... | ... | @@ -895,7 +895,7 @@ Revocation procedures problems were discussed in [33587][] and [33446][]. |
|
|
find /var/lib/puppet/ssl -name host.torproject.org.pem -delete
|
|
|
|
|
|
3. Then run the bootstrap script on the client from
|
|
|
`tsa-misc/installer/puppet-bootstrap-client ` and get a new checksum
|
|
|
`tsa-misc/installer/puppet-bootstrap-client` and get a new checksum
|
|
|
|
|
|
4. Run `tpa-puppet-sign-client` on the master and pass the checksum
|
|
|
|
... | ... | @@ -903,7 +903,7 @@ Revocation procedures problems were discussed in [33587][] and [33446][]. |
|
|
|
|
|
## Pager playbook
|
|
|
|
|
|
### catalog run: PuppetDB warning: did not update since...
|
|
|
### catalog run: PuppetDB warning: did not update since \[...\]
|
|
|
|
|
|
If you see an error like:
|
|
|
|
... | ... | @@ -935,7 +935,7 @@ commit. Reverting such a commit is acceptable to restore the service. |
|
|
The second situation can happen if a node is in maintenance for an
|
|
|
extended duration. Normally, the node will recover when it goes back
|
|
|
online. If a node is to be permanently retired, it should be removed
|
|
|
from Puppet, using the [host retirement procedures][retire-a-host].
|
|
|
from Puppet, using the [host retirement procedures](howto/retire-a-host).
|
|
|
|
|
|
Finally, if the main Puppet **server** is down, it should definitely
|
|
|
be brought back up. See disaster recovery, below.
|
... | ... | @@ -1212,7 +1212,6 @@ currently use Hiera. |
|
|
|
|
|
[Hiera]: https://puppet.com/docs/hiera/
|
|
|
|
|
|
|
|
|
#### Classes definitions
|
|
|
|
|
|
Each host declares which class it should include through a `classes`
|
... | ... | |