I've asked a similar question on the Terraform mailing-list but on reflection, I think it's more appropriate here.
Let's say I need several environments, and I'm using AWS, with each environment in a separate VPC. I'm going to configure instances with Puppet (and deploy with Jenkins). I see two basic design options here: *Option 1: Puppet master in one environment / VPC, either:* 1. In their own VPC, e.g. "devops". 2. Less-optimally, piggy-backed on an application environment VPC, e.g. "staging". This master would be responsible for configuring all servers across all other environments / VPCs. Implications: - Have to open up security groups, scope for environments to affect each other. - Configuring Puppet environments using something like r10k, high dependency on that enviroment - VPCs will have to have different CIDRs (not sure if this is a big deal). *Option 2: Every environment to have its own Puppet master.* Implications: - More costly. - Feels "cleaner", each Puppet master only needs to handle one environment. - Less likely for environments to interfere with each other. - Potentially less (or more?) pain with managing Puppet environments. - Might be overly complex. Is either of these an obviously better choice than the other? If (1) is better, is sub-option (1) or (1) better? Or are both options both viable and sane? NB Assume that "master" may mean "masters" according to the need. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d5c26bc6-c7ce-4439-8073-41c462f9ded2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
