feat: puppet::client multiple altnames
- puppet clients can not request multiple dns alt_names - set puppetdbapi hosts to request multiple certificates
This commit is contained in:
@@ -93,6 +93,9 @@ lookup_options:
|
||||
profiles::puppet::server::dns_alt_names:
|
||||
merge:
|
||||
strategy: deep
|
||||
profiles::puppet::client::dns_alt_names:
|
||||
merge:
|
||||
strategy: deep
|
||||
profiles::base::hosts::additional_hosts:
|
||||
merge:
|
||||
strategy: deep
|
||||
@@ -199,6 +202,8 @@ profiles::puppet::client::runinterval: 1800
|
||||
profiles::puppet::client::runtimeout: 3600
|
||||
profiles::puppet::client::show_diff: true
|
||||
profiles::puppet::client::usecacheonfailure: false
|
||||
profiles::puppet::client::dns_alt_names:
|
||||
- "%{trusted.certname}"
|
||||
|
||||
# puppetdb
|
||||
puppetdbapi: prodinf01n04.main.unkin.net
|
||||
|
||||
@@ -4,6 +4,11 @@ profiles::puppet::puppetdb_api::java_args:
|
||||
'-Xmx': '2048m'
|
||||
'-Xms': '256m'
|
||||
|
||||
profiles::puppet::client::dns_alt_names:
|
||||
- puppetdbapi.main.unkin.net
|
||||
- puppetdbapi.service.consul
|
||||
- puppetdbapi.query.consul
|
||||
|
||||
# additional altnames
|
||||
profiles::pki::vault::alt_names:
|
||||
- puppetdbapi.main.unkin.net
|
||||
|
||||
Reference in New Issue
Block a user