Ask Your Question
3

Binding agent to a specific IP address?

asked 2013-07-19 12:13:51 -0500

cmccluskey gravatar image

I know that bindaddress can be used to bind puppetmaster to a specific IP address?

We have servers that have multiple interfaces, and we wish to have puppet agent only try a specific list of interfaces or IPs. An acceptable solution is to create a unique puppet.conf file for each server (although listing by IP block -- ex: 192.168.0.0/16, 1.2.3.0/24 -- would be ideal), but I do not see the wiring to make this happen from a configuration point of view.

edit retag flag offensive close merge delete

Comments

You might want to add some detail on what you're trying to accomplish. You question as written is unclear. fwiw, under Linux all communication is going to default out ...(more)

ramindk gravatar imageramindk ( 2013-07-19 13:29:16 -0500 )edit

2 Answers

Sort by ยป oldest newest most voted
1

answered 2013-07-24 19:19:28 -0500

riffraff169 gravatar image

The outgoing traffic from a server will go through the interface that has the best route to the destination, preferring more specific routes to more general. There really isn't a reason to sending traffic out an interface other than the one that has the best route. If you wanted to do something like that, you would have to employ something like source routing, which is tricky to do.

Generally if you want it to go out a specific interface, you have a route to the destination on that interface (and a valid path to the destination through that interface ... (more)

edit flag offensive delete link more
0

answered 2013-08-13 14:43:36 -0500

banjer gravatar image

updated 2013-08-13 14:45:05 -0500

The bindaddress option in puppet.conf totally works for me on the agents. This works for a single IP; I'm not sure if its possible to specify multiple interfaces to bind to.

# /etc/puppet/puppet.conf
[main]
    # bind to primary IP
    bindaddress = 192.168.10.20

...snip...

You can confirm that its listening on that particular IP with netstat. e.g.:

Before specifying bind address (the default of listening on all interfaces - 0.0.0.0):

$ sudo netstat -tulpn | grep 8139
tcp        0      0 0.0.0.0:8139                0.0.0.0:*             LISTEN      2635/ruby

After adding bindaddress ... (more)

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2013-07-19 12:13:51 -0500

Seen: 1,706 times

Last updated: Aug 13 '13