2 Commits

Author SHA1 Message Date
Ade Lee
bf0bc85ef4 Restart certmnonger after registering system with IPA
If certmonger is not restarted when the server is registered with
IPA, then it may define the IPA CA as unreachable.  This results
in CA certs not being stored when cert requests are made with a -F
option.  Eventually, certmonger refreshes itself, but this can
take up to 8 hours.

We see this sometimes when doing brownfield deploys.  The ca cert
fails to be created for some requests, resulting in containers
being unable to load.

We fix this by simply restarting certmonger after enrollment, and
avoiding the whole confused state.

Change-Id: Id968a2d5170af1485417e41318e0187d79cd4aae
2019-10-28 11:24:31 -04:00
Emilien Macchi
2f3554cdcb Remove extraconfig/services directory
... and move the services into the deployment directory.

The extraconfig/services directory was initially created for
experimental services using an interface that was work in progress but
is now stable enough, so the services can live among the others for
simplification.

Change-Id: I2bd0b169ed18ea2fccfea4475402dd73076924c8
2019-07-18 14:44:14 -04:00