Netzwerk:Admin

Aus Hochschule Darmstadt - Fachschaft Informatik Wiki
Wechseln zu: Navigation, Suche

Inhaltsverzeichnis

[Bearbeiten] Administration

[Bearbeiten] puppetmaster

[Bearbeiten] Info

Aufgabe: zentrales verteilen von configs und Dateien. Nicht verwechseln mit admin.fbihome.de Entry: puppet.fbihome.de (==stud0-admin.backbone)

[Bearbeiten] add new server

On the client:

aptitude install puppet
sed -i /etc/default/puppet -e 's/^START=.*/START=yes/g'
echo "server=puppet.fbihome.de" >> /etc/puppet/puppet.conf
puppetd --waitforcert 60 --verbose --no-daemonize


On the server (while the clients waits):

puppetca -s XXX.fbihome.de

[Bearbeiten] Installation

aptitude install puppetmaster vim-puppet

[Bearbeiten] puppetmaster

# delete any existing SSL keys/certs
find /var/lib/puppet/ssl -type f -print0 |xargs -0r rm
# generate server certificate with alternative name (puppet.fbihome.de)
puppetca --generate --certdnsnames admin.fbihome.de:puppet.fbihome.de admin.fbihome.de
  • /etc/puppet/fileserver.conf
    • allow only server subnets
  • custom functions
    • /usr/lib/ruby/1.8/puppet/parser/functions/slash_escape.rb

[Bearbeiten] reinstall

[Bearbeiten] puppetmaster
  • stop server
  • delete all *.pem on /var/puppet/ssl
  • aptitude reinstall puppetmaster
  • set serial to 0000
  • puppetmasterd --certname puppet.fbihome.de
  • start server
  • (do signing for each puppet request after puppet did first connect)
[Bearbeiten] puppet agents
  • stop agent
  • delete all *.pem on /var/puppet/ssl
  • do the same like installing a new one
  • start agent
Meine Werkzeuge