We do this via multiple Environments. We have a Dev, Test and Production environment, and migrate between them using subversion scripts. The only thing to be aware of, is that you need to set up the file server so that all puppet: resources include the environment; thus: puppet:///files-$environment/myfile ; in this way, modules and manifests can move between environments without needing to change the files URL (under modules is fine because it already is aware of environments) Another useful thing is to append the Production modules path to the end of the Dev and Test module paths, so you dont have to have a copy of every module in each environment.
If you want to have a client pointing at completely different puppet servers, then make a second client directory /etc/puppet2 for example, that defines a completely different varpath etc. Then use --confpath=/etc/puppet2 to activate this one rather than using --server. This way you can have a completely separate puppet agent installation, separate certificates, and so on. We do this in some cases where we have an applications puppet server, where the client runs as a non-root user, and a systems puppet server, where the agent runs as root. We can allow the apps team to maintain the manfests on the applications server. Steve Steve Shipway University of Auckland ITS UNIX Systems Design Lead s.ship...@auckland.ac.nz<mailto:s.ship...@auckland.ac.nz> Ph: +64 9 373 7599 ext 86487 ________________________________ From: puppet-users@googlegroups.com [puppet-users@googlegroups.com] on behalf of Gonzalo Servat [gser...@gmail.com] Sent: Wednesday, 7 March 2012 8:20 p.m. To: puppet-users@googlegroups.com Subject: [Puppet Users] Puppet staging server Hi All, I tried to implement a second Puppet server as a "staging" server with the idea of being able to run puppet in dry run mode against this staging server. I ran into some SSL trouble. When I point at the staging server, I get various SSL related errors and I assume it's because the ca cert is different. I can get around it by clearing /var/lib/puppet/ssl and regenerating/signing the certificate, but I have to do the same thing when I go back to the production server which is not what I was hoping for. Has anyone done this sort of thing? How'd you get around the SSL issues? I could use the same CA cert on both Puppet servers but I assume that won't work as the hostnames are different? Thanks in advance Gonzalo -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
