Ask Your Question
1

Puppet Enterprise, agent nodes on different domains

asked 2013-09-19 12:07:49 -0500

sectornitad gravatar image

Hi -

I don't really understand how PE treats domains.

I have a bunch of nodes on AWS all with one domain (myawsdomain.com). I also have another bunch of nodes elsewhere under a different domain (myotherdomain.com).

Can I use one PE master to manage them? They are all part of my enterprise, just with different domains. Also, could I just use IPs instead of resolvable DNS fqdns?

thanks

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
1

answered 2013-09-19 13:58:04 -0500

Ancillas gravatar image

Puppet uses SSL certificates for security. When a node requests a cert from the master, by default, the FQDN is used. Supporting multiple domains should be no problem because each node will get a unique cert.

You can specify what is used for the certificate name in the puppet.conf file, so if you don't want to use the FQDN, you could use something else as long as it's unique from other nodes.

edit flag offensive delete link more

Comments

Great answer, thanks a lot. I take it the SSL certs are self signed, not needing to be from an authority ?

sectornitad gravatar imagesectornitad ( 2013-09-19 14:59:21 -0500 )edit
2

The certs are signed by the puppet ca, which is usually the same machine as the master. They aren't self-signed, but they aren't signed by a recognized internet ...(more)

lavaman gravatar imagelavaman ( 2013-09-19 15:08:22 -0500 )edit
1

As lavaman said, the Puppet Master is typically the authority. When the master is installed, it generates a CA cert/key that are used to generate certs for the client nodes.

Ancillas gravatar imageAncillas ( 2013-09-19 15:29:48 -0500 )edit
0

answered 2014-11-24 04:35:31 -0500

Thanks for sharing the informative answer

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2013-09-19 12:07:49 -0500

Seen: 453 times

Last updated: Sep 19 '13