Yup, I had noted and discussed that with my colleagues. It's got to be a big boon. A broken Puppet that ruled them all, could cause big havoc. In fact, I seem to remember this causing big havoc in a previous workplace, where someone decided to "just upgrade Puppet" because the current version was blocking him...
Apart from that, any other pros and cons to either method? I guess not, otherwise you'd have mentioned them. :) On Friday, 13 October 2017 00:53:54 UTC+3, Daniel Urist wrote: > > Option (2) allows you to test upgrades to the puppet infrastructure > itself, which changes not infrequently. > > On Wed, Oct 11, 2017 at 3:15 PM, Antony Gelberg <[email protected] > <javascript:>> wrote: > >> I've asked a similar question on the Terraform mailing-list but on >> reflection, I think it's more appropriate here. >> >> Let's say I need several environments, and I'm using AWS, with each >> environment in a separate VPC. I'm going to configure instances with Puppet >> (and deploy with Jenkins). I see two basic design options here: >> >> *Option 1: Puppet master in one environment / VPC, either:* >> >> 1. In their own VPC, e.g. "devops". >> 2. Less-optimally, piggy-backed on an application environment VPC, >> e.g. "staging". >> >> This master would be responsible for configuring all servers across all >> other environments / VPCs. >> >> Implications: >> >> - Have to open up security groups, scope for environments to affect >> each other. >> - Configuring Puppet environments using something like r10k, high >> dependency on that enviroment >> - VPCs will have to have different CIDRs (not sure if this is a big >> deal). >> >> >> *Option 2: Every environment to have its own Puppet master.* >> >> Implications: >> >> - More costly. >> - Feels "cleaner", each Puppet master only needs to handle one >> environment. >> - Less likely for environments to interfere with each other. >> - Potentially less (or more?) pain with managing Puppet environments. >> - Might be overly complex. >> >> Is either of these an obviously better choice than the other? If (1) is >> better, is sub-option (1) or (1) better? >> Or are both options both viable and sane? >> >> NB Assume that "master" may mean "masters" according to the need. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/puppet-users/d5c26bc6-c7ce-4439-8073-41c462f9ded2%40googlegroups.com >> >> <https://groups.google.com/d/msgid/puppet-users/d5c26bc6-c7ce-4439-8073-41c462f9ded2%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4ba4a40d-5875-42e5-9beb-8395065f18cf%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
