- From: "Scott M. Likens" <
>
- To:
- Subject: [[chef-dev]] Re: [[chef-dev]] validation.pem on each and every client?
- Date: Mon, 22 Feb 2010 14:54:07 -0800
On 2/22/10 2:30 PM, Scott M. Likens wrote:
>
Hey,
>
>
I made the ticket http://tickets.opscode.com/browse/COOK-258 regarding
>
validation.pem, and the regular bootstrap.
>
>
I was looking at
>
http://github.com/jtimberman/cookbooks/blob/08alpha_bootstrap/bootstrap/templates/default/client.rb.erb
>
and felt the 'hack' that I had put into http://likens.us/client.rb
>
should be included,
>
>
specifically
>
>
if File.exists?("/etc/chef/validation.pem")
>
validation_key "/etc/chef/validation.pem"
>
end
>
>
Because my concern is basically that I don't want to have the ship the
>
validation.pem to each server; I like the ability to ship either
>
client.pem or validation.pem and let the client do the work... however
>
without that in client.rb chef-client will spew that it can't find the
>
key... even on a registered node that fully works!
>
>
So ... any comments? votes? am I wrong?
>
>
Thanks,
>
>
Scott M. Likens
>
>
!DSPAM:4b83057621843136519882!
>
>
>
FYI,
jtimberman does have a recipe that's not commit-ed I believe for the
deletion of this file after client.pem exists...
Archive powered by MHonArc 2.6.16.