Hello guys, so puppet community I seek some guidance. I am rebuilding our company Puppet 3 AWS infrastructure from scratch. Right now the design is to have a multiple availability ELB balancer and behind 2-4 puppet masters, so in case one AZ fails we still have a running puppet environment and also at the same time we can distribute the load. For module/environment synchronization we are using r10 + mcollective + post-commit git hooks, however we have one main issue and that is how to properly share the /var/lib/puppet/ssl folder. The thing is with Amazon ELB you have limited control over the load balance policy, so we need to make sure that SSL certs are in sync all the time. We tried with yas3fs, but we abandoned that solution because was just not reliable enough. Also we considered GlusterFS, but again on some other projects the experience wasn't great. So my question is how you guys manage that ? I know we could run an external PuppetCA, however we would still need to share the SSL certs and for as is really important that we have the HA between different zones. So any experience to share ? regards, Dejan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/efbc0980-c0a0-44e4-a1eb-ac0743a2b5b5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.