Sorry if i don't explain very well, has a long time without speaking or writing in english
But if i put 2 CA in my infrastructure, my clients has to generate certs in 2 CA? My goal is just replicate my infrastructure, and i stuck in 2 questions: - I cannot put 1 puppet in 2 foreman simultaneously - I cannot have 2 CA for one virtual IP (In Load Balancer). And i don't know to resolve this Tks to reply Christopher! Em segunda-feira, 18 de julho de 2016 13:49:13 UTC-3, Christopher Pisano escreveu: > > If I am understanding this correctly you also need to load balance the > foreman smart-proxy on each of the puppet masters. But in your current > architecture I think that poses a risk of CA requests going to a non-CA > puppet master. My suggestion is to always run a completely separate CA from > your masters. > > > On Monday, July 18, 2016 at 10:01:17 AM UTC-4, Kelvyn Tomaz wrote: >> >> HI, >> >> I'm Kelvyn and i implementing puppet in my office, but my foreman server >> today not supporting all of my puppet nodes (in total 26 nodes) because >> this machine is very old and slow. >> >> And i like to migrate to a strong infrastructure to supporting +500 >> nodes, and i like to put in HA >> >> >> The infrastructure purpose is that >> >> >> [Load Balancer] >> / \ >> / \ >> / \ >> / \ >> [Puppetmaster and CA] [Puppetmaster] >> | \ / | >> | \ / | >> | \ / | >> [Foreman] [Foreman] >> \ / >> \ / >> \ / >> [Postgresql] >> >> >> But my problem is, the 2 machines with puppet will not connected to 2 >> foreman machines with foreman-proxy >> >> How i change this to a complete HA? >> >> PS: the Postgresql is in a master-slave machine. >> >> >> Tks! >> > -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
