我想设置一个额外的 puppet master,但只有 1 个 puppet master 处理 CA 服务器。我已经按照此处的文档进行了设置:
http://docs.puppetlabs.com/guides/scaling_multiple_masters.html
我已经配置了我的第二个傀儡大师如下:
[main]
...
ca = false
ca_server = puppet-master1.test.net
我正在使用乘客,所以我有点困惑 virtual-host.conf 文件应该如何查找我的第二个 puppet-master2.test.net。这是我的(根据 Shane Maddens 的回答更新):
LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.18/ext/apache2/mod_passenger.so
PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.18
PassengerRuby /usr/bin/ruby
Listen 8140
<VirtualHost *:8140>
ProxyPassMatch ^/([^/]+/certificate.*)$ https://puppet-master1.test.net:8140/$1
SSLEngine on
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLCertificateFile /var/lib/puppet/ssl/certs/puppet-master2.test.net.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet-master2.test.net.pem
#SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
#SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
# If Apache complains about invalid signatures on the CRL, you can try disabling
# CRL checking by commenting the next line, but …