On Tue, Jun 29, 2010 at 8:13 AM, Alex Howells <[email protected]> wrote:
> Hi Dan > > > http://bodepd.com/wordpress/?p=7 > > > > this is my preferred way out setting up multiple puppetmasters with a > shared > > CA. (Its a little better than the way described below since it allows you > to > > add aliases to the second puppet master) > > How do you do that with high availability? Consider the following setup... > > puppetca > > puppetmaster1 puppetmaster2 > > client1 client2 client3 client4 client5 > > Having to have 'puppetca' online in order to add new puppetmaster > boxes would be acceptable, even having it online to add new clients > would be fine, however the ability to actually operate without it > should be possible -- does the setup outlined on your blog work in > such a manner? > Its not possible to operate without certificates. People have used an external CA to sign puppetca's certificate (although there were some problems with revocation list on chained certificates on 0.25.5) > > Many thanks for sharing in any case. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<puppet-users%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
