16 lines
1.3 KiB
Markdown
16 lines
1.3 KiB
Markdown
# How to reinstall a machine
|
|
|
|
Generally speaking, a reinstall can be done without doing anything other than doing the PXE boot, but there are some caveats to consider:
|
|
|
|
- the puppet server certificate is saved on the puppet server
|
|
|
|
- the puppet client certificate is saved by the kickstart script (which obviously can only happen, if the machine is reinstalled to the same drive with an intact file-system)
|
|
|
|
- if you do a new install to a blank drive, but the puppet server has a certificate saved for the host, the client will generate a new cert, but the server will not, so the certificates saved on the 2 sides, will not match and will never work. In this case both sides need to be cleaned up before a new puppet run is attempted.
|
|
|
|
- somewhat unrelated to the other points, but a similar case is the ssh server keys, which are stored on the puppet server and are put in place by puppet agent, so they remain unchanged under all reinstall scenarios
|
|
|
|
Puppet server certs can be deleted at https://puppet01.psi.ch/ and on that page, the command to delete the client cert is specified.
|
|
|
|
To access https://puppet01.psi.ch one needs to authenticate with your username/password. The server uses a invalid https certificate that is not accepted by modern safari/chrome any more. Use Firefox as a workaround.
|