Ask Your Question
0

Manage 1 certificate for all Puppet Nodes

asked 2015-09-16 10:14:38 -0500

louis gravatar image

We are using PE 2015.2 in a Masterless Configuration and we would like to manage 1 generic certificate per all our puppet nodes regardless of the platform.

We followed these steps but it seems that Windows tries to re-generate the certificate:

  1. Create a certificate on the Puppet Master server : puppet cert generate puppet-node.mycompany.com
  2. Copy the /certs /private_keys folder to the windows : C:\ProgramData\Puppet\ssl directory

Seems like windows tries to regenerate a new certificate.

Any help will be appreciated.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
1

answered 2015-09-16 11:23:01 -0500

GregLarkin gravatar image

updated 2015-09-16 15:06:54 -0500

Are you running in a masterless configuration or master/agent configuration? You said masterless, but then you mentioned a Puppet master and certificates.

If you are running masterless, you don't need either for the system to function. You do need to make your Puppet code available to every node, and then invoke "puppet apply" on each one, typically through cron or a Windows scheduled task.

If I've misread your question, please let me know.

UPDATE: As far as I can tell, you should be able to set up an SSL proxy to PuppetDB and route all of your puppet apply report submissions through it: https://docs.puppetlabs.com/puppetdb/latest/connectpuppetapply.html#option-a-set-up-an-ssl-proxy-for-puppetdb I have not set this up before, though, so YMMV.

edit flag offensive delete link more

Comments

My mistake. It's a masterless configuration (no puppet agent -t) but we are using puppetdb as our target server for reporting and get the dashboard reports on the PE console. We want to be able to get rid of certificate management completely.

louis gravatar imagelouis ( 2015-09-16 12:03:41 -0500 )edit

Seems like this what I was looking for. thanks!

louis gravatar imagelouis ( 2015-09-16 19:41:21 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2015-09-16 10:14:38 -0500

Seen: 149 times

Last updated: Sep 16 '15