tinyurl.com/pupbook) * Pro Nagios 2.0 (http://tinyurl.com/pronagios) * Hardening Linux (http://tinyurl.com/hardeninglinux) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSuIYMSFa/lDkFHAyAQJVtwgAxfQ30Eu4kboSpgI2WPSGoxiDNjEcyCy5 Okq9Rcm6JJn5Xmr8SEi89hXwZztufDzsc3K+O4U1rTwJufDW1Eg71v5wp3qLm6bn npQKP3tgHVOkguZ80DycixdipKIlB1AApbFRFnTCEPutZkvLf1BBdPSs1BJekOLb Mxe3pQWMptu927J1vryABQXZmPsYS24ciBp6QeA07WQuqoRb8KJh7jT/C6iN38FV bo2EIl6KyDiIT2LlNyV2tuCgddas5WmVbK+j5ne7KX2dUPBKEUrvIgGkuNwSPtty mGMdLb1jjOH+JJ/uHlm8tUUfohwT4jhbK8D14M7rXDDpc9Td5qtBeQ==SG2T -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
Hi, James Turnbull wrote:> But you can''t connect a client to the master without signing a > certificate or turning autosign on.You can if the client is question is the master itself: it signs it''s own certificates automatically, so puppet on the master will auto-connect without requiring a manual puppetca --sign. Which is what the tutorial does, btw. Which is confusing, because when the user starts to learn on their own beyond your tutorial, the very first thing they''re going to try and do is start another client machine and BOOM! Something different will happen. So, I also suggest that even on your intro tutorial, you discuss the certificates so that people can go off and play on their own. cYa, Avi --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On 23 Oct 2009, at 21:55, James Turnbull <james@lovedthanlost.net> wrote:> But you can''t connect a client to the master without signing a > certificate or turning autosign on.Hmm, maybe I made a mistake. I thought you didn''t have to do this when the server was running on the local machine. I don''t remember signing a cert while I was running through the process for the tutorial! J --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 John Arundel wrote:> On 23 Oct 2009, at 21:55, James Turnbull <james@lovedthanlost.net> > wrote: > >> But you can''t connect a client to the master without signing a >> certificate or turning autosign on. > > Hmm, maybe I made a mistake. I thought you didn''t have to do this when > the server was running on the local machine. I don''t remember signing > a cert while I was running through the process for the tutorial! >Sorry - I should have been clearer as Avi was in his email - any clients (i.e. beyond the client working on the master itself) require signing. Regards James Turnbull - -- Author of: * Pro Linux Systems Administration (http://tinyurl.com/linuxadmin) * Pulling Strings with Puppet (http://tinyurl.com/pupbook) * Pro Nagios 2.0 (http://tinyurl.com/pronagios) * Hardening Linux (http://tinyurl.com/hardeninglinux) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBSuJR0iFa/lDkFHAyAQKgZgf/R2yIrhfxPcW1ijo4RMNQJg4ocotcwIyD VSr7LOGo4BrjoiNfHYVOsFZ86HkCNMN3EPgfv2wxwiwvuuP3MrRrEdOWMJsjP2Zv Hp7pCrSseHJv1Q+ikOM/f/KTt36/o5dPSlQw96VgiNtJO5UPWTOahAsUreTwn9IX HM7m5W/2jSOwAnLNnDOm9SNQHihLDgSQlmB91KpBgjmhKIT5CU9KiBZ3lJLcwS8Q Qtqu0RB15LnlsgrmAcRRAb3YAM/VX+DmcLyhGboIfLQkuUuxKQZoqMdBK+d8xlml XJLwdXl/oEx87+NP6GKZJHI25/ZHDm9kKOG6JQWwkJDTZKfrdsvltQ==PZUf -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---