[Labs-l] [Labs-announce] role::puppet::self, dns and cert changes
Filippo Giunchedi
fgiunchedi at wikimedia.org
Tue Jun 2 16:54:33 UTC 2015
On Tue, Jun 2, 2015 at 9:49 AM, Andrew Bogott <abogott at wikimedia.org> wrote:
> On 6/2/15 11:39 AM, Filippo Giunchedi wrote:
>
> hey Andrew,
> thanks for the designate/dns work on labs! looks like very tricky to
> coordinate everyone :|
>
> On Tue, Jun 2, 2015 at 9:15 AM, Andrew Bogott <abogott at wikimedia.org>
> wrote:
>
>> 2. If your $puppetmaster setting is a fqdn, change it to a simple
>> instance name. For example, you would change
>> 'project-puppetmaster.eqiad.wmflabs' to 'project-puppetmaster'. The two
>> are currently equivalent in puppet anyway, so the change should be a no-op.
>>
>
> I think this should be auditable from ldap since the puppet variables
> come from there (?)
>
> Yes, I'm planning to go through ldap and make changes before I merge the
> enforcement patch. I believe that hiera overrides ldap, though, for those
> projects that use it. So, self-serve is best; project admins are the ones
> who know how things are set up.
>
true! didn't think of hiera so yeah that's easier
thanks!
filippo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.wikimedia.org/pipermail/labs-l/attachments/20150602/d10c9fa8/attachment.html>
More information about the Labs-l
mailing list