On Wednesday, September 19, 2012 12:11:24 AM UTC-5, Gonzalo wrote: > > Hi All, > > In our environment, we use the $::environment variable extensively to > determine if the host should have one set of mounts (e.g. production) or a > different set of mounts (e.g. qa). This is just one example, but there are > many others where the $::environment variable comes into play. > > The problem is that I have a number of puppet changes that I want to test > before merging into the production tree, so I've created a staging > environment.... however, given the importance of the $::environment > variable throughout the manifests, this won't work well. > > Any suggestions? I'd like to point a number of production nodes at a > secondary puppet server using --noop to see what would change, but then I > run into SSL issues. Would be great if I could use puppet over cleartext > http for this test, but I'm not sure if that's possible. >
I tend to think that the $::environment fact is not a very good choice for testing your Puppet configuration, for pretty much the reason you already described. Setting up a secondary master for testing is exactly what I would recommend. There are a number of ways that you could work out the SSL issues. The brute force way, for example, would involve synchronizing the masters' SSL directories (both directions), and probably playing some games with name servers. It would be more elegant to set up a central CA on which the masters and clients all rely, though synchronization of client certs between the masters would probably still be needed. In a pinch, you might be able to enlist your existing production master as the central CA. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/k0EStMzrmB0J. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
