I've just installed a new puppet master with the latest puppet and foreman,
etc… using the foreman_installer. The install and config all went well.
One difference I'm noticing between the old foreman (0.4.2) and the new one
(1.2.1) is that new hosts are showing up in the foreman with their host
identifier being their fqdn, whereas in the old one they showed up with
their certname.
Since I prefer to have them show up with their certname is there anyway I
can configure (or patch) the foreman to have this behavior?
Note: I noticed that I can 'edit' the hosts after the fact and change their
name to be equivalent to their certname, that will stick on subsequent
puppet runs. But I'd prefer to not have to edit all of my hosts after their
first puppet run.
We're not using the foreman's provisioning capabilities. The puppet agents
just run and register themselves with the foreman.
Thanks,
···
--
Romeo
How? Are you able to match the certname = parameter w/the hostname b/f
the puppet agent registers w/The Foreman for the first time?
···
On Tuesday, August 13, 2013 8:52:11 PM UTC-5, Romeo Theriault wrote:
>
> ... The puppet agents just run and register themselves with the foreman.
>
>
I am setting the certname in the puppet.conf file before it registers with
the Foreman but the foreman was still was using the fqdn as the hosts
"Name".
I found that patching '/usr/share/foreman/app/models/host/managed.rb' with
this diff:
$ diff managed.rb managed.orig
348c348
< name = facts.values["clientcert"].downcase
···
On Tue, Aug 13, 2013 at 4:50 PM, Pablo Carranza wrote:
On Tuesday, August 13, 2013 8:52:11 PM UTC-5, Romeo Theriault wrote:
… The puppet agents just run and register themselves with the foreman.
How? Are you able to match the certname = parameter w/the hostname b/f
the puppet agent registers w/The Foreman for the first time?
name = facts.values["fqdn"].downcase
352c352
< name = facts[“clientcert”].downcase
name = facts["fqdn"].downcase
makes the clients register with Foreman using the clientcert instead of the
fqdn. Which is what I want.
It would be nice to make this a configureable item though. Would a feature
request with this request be accepted?
Thanks
–
You received this message because you are subscribed to the Google Groups
“Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/groups/opt_out.
–
Romeo
It's by design, but yes, I think it's reasonable to have it
configurable. Related to this but not the same, there's a patch under
review currently to fall back to the certname if the fqdn is missing:
https://github.com/theforeman/foreman/pull/836
You could add a new setting (app/models/setting/*) and check its value here.
···
On 14/08/13 22:26, Romeo Theriault wrote:
> On Tue, Aug 13, 2013 at 4:50 PM, Pablo Carranza > wrote:
>
>
>
> On Tuesday, August 13, 2013 8:52:11 PM UTC-5, Romeo Theriault wrote:
>
> ... The puppet agents just run and register themselves with the
> foreman.
>
>
> How? Are you able to match the *certname =* parameter w/the hostname
> b/f the puppet agent registers w/The Foreman for the first time?
>
>
> I am setting the certname in the puppet.conf file before it registers
> with the Foreman but the foreman was still was using the fqdn as the
> hosts "Name".
>
> I found that patching '/usr/share/foreman/app/models/host/managed.rb'
> with this diff:
>
> $ diff managed.rb managed.orig
> 348c348
> < name = facts.values["clientcert"].downcase
> ---
>> name = facts.values["fqdn"].downcase
> 352c352
> < name = facts["clientcert"].downcase
> ---
>> name = facts["fqdn"].downcase
>
> makes the clients register with Foreman using the clientcert instead of
> the fqdn. Which is what I want.
>
> It would be nice to make this a configureable item though. Would a
> feature request with this request be accepted?
–
Dominic Cleal
Red Hat Engineering
How would you set the certname as the identity in version 1.6?
···
On Wednesday, August 14, 2013 3:26:34 PM UTC-6, Romeo Theriault wrote:
>
> On Tue, Aug 13, 2013 at 4:50 PM, Pablo Carranza > wrote:
>
>>
>>
>> On Tuesday, August 13, 2013 8:52:11 PM UTC-5, Romeo Theriault wrote:
>>>
>>> ... The puppet agents just run and register themselves with the foreman.
>>>
>>>
>> How? Are you able to match the *certname =* parameter w/the hostname b/f
>> the puppet agent registers w/The Foreman for the first time?
>>
>
> I am setting the certname in the puppet.conf file before it registers with
> the Foreman but the foreman was still was using the fqdn as the hosts
> "Name".
>
> I found that patching '/usr/share/foreman/app/models/host/managed.rb' with
> this diff:
>
> $ diff managed.rb managed.orig
> 348c348
> < name = facts.values["clientcert"].downcase
> ---
> > name = facts.values["fqdn"].downcase
> 352c352
> < name = facts["clientcert"].downcase
> ---
> > name = facts["fqdn"].downcase
>
> makes the clients register with Foreman using the clientcert instead of
> the fqdn. Which is what I want.
>
> It would be nice to make this a configureable item though. Would a feature
> request with this request be accepted?
>
> Thanks
>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Foreman users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to foreman-user...@googlegroups.com .
>> To post to this group, send email to forema...@googlegroups.com
>> .
>> Visit this group at http://groups.google.com/group/foreman-users.
>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>>
>>
>
>
>
> --
> Romeo
>
Why is this by design when Puppet and the Puppet Dashboard strictly use the
CN (certname) for identity?
Did this ever get added as a feature, or was there even a feature request
for it?
···
On Thursday, August 15, 2013 3:09:15 AM UTC-4, Dominic Cleal wrote:
>
> On 14/08/13 22:26, Romeo Theriault wrote:
> > On Tue, Aug 13, 2013 at 4:50 PM, Pablo Carranza > > <mailto:pa...@vdevices.com >> wrote:
> >
> >
> >
> > On Tuesday, August 13, 2013 8:52:11 PM UTC-5, Romeo Theriault wrote:
> >
> > ... The puppet agents just run and register themselves with the
> > foreman.
> >
> >
> > How? Are you able to match the *certname =* parameter w/the hostname
> > b/f the puppet agent registers w/The Foreman for the first time?
> >
> >
> > I am setting the certname in the puppet.conf file before it registers
> > with the Foreman but the foreman was still was using the fqdn as the
> > hosts "Name".
> >
> > I found that patching '/usr/share/foreman/app/models/host/managed.rb'
> > with this diff:
> >
> > $ diff managed.rb managed.orig
> > 348c348
> > < name = facts.values["clientcert"].downcase
> > ---
> >> name = facts.values["fqdn"].downcase
> > 352c352
> > < name = facts["clientcert"].downcase
> > ---
> >> name = facts["fqdn"].downcase
> >
> > makes the clients register with Foreman using the clientcert instead of
> > the fqdn. Which is what I want.
> >
> > It would be nice to make this a configureable item though. Would a
> > feature request with this request be accepted?
>
> It's by design, but yes, I think it's reasonable to have it
> configurable. Related to this but not the same, there's a patch under
> review currently to fall back to the certname if the fqdn is missing:
>
> https://github.com/theforeman/foreman/pull/836
>
> You could add a new setting (app/models/setting/*) and check its value
> here.
>
> --
> Dominic Cleal
> Red Hat Engineering
>