Hey, my puppet works great now. Plans are going in know. My FW admin said, he dont wan´t s the servants polling from inside DMZ to the Master. What´s the strategy then? Use kick, is this one connection doing all, or just wake up agent and he creates own new connection? Regards Peter -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/hInSo6kbASMJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Jakov Sosic
2012-Oct-13 17:39 UTC
Re: [Puppet Users] Puppet master and Servants inside DMZ
On 10/09/2012 06:10 PM, Peter Spatz wrote:> Hey, > > my puppet works great now. Plans are going in know. > > My FW admin said, he dont wan´t s the servants polling from inside DMZ > to the Master. > What´s the strategy then? Use kick, is this one connection doing all, or > just wake up agent and he creates own new connection?There were few threads about similar issues - basically you have two choices: run masterless setup for the nodes in DMZ, or keep separate puppetmaster in DMZ, only for those hosts. ''Kick'' is deprecated in 3.0, and users are advised to look at Mcollective for that use-case. And yes, ''kick'' only wakes agent up, so that solution requires access from DMZ to puppetmaster too. -- Jakov Sosic www.srce.unizg.hr -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.