Hi Team,
first of all - this is my first topic. Please be kind…
The Problem: I have to add two new clients in a foreman-puppet-provisioning setup due to substitution without handing over.
Normally I ran the installation for the puppet client, then my administrator had accept something on foreman interface with certificates. Now I get: “no certificate found and waitforcert disabled” on my puppet client. What’s the normal workflow, create the host in the foreman interface - or does it automatically appear in the “All Hosts” area? There are more hosts in my network. I did clone them - installed puppet client and same issue - what do I have to do for ??accepting?? the ssl certificate created on my client?
btw. i have full admin control for foreman and clients.
Not sure if I understood your problem correctly, but let me try to clarify.
I would say you have two possible workflows:
Host provisioned by Foreman including Puppet
During Host provisioning Foreman will create an autosign entry in Puppet, install and configure the agent, run it the first time and delete the autosign entry when a Puppet environment, Puppet Master and CA is assigned. So no manual step would be required.
Host is provisioned in a different way and Puppet is installed and configured manually
Puppet agent will ask for a certificate during the first run and you can sign the certificate request in the Foreman UI (via Infrastructure > Smart Proxy) and then Puppet will get the certificate in the next run and send a report to Foreman which will create the host.
I think you can make your life easier when you get the first workflow up and running.
Hi Dirk,
thanks for the reply!
First of all, the word “Smart Proxy” saved me the day. On system nr.1 the provisioning worked without any problems, system nr.2 is not linked yet. I try to recover windows and try it again as the same procedure as I did with system nr. 1. I will come back and report if it’s done.
