Project

General

Profile

Actions
Copy link

Feature #4345

open

Puppet CA proxy

Added by Ewoud Kohl van Wijngaarden almost 11 years ago. Updated over 9 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Difficulty:
Triaged:
Bugzilla link:
1233302
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

In my environment I have a single CA according to http://docs.puppetlabs.com/guides/scaling_multiple_masters.html#option-1-direct-agent-nodes-to-the-ca-master which foreman supports very well. Now I'm running into the problem that the clients are in subnets that are unable (and undesired) to connect to the central CA. I already set up a proxy according to http://docs.puppetlabs.com/guides/scaling_multiple_masters.html#option-2-proxy-certificate-traffic which works well manually. It would be useful if foreman supported this better.

Possible areas:
  • Installer should be able to set up the CA proxy in the vhost
  • Installer should be able to set up auth.conf
  • Foreman support so you can still use <%= @host.puppet_ca_server %>

Related issues 2 (1 open1 closed)

Related to Foreman - Feature #26164: Provide Puppet (CA) multi homingClosedEwoud Kohl van WijngaardenActions
Blocks Katello - Tracker #8172: Isolate Client Communication through a CapsuleNew

Actions
Actions
Copy link

Also available in: Atom PDF