GithubHelp home page GithubHelp logo

isabella232 / mcollective-puppetca-agent Goto Github PK

View Code? Open in Web Editor NEW

This project forked from choria-legacy/mcollective-puppetca-agent

0.0 0.0 0.0 15 KB

MCollective Agent to manage the Puppet Certificate Authority

Ruby 75.46% HTML 9.25% Makefile 0.14% PLSQL 15.15%

mcollective-puppetca-agent's Introduction

Puppetca Agent

Deprecation Notice

This repository holds legacy code related to The Marionette Collective project. That project has been deprecated by Puppet Inc and the code donated to the Choria Project.

Please review the Choria Project Website and specifically the MCollective Deprecation Notice for further information and details about the future of the MCollective project.

Overview

The puppetca agent lets you sign, list, revoke, clean and determine the status of certificates on your Puppet Certificate Authorities

Installation

Configuration

There is one plugin configuration setting for the puppetca agent

  • puppetca - The command used to control the ca. Defaults to '/usr/bin/puppet cert'

Example Configuration:

plugin.puppetca.puppetca = /bin/puppet cert

Usage

List

% mco rpc puppetca list
Discovering hosts using the mc method for 2 second(s) .... 1

 * [ ============================================================> ] 1 / 1


puppetca.example.com
   Waiting CSRs: ["host2.example.com", "host3.example.com"]
         Signed: ["host1.example.com", "host4.example.com"]



Finished processing 1 / 1 hosts in 67.85 ms

Sign

% mco rpc puppetca sign certname=host3.example.com
Discovering hosts using the mc method for 2 second(s) .... 1

 * [ ============================================================> ] 1 / 1


puppetca.example.com                             Unknown Request Status
   Already have a certificate for host3.example.com. Not attempting to sign again



Finished processing 1 / 1 hosts in 48.25 ms

Revoke

% mco rpc puppetca revoke certname=host1.example.com
Discovering hosts using the mc method for 2 second(s) .... 1

 * [ ============================================================> ] 1 / 1


puppetca.example.com
   Result: Notice: Revoked certificate with serial 35
           Notice: Removing file Puppet::SSL::Certificate host1.example.com at '/var/lib/puppet/ssl/ca/signed/host1.example.com.pem'
           Notice: Removing file Puppet::SSL::Certificate host1.example.com at '/var/lib/puppet/ssl/certs/host1.example.com.pem'
           Notice: Removing file Puppet::SSL::CertificateRequest host1.example.com at '/var/lib/puppet/ssl/certificate_requests/host1.example.com.pem'
           Notice: Removing file Puppet::SSL::Key host1.example.com at '/var/lib/puppet/ssl/private_keys/host1.example.com.pem'



Finished processing 1 / 1 hosts in 1882.27 ms

Status

% mco rpc puppetca status certname=host2.example.com
Discovering hosts using the mc method for 2 second(s) .... 1

* [ ============================================================> ] 1 / 1


puppetca.example.com
  Result: awaiting signature



Finished processing 1 / 1 hosts in 56.76 ms

Data Plugin

The Puppetca agent also supplies a data plugin which uses the Puppetca agent to check the current status of a certificate. The data plugin will return 'signed', 'waiting' and 'missing', and can be used during discovery or any other place where the MCollective discovery langauge is used.

In this example we lookup all nodes that have a cert "host2.example.com" in a waiting state.

% mco find -S "puppetca('host2.example.com').status=waiting"
puppetca.example.com

mcollective-puppetca-agent's People

Contributors

melissa avatar mikaelsmith avatar ploubser avatar richardc avatar ripienaar avatar stahnma avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.