summaryrefslogtreecommitdiff
path: root/certs/puppet.mdwn
blob: 490341f66bebf5deb9950526f1b7dcb0a8bdf628 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
Puppet: trocando certificados
=============================

Resetando o master
------------------

Conforme [referência](http://blkperl.github.io/replace-puppet-ca.html):

    hydractl puppet-reset-master

Caso seja necessário limpar todos os requests durante testes:

    rm /var/lib/puppetmaster/ssl/ca/requests/*

Reiniciando os agentes
----------------------

Cada agente precisa ter seus certificados criados:

    admin@box$ hydra $HYDRA mass hydractl puppet-reset-agent
    admin@box$ hydra $HYDRA mass hydractl puppet-finger

Colete os fingerprints gerados e confirme com o master:

    root@master$ puppet cert list
    root@master$ puppet cert sign --all

Finalmente,

    admin@box$ hydra $HYDRA mass /etc/init.d/puppet restart