I wouldn't even try to run two agent packages on the same node. But there may be ways to configure one agent to do both tasks.
As far as I see it, your customer could run in masterless puppet apply mode right out of the box, but would risk managing resources that you are also managing therefore there are potential problems here. If he really wants to run a master and the agent needs to connect to both the local master and yours, then you have issues with SSL. One way would be to offer him a CA service and tell him to configure his master with ca=false and point the ca_server at your machine. He could then run puppet agent with --server <either one>. This still leaves open the possibility of both catalogs trying to maintain the same resource. Wouldn't it just be easier and better all round to give him a git repo where he can manage his own stuff on your Puppet master? To me thats a better option than offering one-third of a service where he's going to then run the other two-thirds of it. Craig On Tue, Apr 15, 2014 at 10:31 AM, Martin Willemsma <mwillem...@gmail.com>wrote: > I was wondering if any of you had experience with running a puppet agent > on a machine owned by a customer. > The customer in this case has root access on his own machine and the > puppet agent is managed by me because I like to manage resources on his > node. > > These resources can be > - an account for emergency maintenance (and reset the password every now > and then according to password policy) > - a monitoring client (manage the monitoring host depending on > datacenter/region) > - inventory scripts and custom facts for CMDB > > I prefer to keep the agent running on this node and not only apply config > during initial deployment, but here comes the challenge: > > Lets say this customer also sees the light of puppet and likes to run this > own master on this node or wants to use puppet apply because he only has > one vm but likes to use modules from the forge to configure his server. > > - is this possible? multiple agents on a node, if so what will be in > /etc/puppet/puppet.conf? > - should you want this ; a customer connecting to your master and also run > his puppet apply/agent on this own server. How do you do this? > - how do you handle puppet packages? e.g. I want to run the latest puppet > from gems, he uses debs. > > I like to see how others are using puppet in a environment where there is > the provider delivering a virtual machine and does *some* management where > the customer also wants to be in the same/different puppet boat. > > -- > Kind Regards, > > Martin Willemsma > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/CAFcmyyrQkxKH_gerCbZVFnj0aAvJNp0Js%2BM7gK9FrroeczRW0g%40mail.gmail.com<https://groups.google.com/d/msgid/puppet-users/CAFcmyyrQkxKH_gerCbZVFnj0aAvJNp0Js%2BM7gK9FrroeczRW0g%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- *Enviatics *| Automation and configuration management http://www.enviatics.com | @Enviatics Puppet Training http://www.enviatics.com/training/ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACxdKhHXjo45xTP0iQCUW72T1UyA19N0%3DSbNnw9g9Yb_Fp5y%2Bw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
