On Wed, 2008-10-15 at 12:15 +0200, Kenneth Holter wrote:
> The reply was very helpful. Thank you very much.
>
> Regarding a separate puppetmaster for test-environments: I thought I'd
> do something like the following, and add one or more puppetmasters to
> the "puppet-test1" pool:
> server {
> listen 8150;
> ssl_verify_client on;
> root /var/empty;
> access_log on;
> rewrite_log on;
>
> location / {
> proxy_pass http://puppet-test1;
> proxy_redirect off;
> proxy_set_header Host $host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For
> $proxy_add_x_forwarded_for;
> proxy_set_header X-Client-Verify SUCCESS;
> proxy_set_header X-SSL-Subject
> $ssl_client_s_dn;
> proxy_set_header X-SSL-Issuer
> $ssl_client_i_dn;
> proxy_read_timeout 65;
> }
> }
> This was what you proposed, and seems like a good solution.
I think this should work.
> Btw, are there any guidelines as to how many puppetmaster
> instances there should be in a pool? I figure I'd maybe start out with
> 4 instances and add more if performance degrades.
I don't really know, but I think this might depend on the number of
clients and the time it takes to compile the catalog and/or serve the
files...
I think you can start with a low number (3 or 4), and if you see clients
timeout, maybe you can increase this number. This also depends on the
memory you have on your master server (more puppetmaster means more used
memory).
Also, if you use storeconfigs, make sure to run 0.24.6+ (when it'll be
released) for performance reasons.
--
Brice Figureau <[EMAIL PROTECTED]>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
