Running multiple puppet masters behind nginx
Nicolas Szalay
I'm currently modifying my puppet setup to get it redundant.
I actually have a puppet master, running mongrel behind nginx. It's on a
single machine, with no backup (backup for the service, not the files).
The machine is called puppet.mydomain.com
I want to move it to 2 machines, running mongrel, behind 2 nginx in
failover with heartbeat.
Mongrel --|
Mongrel --|-- Nginx--|
Mongrel --| |
| |
NFS stuff |--Heartbeat IP
| |
Mongrel --| |
Mongrel --|-- Nginx--|
Mongrel --|
(hoping that your mail client does not break this magnificient piece of
ASCII art)
To achieve this I've setup a new machine, called "silicium" and then
mounted /var/lib/puppet via NFS. This dir is a copy of
the /var/lib/puppet from the original "puppet" machine. It has all the
SSL stuff to handle puppet.mydomain.com.
The problem is that I want "silicium.mydomain.com" to be able to handle
requests destinated to "puppet.mydomain.com". The SSL stuff is handled
by nginx so it should not be a problem, but it looks like it is. I think
it runs under its own FQDN, ignoring the "puppet.mydomain.com" pem
files. I tried adding certname=puppet.mydomain.com in the [puppetmaster]
section of puppet.conf but nothing changed.
Any clue ?
Thanks
Nico.