The Integration Guide and responses in various threads emphasize the importance of only making a single request for a certificate and then using local mechanisms to replicate the certificate and private key to all the servers that need it in a particular site.
For most admins it is probably not hard to write a custom script using scp or rsync to do that.
Some people have also mentioned using puppet, ansible, cfengine or other frameworks for this purpose.
Has anybody developed or seen any generic and lightweight scripts or tools that serve this purpose without all the extra features of a framework like puppet?
Looking around online, one thing that comes up is a plugin for Kubernetes users to request and cache the certificates for containers. Has anybody developed something similar but more generic, not specific to Kubernetes, suitable for both containers and any other arbitrary (*nix) servers in an organization?