Puppet
From Wikitech
(Difference between revisions)
(todo) |
|||
| Line 13: | Line 13: | ||
MD5 is broken, use SHA1 for signing certificates: | MD5 is broken, use SHA1 for signing certificates: | ||
ca_md=sha1 | ca_md=sha1 | ||
| + | |||
| + | == Todo == | ||
| + | * More secure certificate signing | ||
| + | * Better, more automated version control | ||
| + | * Better tools for adding/maintaining node definitions | ||
Revision as of 13:24, 30 May 2009
puppet is the main configuration management tool to be used on the Wikimedia clusters.
Contents |
Puppetmaster
The puppetmaster server in pmtpa is sockpuppet.pmtpa.wmnet.
Installation
Simply use the (backported) puppetmaster Ubuntu package:
# apt-get install puppetmaster
Configuration
The default configuration is very usable, but we've made some tweaks here and there.
MD5 is broken, use SHA1 for signing certificates:
ca_md=sha1
Todo
- More secure certificate signing
- Better, more automated version control
- Better tools for adding/maintaining node definitions
