Can you describe how to set this up?
On Wed, Mar 31, 2010 at 11:23 AM, Ohad Levy wrote:
> LOhit,
>
> The main two things to take into account are:
>
>1. keep your manifests elsewhere, IMHO puppetmasters always gets RO
>copy of your puppet data (e.g. from a VCS).
>2. Solve the SSL he
We had exactly the same problem at our site over the weekend and
resolved it by... logging in to every node, stopping puppetd, cleaning
out /var/lib/puppet, and starting puppetd once again. We still use a
twisted-python tool to run one-off commands and executables in
parallel with ssh, and
LOhit writes:
> Hi,
>
> Since puppet doesn't have HA/fail over capabilities as of now. How does one
> mitigate a puppet master failure( Ex. Hardware). When you replace the server
> and configure the Puppet masterd, the clients may no longer be able to
> communicate with the server, since the
LOhit,
The main two things to take into account are:
1. keep your manifests elsewhere, IMHO puppetmasters always gets RO copy
of your puppet data (e.g. from a VCS).
2. Solve the SSL hell, then everything is simple.
I've been using in my setup (with approx 15 productive puppetmasters and
hello,
- "Cosimo Streppone" wrote:
> R.I.Pienaar wrote:
>
> > All the master needs is the CA that signed the nodes. If
> > you set your masters up that you access them via a CNAME
> > such as 'puppet' all you need to really bother with
> > is making sure your new master is on that name an
R.I.Pienaar wrote:
All the master needs is the CA that signed the nodes. If
you set your masters up that you access them via a CNAME
such as 'puppet' all you need to really bother with
is making sure your new master is on that name and has
the same CA as before.
Excuse me for the question, b
hello,
The master doesn't actually need a copy of the signed certs
on the its drives.
All the master needs is the CA that signed the nodes. If
you set your masters up that you access them via a CNAME
such as 'puppet' all you need to really bother with
is making sure your new master is on that
On 3/31/10 6:52 AM, "LOhit" wrote:
> BTW, I am using puppet to manage about 700+ hosts,
Before we started using rsync and running puppet locally on each host, we
actually added the SSL certs to SVN. Cheesy, but we could quickly, and
easily, move clients from master to master.
--
Brian Akins
-
Le mercredi 31 mars 2010 à 16:22 +0530, LOhit a écrit :
> Hi,
Hi,
> Since puppet doesn't have HA/fail over capabilities as of now. How
> does one mitigate a puppet master failure( Ex. Hardware). When you
> replace the server and configure the Puppet masterd, the clients may
> no longer be able to
Hi,
Since puppet doesn't have HA/fail over capabilities as of now. How does one
mitigate a puppet master failure( Ex. Hardware). When you replace the server
and configure the Puppet masterd, the clients may no longer be able to
communicate with the server, since the server's SSL certificates would
10 matches
Mail list logo
