Puppet users - Dec 2012 - Module to add another puppetmaster?

I''m working on getting my system setup for rapid scaling. Without
resorting
to some ugly hacks what is the preferred method of adding more
puppetmasters? My puppetmasters sit behind a load balancer vip so the
certificate needs to be updated when I add a puppetmaster.

Does anyone have a module written for this already?

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

The fastest way to rapidly scale is to have SSL terminated at the load
balancer so you do not need to update the the ssl certificate. The
configuration to do it depends on what is being used for the load
balancer. If you are using an F5 LTM then you can easily handle the
SSL termination at the F5 and add new puppet servers to the pool with
the F5 module from puppetlabs.

If you are using Apache then you would follow the same principle with
the SSL terminated at the Apache load balancer. If you use
mod_passenger you are already terminating SSL at the Apache layer so
its not too different at that point.

On Thu, Dec 27, 2012 at 2:08 PM, Tom Fox <tomfox@gmail.com>
wrote:
> I''m working on getting my system setup for rapid scaling. Without
resorting
> to some ugly hacks what is the preferred method of adding more
> puppetmasters? My puppetmasters sit behind a load balancer vip so the
> certificate needs to be updated when I add a puppetmaster.
>
> Does anyone have a module written for this already?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Thanks. Good point about the cert. Unfortunately Netscalers are the 
standard in my environment and to the best of my knowledge there is no 
love from puppet for them so pool management will still require some key 
pressing.



Matthew Black wrote:
> The fastest way to rapidly scale is to have SSL terminated at the load
> balancer so you do not need to update the the ssl certificate. The
> configuration to do it depends on what is being used for the load
> balancer. If you are using an F5 LTM then you can easily handle the
> SSL termination at the F5 and add new puppet servers to the pool with
> the F5 module from puppetlabs.
>
> If you are using Apache then you would follow the same principle with
> the SSL terminated at the Apache load balancer. If you use
> mod_passenger you are already terminating SSL at the Apache layer so
> its not too different at that point.
>
> On Thu, Dec 27, 2012 at 2:08 PM, Tom Fox<tomfox@gmail.com>  wrote:
>> I''m working on getting my system setup for rapid scaling.
Without resorting
>> to some ugly hacks what is the preferred method of adding more
>> puppetmasters? My puppetmasters sit behind a load balancer vip so the
>> certificate needs to be updated when I add a puppetmaster.
>>
>> Does anyone have a module written for this already?
>>
>> --
>> You received this message because you are subscribed to the Google
Groups
>> "Puppet Users" group.
>> To post to this group, send email to puppet-users@googlegroups.com.
>> To unsubscribe from this group, send email to
>> puppet-users+unsubscribe@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/puppet-users?hl=en.
>
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Never used Netscalers but if its just as simple as adding a server to
a pool like on the F5 device its something that can be given to a NOC
or L2 resources to do.

On Thu, Dec 27, 2012 at 10:27 PM, Tom Fox <tomfox@gmail.com>
wrote:
> Thanks. Good point about the cert. Unfortunately Netscalers are the
standard
> in my environment and to the best of my knowledge there is no love from
> puppet for them so pool management will still require some key pressing.
>
>
>
>
> Matthew Black wrote:
>
> The fastest way to rapidly scale is to have SSL terminated at the load
> balancer so you do not need to update the the ssl certificate. The
> configuration to do it depends on what is being used for the load
> balancer. If you are using an F5 LTM then you can easily handle the
> SSL termination at the F5 and add new puppet servers to the pool with
> the F5 module from puppetlabs.
>
> If you are using Apache then you would follow the same principle with
> the SSL terminated at the Apache load balancer. If you use
> mod_passenger you are already terminating SSL at the Apache layer so
> its not too different at that point.
>
> On Thu, Dec 27, 2012 at 2:08 PM, Tom Fox <tomfox@gmail.com> wrote:
>
> I''m working on getting my system setup for rapid scaling. Without
resorting
> to some ugly hacks what is the preferred method of adding more
> puppetmasters? My puppetmasters sit behind a load balancer vip so the
> certificate needs to be updated when I add a puppetmaster.
>
> Does anyone have a module written for this already?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.