...
Hiera decides which machine should serve as the puppetca trough the key "profile::puppet::caserver".
Backups
As we are only having a single puppetca machine, it is important to take backup of its files. Specifically we want to backup the certificate directories so that we have everything we need if we should install a new puppetca.
The active puppetca is equipped with a cronjob which copies its "/etc/puppetlabs/puppet/ssl/ca" directory to all the other puppetmasters in the folder "/var/opt/puppet/hostname/ca".
| Status | ||||
|---|---|---|---|---|
|
Installing a new puppetca
...