On Fri, Nov 6, 2009 at 4:49 PM, Paul Lathrop wrote:
> Hi guys,
>
> Really could use some help with the way Puppet uses SSL. In my
> environment, I need to have 2 puppetmasters. One of them is
> responsible for passing out configurations to production machines, the
> second one is responsible for p
there are a few very good SSL recipe wiki pages - one of them that I wrote
about SSL authentication chains -
http://reductivelabs.com/trac/puppet/wiki/PuppetScalability under the
section Centralized Puppet Infrastructure
Ohad
On Tue, Nov 24, 2009 at 5:05 AM, Peter Meier wrote:
> -BEGIN PGP
Hi Pete,
I was thinking of doing that since all the entries in the wiki addressing
Puppet Scalability deal with multiple CAs which in my opinion overly
complicates things. I am also waiting on a resolution for #2848 which arose
from this kind of setup.
Cheers,
Atha
On Nov 23, 2009, at 18:05 ,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi
> 1. Start the production puppet master as usual. This will be your CA.
> 2. In your development puppet master, set ca = false and ca_server =
> production.hostname in puppet.conf in the puppetmasterd section. Also
> set server = production.hostnam
Hi Mark,
I can understand your frustration. We have been struggling with Puppet
and SSL a lot lately. Our setup is similar but a bit more complicated
so your scenario shouldn't pose any issues. Try this (assuming you are
starting from scratch):
1. Start the production puppet master as usual. This
Hello Mark Christian,
Am Thursday 19 November 2009 03:10:38 schrieb Mark Christian:
> I am keen to get this to work, but can't seem to. Will this work with
> Mongrel and Apache as described at
> http://reductivelabs.com/trac/puppet/wiki/UsingMongrel ? Im using the EPEL
> puppet package versions
I am keen to get this to work, but can't seem to. Will this work with
Mongrel and Apache as described at
http://reductivelabs.com/trac/puppet/wiki/UsingMongrel
? Im using the EPEL puppet package versions 24.8-4 and simply can't
get the client to retrieve the catalog from the "Development" server
Hi Dan,
I'm not upgrading, I'm installing a server from scratch. I want to
upgrade just my puppetmaster and leave the clients alone for now,
because Puppet is a huge part of our infrastructure I can't do it all
in one pass.
I can get a single puppetmaster up and running. I cannot then get a
seco
Hi Paul,
I am currently (but unfortunately slowly) staging this, so far I have done
the following:
1. installed .24.8 with passenger, tested
2, Upgraded to .25.1(head from git)
3. Reconfigured passenger
4. Tested client/server on one machine
5. Upgraded additional client machine to.25.1
6. Veri
Dan,
This looked like exactly what I needed, but I couldn't get this to
work either. I'm at my wits end and have given up completely on the
upgrade to 0.25.1 at this point.
I will now go pester my boss to buy support.
--Paul
On Fri, Nov 6, 2009 at 9:38 PM, Dan Bode wrote:
> Hi Paul,,
>
> I ju
Sorry James... by the time I tossed in the towel I was a quivering sweaty blob.
Doug.
On Fri, Nov 6, 2009 at 10:22 PM, James Turnbull wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Douglas Garstang wrote:
>> Seems like there are LOTS and LOTS of problems with puppet 0.25.
>> I e
+1 for this setup for your scenario.
I ended removing all of the ca functionality from all of the dev severs, it
makes things much simplified.
additionally you need to sign only in one place, which makes it easy to
automate it with a common build infrastructure.
Cheers,
Ohad
On Sat, Nov 7, 2009
12 matches
Mail list logo
