[Linux-cluster] Problem with automating ricci & ccs

Jakov Sosic jsosic at srce.hr
Mon Jan 14 01:47:56 UTC 2013


I'm using CentOS 6, and have a problem with ccs & ricci.

At first use, ccs asks for password for each node. After that, ~/.ccs is 
generated with cert in it.

1. I've found how to generate private key in ~/.ccs from the code in ccs 
python executable (/usr/sbin/ccs).

2. I've also found how to generate CA in /var/lib/ricci/certs => code 
for that can be found in init script of ricci (/etc/init.d/ricci).

But what I am missing is how to use the user key/certificate from step 1 
and sign it into CA in step 2?

I'm building puppet module which will autoconfigure whole cluster from 
bare metal to working state. So far my only problem is updating 
cluster.conf, for which I need fully working ricci CA and user 
certificates in /root/.ccs of every node...

So, any ideas are welcome.

Jakov Sosic

More information about the Linux-cluster mailing list