Project

General

Profile

Feature #137

Better support for non-hostname certnames.

Added by Nigel Kersten almost 9 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Puppet integration
Target version:
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

This is a rather general feature request, as I'm unsure what the actual implementation would or should look like.

We manage a lot of laptops with Puppet, laptops that are continually changing hostnames and IP addresses.
This means that we do not use the hostname as the puppet certname, we instead generate UUIDs that look something like "ecd62621-dc65-4f2e-a6ed-81037e73c0af".
This means that web interfaces such as the Foreman are a little difficult to use to find actual machines....

I'm not sure what the solution is here, but a few things I can think of:

  • Allow "search" to search on arbitrary fact values and puppet variables. hostname, IP, custom facts we have such as "primary_user".
  • Allow the host display to be customized easily to display additional fields such as the ones above.

Associated revisions

Revision 370a7ac7 (diff)
Added by Ohad Levy over 6 years ago

fixes #137 - Better support for non-hostname certnames

This patch introduce a new setting :use_uuid_for_certificates which
defaults to false.

users who wish to deploy their hosts using a random unique id, should
enable that setting, and use the certname directive in their puppet.conf
template, e.g.:
certname = <%= @host.certname %>

when the certname was not generated (e.g. for hosts created before this
patch) @host.certname would return the host name instead.

for provisioning where DNS is not reliable, it is highly recommended to
use certnames.

this patch enables future work, to identify systems (while being
provisioned) via UUID, not requiring the need for ipaddress/mac based
detection, and therefore avoiding NAT and similar issues.

Revision 9825d9a6 (diff)
Added by Ohad Levy over 6 years ago

Find by certname didnt always work on all platforms from some reason, this ensures it works across all db's refs #137

History

#1 Updated by Ohad Levy almost 9 years ago

I'm guessing we can display the fqdn fact instead? (or if fqdn==certname) than just hostname+domainname instead.

You can already search by facts, but the whole web representation need a face lift :) I'll start reworking on it next year.

#3 Updated by Ohad Levy over 6 years ago

  • Category set to Puppet integration
  • Assignee set to Ohad Levy
  • Target version set to 1.0

#4 Updated by Ohad Levy over 6 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF