How to set puppetserver to listen on two IPs?
173 views
Skip to first unread message
Jakov Sosic
Jun 20, 2018, 8:54:20 AM6/20/18
to Puppet Users
Hi guys,
[root@host ~]# cat /etc/puppetlabs/puppetserver/conf.d/webserver.conf
webserver: {
access-log-config: /etc/puppetlabs/puppetserver/request-logging.xml
client-auth: want
ssl-host: 0.0.0.0
ssl-port: 8140
}
I wonder if it's possible, and if yes, how, to set ssl-host to two IP addreses / interfaces?
I don't want puppet to listen on 0.0.0.0, cause I have 3 interfaces.
Thanks,
Jakov
[root@host ~]# cat /etc/puppetlabs/puppetserver/conf.d/webserver.conf
webserver: {
access-log-config: /etc/puppetlabs/puppetserver/request-logging.xml
client-auth: want
ssl-host: 0.0.0.0
ssl-port: 8140
}
I wonder if it's possible, and if yes, how, to set ssl-host to two IP addreses / interfaces?
I don't want puppet to listen on 0.0.0.0, cause I have 3 interfaces.
Thanks,
Jakov
jcbollinger
Jun 21, 2018, 8:53:39 AM6/21/18
to Puppet Users
To the best of my knowledge, your options are
- bind to all of the machine's addresses
- bind to one specific address
- run multiple puppetserver instances
John
Ramin K
Jun 21, 2018, 3:55:43 PM6/21/18
to puppet...@googlegroups.com
On 6/21/18 5:53 AM, jcbollinger wrote:
> On Wednesday, June 20, 2018 at 7:54:20 AM UTC-5, Jakov Sosic wrote:
>
> Hi guys,
>
> [root@host ~]# cat /etc/puppetlabs/puppetserver/conf.d/webserver.conf
> webserver: {
> access-log-config: /etc/puppetlabs/puppetserver/request-logging.xml
> client-auth: want
> ssl-host: 0.0.0.0
> ssl-port: 8140
> }
>
> I wonder if it's possible, and if yes, how, to set ssl-host to two
> IP addreses / interfaces?
>
> I don't want puppet to listen on 0.0.0.0, cause I have 3 interfaces.
>
>
> To the best of my knowledge, your options are
>
> * bind to /all/ of the machine's addresses
> On Wednesday, June 20, 2018 at 7:54:20 AM UTC-5, Jakov Sosic wrote:
>
> Hi guys,
>
> [root@host ~]# cat /etc/puppetlabs/puppetserver/conf.d/webserver.conf
> webserver: {
> access-log-config: /etc/puppetlabs/puppetserver/request-logging.xml
> client-auth: want
> ssl-host: 0.0.0.0
> ssl-port: 8140
> }
>
> I wonder if it's possible, and if yes, how, to set ssl-host to two
> IP addreses / interfaces?
>
> I don't want puppet to listen on 0.0.0.0, cause I have 3 interfaces.
>
>
> To the best of my knowledge, your options are
>
> * bind to one specific address
> * run multiple puppetserver instances
>
> If you want to exclude one interface out of several then perhaps it
> would be easier to handle that at a different level. For example, let
> puppetserver bind to all addresses, but use your firewall to block
> service at those addresses where you don't want to receive catalog requests.
>
> John
I had a slightly different use case, but ended up putting Apache in
> If you want to exclude one interface out of several then perhaps it
> would be easier to handle that at a different level. For example, let
> puppetserver bind to all addresses, but use your firewall to block
> service at those addresses where you don't want to receive catalog requests.
>
> John
front of Puppetserver to get the same behavior.
https://puppet.com/docs/puppetserver/5.3/external_ssl_termination.html
Ramin
Reply all
Reply to author
Forward
0 new messages