- From: "Julian C. Dunn" <
>
- To:
- Subject: [chef] Re: Bootstrapper and validator keys
- Date: Sat, 16 Nov 2013 23:34:31 -0500
On Sat, Nov 16, 2013 at 7:57 PM, Morgan Blackthorne
<
>
wrote:
>
So one thing that I didn't have a chance to ask about during the Summit was
>
regarding the validator keys. I understand what their role is during
>
automated client registration; that part makes perfect sense to me (and is
>
one reason we went with Chef over Puppet for AWS nodes). However, what I
>
don't understand is their role in a workstation setup. I know that it's
>
standard to require the validator config as part of the knife configuration;
>
is that solely for the purpose of supporting knife bootstrap, or is it used
>
for API calls to the Chef server as well?
It is solely used for bootstrapping targets and used for the initial
communication between the target and the Chef server. After the first
run (once the target has its own client key) the validator key is no
longer required.
I'd stick with using the existing "knife bootstrap" procedure for now
and not use the experimental "bootstrapper" yet (unless you want to
work on it & send patches :-) )
- Julian
--
[ Julian C. Dunn
<
>
* Sorry, I'm ]
[ WWW:
http://www.aquezada.com/staff/julian * only Web 1.0 ;]
[
gopher://sdf.org/1/users/keymaker/ * compliant! ;]
[ PGP: 91B3 7A9D 683C 7C16 715F 442C 6065 D533 FDC2 05B9 ]
Archive powered by MHonArc 2.6.16.