We had exactly the same problem at our site over the weekend and
resolved it by... logging in to every node, stopping puppetd, cleaning
out /var/lib/puppet, and starting puppetd once again. We still use a
twisted-python tool to run one-off commands and executables in
parallel with ssh, and this is a case where it helps. Also, we will
sometimes use it to undo obsolete policy then simply change puppet
manifests to reflect the new policy. Until we upgraded our master to
run 12 puppetmasterds behind nginx, it was nearly impossible to make a
policy change affecting hundreds of nodes in seconds any other way. In
an emergency, having the ssh trick in our back pocket can be a
lifesaver.
On Mar 31, 2010, at 5:52, LOhit <lohi...@gmail.com> wrote:
Hi,
Since puppet doesn't have HA/fail over capabilities as of now. How
does one mitigate a puppet master failure( Ex. Hardware). When you
replace the server and configure the Puppet masterd, the clients may
no longer be able to communicate with the server, since the server's
SSL certificates would have changed.
BTW, I am using puppet to manage about 700+ hosts, I am beginning to
worry about the scenario as mentioned above. I definitely don't want
to login to each host to clear the "ssl" directory to make it
request new certificate.
Thanks,
--
LOhit
--
You received this message because you are subscribed to the Google
Groups "Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com
.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en
.
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
