Can I share certificates between multiple Puppetmasters to achieve High Availibility in AWS?
I currently have my puppetmaster (v4.4.1) running on an AWS EC2 instance. At the moment I only have 3 agents connected to my puppetmaster, but in future this could increase to 100+ agents. This could be quite a big load on a single Puppetmaster, which effectively would become a single point of failure. That's why I was wondering if it would be possible to create 2 puppetmasters that sits behind an AWS ELB. I will have autosigning enabled on both puppetmasters. I was thinking of sharing+syncing the certificates between the puppetmasters by mounting the (puppet config print ssldir) folder using:
This approach would mean that all certicates are stored in S3.
Does anyone have any ideas whether this approach would work?
Here's some useful links: