2

We need to change the IP address of our cfengine policy server. It will be the same machine, and nothing else will change, it's just going to have a different ip. Is there some way to avoid re-bootstrapping all the client machines to that new address? Some change to make (and propagate) in the config before the ip switches over, so that all the clients will be ready to start reading from the hub once it reboots with its new address?

I hope so...

UPDATE: I think the answer is probably "no". After the IP switch I ended up just writing a shell script that loops through all the clients and logs in via ssh to run the bootstrap command again. Worked fine.

steev
  • 165
  • 7
  • 1
    Interesting question. It *does* seem it should be possible, since the trust relationship is based on the key, not on the IP address. I've never had to do this because in the environments I've worked in, the IP address of the policy server is never changed—it would require every firewall exception (at many points) to be changed as well. – Wildcard Sep 26 '16 at 03:38

0 Answers0