Rob McBroom <[email protected]> writes:
> On Jul 20, 2010, at 9:15 AM, noob-puppeteer wrote:
>
>> In the case of LDAP, how would this work? Would you store your entire
>> puppet config in LDAP or just the user information?
You can do both — nodes in LDAP, at least — but I meant only the user and
group information.
>> I am looking documentation for storing all puppet info in LDAP, and that is
>> a bit unwieldy, since all configuration is stored as key-value pairs. Its
>> almost another language on top of puppet.
I don't use it, because I don't much like it either. :)
> I think he was referring to using LDAP to define users and groups centrally,
> which doesn’t really have anything to do with Puppet other than simplifying
> your manifests and speeding up each run.
Well, not strictly, although I would suggest you configure hosts to use LDAP
through puppet. It does answer the question of how I would do this with
puppet though — I wouldn't. ;)
> Some advice though: Set up multiple LDAP servers with replication and
> failover right away. We ran with just one for a while based on capacity
> needs alone, but you’d be amazed at all the unexpected things that go to
> hell when LDAP becomes unavailable.
FWIW, once you have puppet working it isn't too hard to have every host acting
as an LDAP slave, so you don't have cross-machine dependencies. If you really
need that level of capability.
Regards,
Daniel
--
✣ Daniel Pittman ✉ [email protected] ☎ +61 401 155 707
♽ made with 100 percent post-consumer electrons
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
