[chef] Bootstrapper and validator keys

[Morgan Blackthorne < >]

So one thing that I didn't have a chance to ask about during the Summit was regarding the validator keys. I understand what their role is during automated client registration; that part makes perfect sense to me (and is one reason we went with Chef over Puppet for AWS nodes). However, what I don't understand is their role in a workstation setup. I know that it's standard to require the validator config as part of the knife configuration; is that solely for the purpose of supporting knife bootstrap, or is it used for API calls to the Chef server as well?

This came up because I was looking at bootstrapper, and that was one of the selling points of the project, that it allowed you to bootstrap nodes without dealing with the anonymous validator key, which down the line will lead to better auditing to see who bootstrapped a node, etc.

Also regarding bootstrapper, I had tried it earlier and even though I set the node name using "--node-name=blah.tld", the client and node that were created were listed based on the date instead of the node name. It also doesn't seem to support bootstrap proxies, unless that support is solely done through creating a definition file? Ideally this is the tool I would use, but I wasn't able to get it to function as intended and went back to using knife bootstrap the other day.

--

~*~ StormeRider ~*~

"Every world needs its heroes [...] They inspire us to be better than we are. And they protect from the darkness that's just around the corner."

(from Smallville Season 6x1: "Zod")

On why I hate the phrase "that's so lame"... http://bit.ly/Ps3uSS