{"id":15,"date":"2007-05-06T12:25:27","date_gmt":"2007-05-06T18:25:27","guid":{"rendered":"http:\/\/blogs.cae.tntech.edu\/mwr\/2007\/05\/06\/the-gold-server\/"},"modified":"2024-10-27T14:26:20","modified_gmt":"2024-10-27T14:26:20","slug":"the-gold-server","status":"publish","type":"post","link":"https:\/\/sites.tntech.edu\/renfro\/2007\/05\/06\/the-gold-server\/","title":{"rendered":"The Gold Server"},"content":{"rendered":"<p>In infrastructures.org terminology, the <a href=\"http:\/\/www.infrastructures.org\/bootstrap\/gold.shtml\">gold server<\/a> is the one location that all clients check in with to see if they need to make any configuration changes. No changes needed? No changes made. No gold server available right now? No changes made, check back later. In theory, this should be a pretty simple server to provision. Do a base OS installation, then enable the configuration management daemons, and let everything else grow from there.<\/p>\n<p>Our gold server is a Xen instance with 128 MB memory and 10 GB disk running Debian 4.0. Top-level packages installed include puppet, puppetmaster, cfengine2, subversion, and xemacs21. The subversion repository for the gold server has \/etc\/cfengine and \/etc\/puppet as its top-level folders:<\/p>\n<p><a href=\"http:\/\/sites.tntech.edu\/renfro\/wp-content\/uploads\/sites\/111\/2007\/05\/repository-top.jpg\" title=\"repository-top.jpg\"><img decoding=\"async\" src=\"http:\/\/sites.tntech.edu\/renfro\/wp-content\/uploads\/sites\/111\/2007\/05\/repository-top.jpg\" alt=\"repository-top.jpg\" \/><\/a><\/p>\n<p><a href=\"http:\/\/www.reductivelabs.com\/trac\/puppet\/wiki\/SimplestPuppetInstallRecipe\">Puppet&#8217;s getting started docs<\/a> work pretty well here. One thing to keep in mind with the Debian and Ubuntu puppet packages is that they have the <code>--waitforcert<\/code> value set to 0, so they&#8217;ll immediately exit after sending their key to the gold server. <strike>Once you sign their key on the gold server, puppet will work fine after a <code>\/etc\/init.d\/puppet<\/code> start, but this gets in the way of unattended installation. I&#8217;ll probably end up putting <code>waitforcert<\/code> back to its default of 120 seconds when I get back to the bootstrapping procedure.<\/strike> I&#8217;ve made a \/etc\/default\/puppet file that contains <code>DAEMON_OPTS=\"--server REDACTED --factsync\"<\/code> to return waitforcert back to the default, to bring down new facter facts, and to tell puppet where the master server is. That puppet file gets copied during the boostrap procedure, similarly to the cfengine update.conf. Earlier, I had incorrectly assumed that the waitforcert value would cause puppet to hang, but it just backgrounds itself and waits on the certificate to be signed.<\/p>\n<p>As for cfengine setup, I defer to the articles at <a href=\"http:\/\/www.debian-administration.org\/tag\/cfengine\">debian-administration.org<\/a>, as I don&#8217;t have much to add at this time.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In infrastructures.org terminology, the gold server is the one location that all clients check in with to see if they need to make any configuration changes. No changes needed? No changes made. No gold server available right now? No changes made, check back later. In theory, this should be a pretty simple server to provision. &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/sites.tntech.edu\/renfro\/2007\/05\/06\/the-gold-server\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;The Gold Server&#8221;<\/span><\/a><\/p>\n","protected":false},"author":87,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,7,16],"tags":[],"class_list":["post-15","post","type-post","status-publish","format-standard","hentry","category-cfengine","category-infrastructures","category-puppet","entry"],"_links":{"self":[{"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/posts\/15","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/users\/87"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/comments?post=15"}],"version-history":[{"count":1,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/posts\/15\/revisions"}],"predecessor-version":[{"id":505,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/posts\/15\/revisions\/505"}],"wp:attachment":[{"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/media?parent=15"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/categories?post=15"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/tags?post=15"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}