Closed
Bug 1241820
Opened 8 years ago
Closed 8 years ago
Windows ec2 golden instances should obtain a new puppet cert on each instantiation
Categories
(Infrastructure & Operations :: RelOps: Puppet, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: grenade, Assigned: grenade)
Details
Attachments
(1 file)
|
1.35 KB,
patch
|
markco
:
review+
|
Details | Diff | Splinter Review |
markco> grenade: dustin: for 2008 is there any reason we shouldn't grab new certs on each capture? To avoid ending up with a revoked cert? <dustin> I don't really know how the whole thing works <dustin> but you can only have one cert for a hostname <dustin> what is a capture? <markco> when we capture a new golden ami <dustin> ok <dustin> and you don't destroy the golden ami in between runs? <markco> yeah it is kept around currently <dustin> not very golden then :) <dustin> but in that case you should generate a cert when you first create that instance <dustin> and then not generate one after that <dustin> basically whenever you create an instance, you should get a cert for it, but just once <markco> Ok the instance in which we capture from is terminated after the capture, so it sounds like we should be grabbing new certs each time. <dustin> ah, yes <dustin> oh I see, you keep the AMI but not the instance -- that makes sense :) <dustin> sorry to misunderstand
|
Assignee | |
Comment 1•8 years ago
|
||
Attachment #8710942 -
Flags: review?(mcornmesser)
|
||
Updated•8 years ago
|
Attachment #8710942 -
Flags: review?(mcornmesser) → review+
|
|
Assignee | |
Comment 2•8 years ago
|
||
merged: https://github.com/mozilla/build-cloud-tools/commit/8fc40eeb4927a1ca710b6ef9587b6621598484e7
|
|
Assignee | |
Updated•8 years ago
|
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•