I used this approach detailed below in production for a large-ish environment. When used in conjunction with Nginx load balancing in AWS (http://blog.mague.com/?p=286) it worked very well.
1) Route all certificate requests (explained above) to a pair of boxes that have the sync setup listed below 2) Route specific environments to specific puppet backends One further refinement is to set up a puppet master running in debug mode and create a debug environment which is useful for troubleshooting. -c On Friday, July 18, 2014 6:03:51 AM UTC-7, Juan Sierra Pons wrote: > > Hi > > What about this approach? [1] Sync Puppet Certs between EC2 regions > > It seems very easy to implement: unison + incron + scripts > > Disclaimer: not tested yet. Hope to have a prof of concept next week. > > Best regards > > [1] http://blog.mague.com/?p=468 > > -------------------------------------------------------------------------------------- > > > Juan Sierra Pons ju...@elsotanillo.net > <javascript:> > Linux User Registered: #257202 > Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo > GPG key = 0xA110F4FE > Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE > -------------------------------------------------------------------------------------- > > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d092191d-f933-4669-9272-2f104a894851%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
