ReleaseEngineering/PuppetAgain/Modules/puppetmaster: Difference between revisions

Jump to navigation Jump to search

ReleaseEngineering/PuppetAgain/Modules/puppetmaster (view source)

Revision as of 17:43, 4 January 2013

999 bytes removed ,  4 January 2013
no edit summary
No edit summary
No edit summary
Line 2: Line 2:


= Installation =
= Installation =
This procedure has been tested on freshly onstalled CentOS 6.2 hosts with "Base" yum group installed.
See [[ReleaseEngineering/PuppetAgain/HowTo/Set up a standalone puppetmaster]]
* Install <tt>puppet</tt> and <tt>mercurial</tt> packages from releng repo (link to how set it up?)
* Generate puppet master certificates using CA scripts (see below) and copy them.
* Clone puppetagain repo to <tt>/etc/puppet/production</tt>
hg clone http://hg.mozilla.org/build/puppet /etc/puppet/production
* Copy <tt>secrets.csv</tt> and <tt>local-config.csv</tt> files to <tt>/etc/puppet/production/manifests/extlookup/</tt>
* Run <tt>/etc/puppet/production/setup/masterize.sh</tt> to bootstrap the master
 
= Updates =
Masters update themselves by <tt>puppet::periodic</tt> ([[ReleaseEngineering/PuppetAgain/Modules/puppet]]).
 
= Certificate management =
See http://hg.mozilla.org/build/puppet/file/tip/setup/ca-scripts/README
 
= CRL sync =
To keep the list of revoced certificates (CRL) up to date, masters fetch the CRL from CA by a [http://hg.mozilla.org/build/puppet/file/tip/modules/puppetmaster/templates/update_crl.sh.erb cron job] and gracefuly restart apache.
Djmitche
canmove, Confirmed users
1,394

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/496542"

Navigation menu