I have two servers in every site that are dedicated for infrastructure servers, but they run in active/passive state with a VIP IP that floats between the two of them. That IP is used for DNS, Cobbler, Puppet, ftp, http, etc etc. What I would like is to have SSL certs work between the two nodes but obviously only use the floating VIP. I am not 100% sure on how to accomplish this, as well doing it an automated fashion.
I read the puppet scalibility setup on the wiki, assuming thats a chained certificate setup? On Wed, Apr 14, 2010 at 10:34 AM, Michael DeHaan <mich...@puppetlabs.com>wrote: > It would do for active/passive though. How about setting up an > alias for ca that moved when the ca wasn't accessible (using > --certname), and load balance the puppet serving parts since there's > no race issues there. > > --Michael > > > > On Wed, Apr 14, 2010 at 10:06 AM, David Schmitt <da...@dasz.at> wrote: > > On 4/14/2010 3:42 PM, Michael DeHaan wrote: > >> > >> On Tue, Apr 13, 2010 at 7:39 PM, Christopher Johnston > >> <chjoh...@gmail.com> wrote: > >>> > >>> How to deal with ssl certs, I have a similar situation where I have two > >>> puppetmasters per site and I would like to see them both handle > serving > >>> puppet data at anytime from a VIP (primary/failover) type of operation. > >>> > >> > >> How about shared storage for the SSL dir? > > > > Would that be race-free with regards to updating the serial number and > > stuff? > > > > > > Best Regards, David > > -- > > dasz.at OG Tel: +43 (0)664 2602670 Web: http://dasz.at > > Klosterneuburg UID: ATU64260999 > > > > FB-Nr.: FN 309285 g FB-Gericht: LG Korneuburg > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-us...@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscr...@googlegroups.com<puppet-users%2bunsubscr...@googlegroups.com> > . > > For more options, visit this group at > > http://groups.google.com/group/puppet-users?hl=en. > > > > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com<puppet-users%2bunsubscr...@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
