Did i figure out something new here, because I've been digging at this for
a week and don't see anyone doing it like this.
What i'm doing is running multiple puppetmasters behind haproxy. Each
puppetmaster is an active ca server and share a common certificate. It
works like a charm, in a la
If my server has a subrole, how do i set the effective role so that the
correct class gets compiled? Please read through my setup before
answering, maybe what i want to do is incorrect for this setup.
The way I setup roles and profiles is like this:
Nodes are given a role and a subrole by
I did some testing and yes if you reinstall a host and don't perform puppet
cert clean on all the ca servers you will run into issue. But other than
this fact I haven't seen any issues with masters verifying a signed
certificate. Since running puppet cert clean is standard procedure I don't
s
Neil,
I agree one CA is more than capable and the load balancing point here is
pretty much moot. I as well will have many nodes dispersed world wide
within DC's and with Hosting providers, like AWS and DO. Having a flexible
and simple setup which can operate independent of other sites is a
r
This is what my haproxy cfg is like. I'm doing tcp passthough.
global
chroot /var/lib/haproxy
daemon
group haproxy
log 10.0.2.15 local0
maxconn 4000
pidfile /var/run/haproxy.pid
stats socket /var/lib/haproxy/stats
user haproxy
defaults
log global
maxconn 8000
op
Are subroles implemented as a conditional statement within the profile
manifest?
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@google
