Dan Bode wrote: > > > On Sun, Jan 31, 2010 at 11:13 AM, Alan Sparks > <[email protected] <mailto:[email protected]>> wrote: > > I've a manifest that is trying to use a fileserver resource I've > configured on a second puppetmaster. The second puppetmaster is > actually working as the main puppetmaster for my domain - this new > puppetmaster is one I've set up to test migrating to new manifests. > > > To simplify an environment with multi puppetmasters, your primary > puppetmaster should serve as the CA for all clients as well the > secondary puppet masters. > > you can disable the CA functionality on the secondary puppet masters > as follows. > > [puppetmasterd] > ca = false >
Since the secondary puppetmaster in this case is running as a primary legacy puppetmaster for clients, this will likely break them, correct? > then the clients should specify which CA they will use > > [puppetd] > ca_server = primarypuppetmaster.blah.net > <http://primarypuppetmaster.blah.net> > > the secondary puppet masters should authenticate with the primary > puppetmaster before any clients connect. I don't understand this statement - authenticate how? Thanks for the response. -Alan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
