ReleaseEngineering/PuppetAgain/HowTo/Remove a Puppetmaster: Difference between revisions

Jump to navigation Jump to search

ReleaseEngineering/PuppetAgain/HowTo/Remove a Puppetmaster (view source)

Revision as of 14:04, 14 July 2014

3 bytes added ,  14 July 2014
no edit summary
No edit summary
No edit summary
Line 7: Line 7:
** look for in-use hosts under /var/lib/puppetmaster/ssl/git/agent-certs/$master
** look for in-use hosts under /var/lib/puppetmaster/ssl/git/agent-certs/$master
** on each such host, run PUPPET_SERVER=$some_other_master ./puppetize.sh
** on each such host, run PUPPET_SERVER=$some_other_master ./puppetize.sh
** you can verify the issuing master with {{{openssl x509 -in /var/lib/puppet/ssl/certs/$(facter fqdn).pem -noout -text | grep Issuer}}}
** you can verify the issuing master with <tt>openssl x509 -in /var/lib/puppet/ssl/certs/$(facter fqdn).pem -noout -text | grep Issuer</tt>
* shut down the master
* shut down the master
* revoke the server's CA certificate with the root certificate and re-generate the root CRL
* revoke the server's CA certificate with the root certificate and re-generate the root CRL
Djmitche
canmove, Confirmed users
1,394

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/996621"

Navigation menu