FAQ
I'm working on getting my system setup for rapid scaling. Without resorting
to some ugly hacks what is the preferred method of adding more
puppetmasters? My puppetmasters sit behind a load balancer vip so the
certificate needs to be updated when I add a puppetmaster.

Does anyone have a module written for this already?

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

Search Discussions

  • Matthew Black at Dec 28, 2012 at 1:39 am
    The fastest way to rapidly scale is to have SSL terminated at the load
    balancer so you do not need to update the the ssl certificate. The
    configuration to do it depends on what is being used for the load
    balancer. If you are using an F5 LTM then you can easily handle the
    SSL termination at the F5 and add new puppet servers to the pool with
    the F5 module from puppetlabs.

    If you are using Apache then you would follow the same principle with
    the SSL terminated at the Apache load balancer. If you use
    mod_passenger you are already terminating SSL at the Apache layer so
    its not too different at that point.
    On Thu, Dec 27, 2012 at 2:08 PM, Tom Fox wrote:
    I'm working on getting my system setup for rapid scaling. Without resorting
    to some ugly hacks what is the preferred method of adding more
    puppetmasters? My puppetmasters sit behind a load balancer vip so the
    certificate needs to be updated when I add a puppetmaster.

    Does anyone have a module written for this already?

    --
    You received this message because you are subscribed to the Google Groups
    "Puppet Users" group.
    To post to this group, send email to puppet-users@googlegroups.com.
    To unsubscribe from this group, send email to
    puppet-users+unsubscribe@googlegroups.com.
    For more options, visit this group at
    http://groups.google.com/group/puppet-users?hl=en.
    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To post to this group, send email to puppet-users@googlegroups.com.
    To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
  • Tom Fox at Dec 28, 2012 at 3:28 am
    Thanks. Good point about the cert. Unfortunately Netscalers are the
    standard in my environment and to the best of my knowledge there is no
    love from puppet for them so pool management will still require some key
    pressing.



    Matthew Black wrote:
    The fastest way to rapidly scale is to have SSL terminated at the load
    balancer so you do not need to update the the ssl certificate. The
    configuration to do it depends on what is being used for the load
    balancer. If you are using an F5 LTM then you can easily handle the
    SSL termination at the F5 and add new puppet servers to the pool with
    the F5 module from puppetlabs.

    If you are using Apache then you would follow the same principle with
    the SSL terminated at the Apache load balancer. If you use
    mod_passenger you are already terminating SSL at the Apache layer so
    its not too different at that point.

    On Thu, Dec 27, 2012 at 2:08 PM, Tom Foxwrote:
    I'm working on getting my system setup for rapid scaling. Without resorting
    to some ugly hacks what is the preferred method of adding more
    puppetmasters? My puppetmasters sit behind a load balancer vip so the
    certificate needs to be updated when I add a puppetmaster.

    Does anyone have a module written for this already?

    --
    You received this message because you are subscribed to the Google Groups
    "Puppet Users" group.
    To post to this group, send email to puppet-users@googlegroups.com.
    To unsubscribe from this group, send email to
    puppet-users+unsubscribe@googlegroups.com.
    For more options, visit this group at
    http://groups.google.com/group/puppet-users?hl=en.
    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To post to this group, send email to puppet-users@googlegroups.com.
    To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
  • Matthew Black at Dec 28, 2012 at 5:17 pm
    Never used Netscalers but if its just as simple as adding a server to
    a pool like on the F5 device its something that can be given to a NOC
    or L2 resources to do.
    On Thu, Dec 27, 2012 at 10:27 PM, Tom Fox wrote:
    Thanks. Good point about the cert. Unfortunately Netscalers are the standard
    in my environment and to the best of my knowledge there is no love from
    puppet for them so pool management will still require some key pressing.




    Matthew Black wrote:

    The fastest way to rapidly scale is to have SSL terminated at the load
    balancer so you do not need to update the the ssl certificate. The
    configuration to do it depends on what is being used for the load
    balancer. If you are using an F5 LTM then you can easily handle the
    SSL termination at the F5 and add new puppet servers to the pool with
    the F5 module from puppetlabs.

    If you are using Apache then you would follow the same principle with
    the SSL terminated at the Apache load balancer. If you use
    mod_passenger you are already terminating SSL at the Apache layer so
    its not too different at that point.

    On Thu, Dec 27, 2012 at 2:08 PM, Tom Fox wrote:

    I'm working on getting my system setup for rapid scaling. Without resorting
    to some ugly hacks what is the preferred method of adding more
    puppetmasters? My puppetmasters sit behind a load balancer vip so the
    certificate needs to be updated when I add a puppetmaster.

    Does anyone have a module written for this already?

    --
    You received this message because you are subscribed to the Google Groups
    "Puppet Users" group.
    To post to this group, send email to puppet-users@googlegroups.com.
    To unsubscribe from this group, send email to
    puppet-users+unsubscribe@googlegroups.com.
    For more options, visit this group at
    http://groups.google.com/group/puppet-users?hl=en.

    --
    You received this message because you are subscribed to the Google Groups
    "Puppet Users" group.
    To post to this group, send email to puppet-users@googlegroups.com.
    To unsubscribe from this group, send email to
    puppet-users+unsubscribe@googlegroups.com.
    For more options, visit this group at
    http://groups.google.com/group/puppet-users?hl=en.
    --
    You received this message because you are subscribed to the Google Groups "Puppet Users" group.
    To post to this group, send email to puppet-users@googlegroups.com.
    To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com.
    For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppuppet-users @
categoriespuppet
postedDec 27, '12 at 7:18p
activeDec 28, '12 at 5:17p
posts4
users2
websitepuppetlabs.com

2 users in discussion

Matthew Black: 2 posts Tom Fox: 2 posts

People

Translate

site design / logo © 2022 Grokbase