I rsync my ssl dir from CNAMES puppet-ca.example.com to puppet-ca2.example.com every 5 mins
All clients configuration is set up such that ca_server = puppet-ca.example.com If puppet-ca goes down, I swing the pppet-ca CNAME to the puppet-ca2 server Note that to make this work I use the same single cert for all puppet servers and use certdnsnames to include puppet-ca & puppet-ca2 and every CNAME for every puppet server in the organisation As for storedconfigs - I'm not there yet, but thought I'd have MySQL point to the one server. All the warnings about queuing and the like has pushed the priority down for me John On 18 November 2010 08:29, Scott Smith <sc...@ohlol.net> wrote: > nfs mount the puppetmaster ssl dir. seperate puppetca (set on clients) play > with it and you'll figure it out :) > On Nov 11, 2010 9:18 AM, "luke.bigum" <luke.bi...@fasthosts.co.uk> wrote: > > Hi, > > > > Does anyone know if this document is up to date (besides the comment > > at the top saying it's not): > > > > > http://projects.puppetlabs.com/projects/1/wiki/Multiple_Certificate_Authorities > > > > Or does anyone who has a load balanced multi puppet master with some > > kind of shared CA confirm that the procedure is accurate? > > > > -- > > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > > To post to this group, send email to puppet-us...@googlegroups.com. > > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com<puppet-users%2bunsubscr...@googlegroups.com> > . > > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com<puppet-users%2bunsubscr...@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- John Warburton Ph: 0417 299 600 Email: jwarbur...@gmail.com -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
