[Puppet Users] Running multiple puppetmasters with nginx/mongrel

Wed, 15 Oct 2008 02:13:04 -0700 

Hello list.


I have a simple question about running multiple puppetmasters with
nginx/mongrel. The sample nginx config file found on the puppet web site
defines something like this:


upstream puppet-production {
        server 127.0.0.1:18140;
        server 127.0.0.1:18141;
        server 127.0.0.1:18142;
        server 127.0.0.1:18143;
    }
server {
        listen                  8140;
        ssl_verify_client       on;
        root                    /var/empty;
        access_log              on;
        rewrite_log             on;

        # Variables
        # $ssl_cipher returns the line of those utilized it is cipher for
established SSL-connection
        # $ssl_client_serial returns the series number of client certificate
for established SSL-connection
        # $ssl_client_s_dn returns line subject DN of client certificate for
established SSL-connection
        # $ssl_client_i_dn returns line issuer DN of client certificate for
established SSL-connection
        # $ssl_protocol returns the protocol of established SSL-connection
        location / {
            proxy_pass
*http://puppet-production*<http://puppet-production/>
;
            proxy_redirect      off;
            proxy_set_header    Host             $host;
            proxy_set_header    X-Real-IP        $remote_addr;
            proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header    X-Client-Verify  SUCCESS;
            proxy_set_header    X-SSL-Subject    $ssl_client_s_dn;
            proxy_set_header    X-SSL-Issuer     $ssl_client_i_dn;
            proxy_read_timeout  65;
        }
    }


This configuration means that I can run multiple puppetmasters, one for each
of the ports defined under "upstream" in the above config file. As far as I
can understand, all of these puppetmasters must use the same manifests. I
mean, when puppet nodes connects to port 8140, they will be redirected to
one of the puppetmasters determined by nginx. Therefor, all these
puppetmasters must run the same manifests. Is this correct?

Furthermore, if I want a separate puppetmaster (but running the same
manifests) for our test-environments, I can simply add a new port (for
example 8150), have to nodes connect to this port, and make sure there is a
puppetmaster running to connect to. True?

I'm sorry if these are too basic questions, but didn't find the necessary
documentation on the subject.


Regards,
Kenneth Holter

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to