1
edit
Changes
→Approach
Before actually putting Func into action on production systems within CDOT I set up a test environment using my current VMWare ESXi infrastructure at home, creating a small 3-system environment with Fedora 13 and core packages. After installing and configuring a traditional func environment, understanding its operation and components to look at when troubleshooting, I could mirror this installation in the ARM build farm and troubleshoot any issues that would arise.
Func consists of two parts. Certmaster, which is the mechanism for implementing the PKI encrypted communication between master and minion. The second part of the install is the func command and API system. The install on my little test infrastructure was fairly straightforward in nature.
On all machines involved we need to install the func package, (works on FC7 and above, NOARCH). Since we know CDOT has host files established for our environment with only 3 machines we simply add the machines to the /etc/hosts file. the three machines are names, certmaster, certminion1 and certminion2 respectively.
On the typical VMware environment the minion config file (/etc/certmaster/minion.conf looks like this
[main]
certmaster = certmaster
log_level = DEBUG
cert_dir = /etc/pki/certmaster
However; we had to make slight modifications for our deployment on ARM
[SEE PICTURE]