On 12-07-17 09:11 AM, JMeterX wrote: > We have around 300 RHEL servers that are currently connecting to a > Puppetmaster server. However, we have noticed some performance > bottlenecks and it is the point of failure in our system. I am fairly > new to puppet in general and I am considering creating a decentralized > puppet architecture instead of having Puppet clients connect to the > Puppetmaster server. Aside from what I would suspect to happen such as > performance gain and lack of signing and exchanging SSL certs for new > machines, what are other pros and cons to setting up a decentralized > architecture?
here's an incomplete list that comes from the top of my head. pros: * you move the single point of failure security-wise to a repository from which your nodes pull the manifests, which is probably easier to secure (less moving parts). * the setup scales much better than with a centralised puppet master. the performance that you'll need to be verifying is wheter too much nodes pull the manifests simultaneously. everything else is done by each node. cons: * passing resources and files from one node to another (e.g. collecting resources) is tougher. you pretty much have to reinvent a method of doing it. * you really have to trust users with root access on each node since manifests are pulled directly on the server (and can thus be modified locally). -- Gabriel Filion -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
