Running root and non-root instance of Puppet agent with different masters on the same node

asked 2016-01-08 03:46:40 -0500

Hi, folks,

Our organization is working on implementing Puppet Enterprise. We would like to have both our infrastructure teams and application teams make use of Puppet to manage their configurations, but we would prefer that each team have a separate Puppet master server, and that the application team's Puppet agents are executed under a non-privileged user on the nodes.

My idea to implement this was to have the PE agent installed as normal and running as a service under the root user, pointing to the infrastructure team's Puppet master server, and then allow the application team to set up a cron job or perform manual Puppet runs using the same agent executable under their own nonprivileged user account, which would have its own Puppet configuration under its home directory that points to a different master server.

  • Would this setup work with Puppet Enterprise?

  • Would there be any licensing implications for using this setup? Would we need a second node license for each of our servers?

  • Would this setup introduce any limitations to the PE service running under the root user?

  • Has anyone ever done this setup before? If so, did you encounter any issues?


Denny K

edit retag flag offensive close merge delete