canmove, Confirmed users
1,394
edits
ReleaseEngineering/PuppetAgain/HowTo/Bootstrap a Puppetmaster: Difference between revisions
ReleaseEngineering/PuppetAgain/HowTo/Bootstrap a Puppetmaster (view source)
Revision as of 17:20, 15 January 2014
, 15 January 2014→Subsequent Masters
No edit summary |
|||
| Line 17: | Line 17: | ||
* Synchronize /data from an existing master to the new master. | * Synchronize /data from an existing master to the new master. | ||
* Add a node definition for the new master and install it. Do not add the new master to the org config yet. Puppet will eventually fail with complaints about synchronizing git and secrets with the distinguished master. The trick here | * Add a node definition for the new master and install it. Do not add the new master to the org config yet. Puppet will eventually fail with complaints about synchronizing git and secrets with the distinguished master. The trick here is to temporarily add the new master's fqdn to ~puppetsync/.ssh/authorized_keys (you may need to repeat this if puppet runs on the DM and reverts your changes) and | ||
** run the failing secrets crontask | ** run the failing secrets crontask | ||
** run puppet - it will fail with a message about the master CA cert. | ** run puppet - it will fail with a message about the master CA cert. | ||