PuppetDB - HA

[Paul.S...@barcap.com]

Hello,

So in my company I have put in this fully load-balanced (behind F5) solution with multiple PM's/CA's/ENC and a single entry client entry point

no matter where the servers are located globally - puppet.<domain> and the F5 will point you as local as possible and the rest do their thing.

Now say we want to introduce PuppetDB into this scenario. Does anyone have any recommendations on how this can be done ?

Appreciate it.

Paul

[Deepak Giridharagopal]

Assuming that all your puppetmasters share the same CA cert, the
simplest solution would be to have all the puppetmasters configured to
point to the same PuppetDB daemon. Communication between puppetmasters
and PuppetDB is designed to work well over high-latency links. There
are users pointing US puppetmasters at a PuppetDB daemon in China, for
example, and that works perfectly fine. The protocol isn't
particularly chatty, and can tolerate a fair amount of latency.

If I'm correct in reading the description of your environment, while
you have multiple PM's and CA's, you've got a single ENC? PuppetDB
would be setup similarly to the ENC...centralized PuppetDB
infrastructure can handle your disparate PM's. Am I understanding the
topology of your setup correctly?

deepak

--
Deepak Giridharagopal / Puppet Labs / grim_radical @ #puppet