diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2015-03-20 11:14:02 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2015-03-20 11:14:02 -0300 |
| commit | 26bca9756744798496788b7adce229a7b21b9d4e (patch) | |
| tree | 42725dfd5bf5522cf1e99303a0a2fae834116b5d /certs | |
| parent | fa01b25cac0cbd86375c2204707d5c46b023de4d (diff) | |
| download | padrao-26bca9756744798496788b7adce229a7b21b9d4e.tar.gz padrao-26bca9756744798496788b7adce229a7b21b9d4e.tar.bz2 | |
Puppet certs / Cryptocalypse
Diffstat (limited to 'certs')
| -rw-r--r-- | certs/puppet.mdwn | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/certs/puppet.mdwn b/certs/puppet.mdwn new file mode 100644 index 0000000..490341f --- /dev/null +++ b/certs/puppet.mdwn @@ -0,0 +1,30 @@ +Puppet: trocando certificados +============================= + +Resetando o master +------------------ + +Conforme [referência](http://blkperl.github.io/replace-puppet-ca.html): + + hydractl puppet-reset-master + +Caso seja necessário limpar todos os requests durante testes: + + rm /var/lib/puppetmaster/ssl/ca/requests/* + +Reiniciando os agentes +---------------------- + +Cada agente precisa ter seus certificados criados: + + admin@box$ hydra $HYDRA mass hydractl puppet-reset-agent + admin@box$ hydra $HYDRA mass hydractl puppet-finger + +Colete os fingerprints gerados e confirme com o master: + + root@master$ puppet cert list + root@master$ puppet cert sign --all + +Finalmente, + + admin@box$ hydra $HYDRA mass /etc/init.d/puppet restart |