James Bailey
2011-Apr-19 15:49 UTC
[Puppet Users] Puppetmaster best practice for multiple zones
Hello, sorry if this is a stupid question but I currently have inherited three "security zones" LAN, DMZ and PROD. I currently have Puppet and Foreman running in the LAN zone on a host called puppet-lan and I am starting to manage the LAN based systems with them. I am bit stuck however for how best I can managed the remaining two zones. Do create another two puppetmasters and configure them to use the existing storeconfigs DB I am currents. Or do I have two additional standalone puppetmasters? If do the later how will I be able to unify my view of the three zones? All answers welcome, including links to docs I may have missed. Regards Jim -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
James Bailey
2011-Apr-19 16:13 UTC
[Puppet Users] Puppetmaster best practice for multiple zones
Hello, sorry if this is a stupid question but I currently have inherited three "security zones" LAN, DMZ and PROD. I currently have Puppet and Foreman running in the LAN zone on a host called puppet-lan and I am starting to manage the LAN based systems with them. I am bit stuck however for how best I can managed the remaining two zones. Do create another two puppetmasters and configure them to use the existing storeconfigs DB I am currently using. Or do I have two additional standalone puppetmasters? If do the later how will I be able to unify my view of the three zones? All answers welcome, including links to docs I may have missed. Regards Jim -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Christian Kauhaus
2011-Apr-20 05:41 UTC
Re: [Puppet Users] Puppetmaster best practice for multiple zones
Am 19.04.2011 18:13, schrieb James Bailey:> I am bit stuck however for how best I can managed the remaining two > zones. Do create another two puppetmasters and configure them to use > the existing storeconfigs DB I am currently using. Or do I have two > additional standalone puppetmasters? If do the later how will I be > able to unify my view of the three zones?I''d prefer one puppetmaster for everything. If the puppetmaster needs to reachable from everywhere, it belongs into the production zone. Regards Christian -- Dipl.-Inf. Christian Kauhaus <>< · kc@gocept.com · systems administration gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany http://gocept.com · tel +49 345 1229889 11 · fax +49 345 1229889 1 Zope and Plone consulting and development -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
John Warburton
2011-Apr-20 06:07 UTC
Re: [Puppet Users] Puppetmaster best practice for multiple zones
On 20 April 2011 01:49, James Bailey <paradoxbound@gmail.com> wrote:> Hello, > > sorry if this is a stupid question but I currently have inherited > three "security zones" LAN, DMZ and PROD. I currently have Puppet and > Foreman running in the LAN zone on a host called puppet-lan and I am > starting to manage the LAN based systems with them. > > I am bit stuck however for how best I can managed the remaining two > zones. Do create another two puppetmasters and configure them to use > the existing storeconfigs DB I am currents. Or do I have two > additional standalone puppetmasters? If do the later how will I be > able to unify my view of the three zones? > > All answers welcome, including links to docs I may have missed. > > It all depends on your security model. This thread may give you some foodfor thought - http://groups.google.com/group/puppet-users/browse_thread/thread/a1b84a67ee712f93 John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.