On Fri, Nov 6, 2009 at 4:49 PM, Paul Lathrop p...@tertiusfamily.net wrote:
Hi guys,
Really could use some help with the way Puppet uses SSL. In my
environment, I need to have 2 puppetmasters. One of them is
responsible for passing out configurations to production machines, the
second one is
Hello Mark Christian,
Am Thursday 19 November 2009 03:10:38 schrieb Mark Christian:
I am keen to get this to work, but can't seem to. Will this work with
Mongrel and Apache as described at
http://reductivelabs.com/trac/puppet/wiki/UsingMongrel ? Im using the EPEL
puppet package versions
Hi Mark,
I can understand your frustration. We have been struggling with Puppet
and SSL a lot lately. Our setup is similar but a bit more complicated
so your scenario shouldn't pose any issues. Try this (assuming you are
starting from scratch):
1. Start the production puppet master as usual. This
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi
1. Start the production puppet master as usual. This will be your CA.
2. In your development puppet master, set ca = false and ca_server =
production.hostname in puppet.conf in the puppetmasterd section. Also
set server = production.hostname
Hi Pete,
I was thinking of doing that since all the entries in the wiki addressing
Puppet Scalability deal with multiple CAs which in my opinion overly
complicates things. I am also waiting on a resolution for #2848 which arose
from this kind of setup.
Cheers,
Atha
On Nov 23, 2009, at 18:05 ,
I am keen to get this to work, but can't seem to. Will this work with
Mongrel and Apache as described at
http://reductivelabs.com/trac/puppet/wiki/UsingMongrel
? Im using the EPEL puppet package versions 24.8-4 and simply can't
get the client to retrieve the catalog from the Development server.
Dan,
This looked like exactly what I needed, but I couldn't get this to
work either. I'm at my wits end and have given up completely on the
upgrade to 0.25.1 at this point.
I will now go pester my boss to buy support.
--Paul
On Fri, Nov 6, 2009 at 9:38 PM, Dan Bode d...@reductivelabs.com
Hi Dan,
I'm not upgrading, I'm installing a server from scratch. I want to
upgrade just my puppetmaster and leave the clients alone for now,
because Puppet is a huge part of our infrastructure I can't do it all
in one pass.
I can get a single puppetmaster up and running. I cannot then get a
+1 for this setup for your scenario.
I ended removing all of the ca functionality from all of the dev severs, it
makes things much simplified.
additionally you need to sign only in one place, which makes it easy to
automate it with a common build infrastructure.
Cheers,
Ohad
On Sat, Nov 7,