Setup

The Puppet Module in Sovlabs is split into two parts:

  • Puppet Master Configuration
  • Puppet Agent Configuration

Puppet Configuration High Level

The Puppet Master Configuration and its associated workflow in VRO is responsible for configuring details of the provisioned nodes in the Puppet Master. The key function of this workflow is the configuration of puppet groups (or roles) for the nodes being provisioned.

The Puppet Agent Configuration and its workflow is responsible the initial configuration of the puppet agent on the provisioned node.

Once the configurations have been created corresponding vRA Property Groups are created named: SovLabs_PuppetMaster_* and SovLabs_PuppetAgent_*. To configure the VM’s blueprint a matching pair of a Master and Agent configuration property group should be attached to the VM in the blueprint designer.


Add Puppet Master Configuration

  1. Login to vRA tenant
  2. Click on the Catalog tab
  3. Request the Add Puppet Master Configuration vRA Catalog Item
  4. Fill out the form accordingly (see below) and Submit
Add Puppet Master Configuration
Add Puppet Master Configuration

FieldValue
General
Configuration label

No spaces, periods, nor special characters except underscore (_) and dash (-)

Unique label that does NOT contain {tenantName}_

Puppet Master version

Select the Puppet Master version

Puppet Master Connection Configuration
Puppet Master OS family

Currently, only allows for unix

Puppet pe-puppetserver port

Defaults to 8140

Port the pe-puppetserver listens on

Puppet Master connection method

Select the connection method to connect to the Puppet Master server

Puppet Master hostname

Shown when 'Puppet Master connection method' is ssh

Hostname of Puppet Master server in FQDN format

Puppet Master vCenter Endpoint

Shown when 'Puppet Master connection method' is vmware-tools

Select an existing SovLabs vCenter Endpoint where the Puppet Master VM resides in

Puppet Master VM name as it appears in vCenter

Shown when 'Puppet Master connection method' is vmware-tools

Type in the VM name of the Puppet Master server as it appears in vCenter

*VM name is case sensitive!

Directory for temporary Puppet Master scripts

Directory to put temporary scripts on the Puppet Master

Create credential?

Check the checkbox to create a new credential.

Uncheck the checkbox to use an existing credential.

Credential

Shown when 'Create credential?' is not checked

Select the appropriate credential from an existing list of credentials

Credential Configuration label

Shown when 'Create credential?' is checked

No spaces, periods, nor special characters except underscore (_) and dash (-)

Unique label that does NOT contain {tenantName}_

SSH Key used?

Shown when Create credential?' is checked and 'Connection method' is SSH based

Check the checkbox to use an SSH Key

Username

Shown when 'Create credential?' is checked

Username that has necessary permissions

Password

Shown when 'Create credential?' is checked and SSH Key used? is not checked

User's password

SSH Key

Shown when 'Create credential?' is checked and SSH Key used? is checked

SSH Key

SSH Key Password

Shown when 'Create credential?' is checked and SSH Key used? is checked

SSH Key password, if any

Console Configuration
Console OS family

Currently, only allows for unix

Console port

Defaults to 4433

Port the Puppet Console listens on

Console connection method

Select the connection method to connect to the Puppet Console server

Console hostname

Shown when 'Console connection method' is ssh

Puppet Console server in FQDN format

Console vCenter Endpoint

Shown when 'Console connection method' is vmware-tools

Select an existing SovLabs vCenter Endpoint where the Puppet Console VM resides in

Console VM name as it appears in vCenter

Shown when 'Console connection method' is vmware-tools

Type in the VM name of the Puppet Console server as it appears in vCenter

*VM name is case sensitive!

Directory for temporary Console scripts

Directory to put temporary scripts on the Puppet Console

Console Create credential?

Check the checkbox to create a new Console credential.

Uncheck the checkbox to use an existing Console credential.

Console Credential

Shown when 'Create credential?' is not checked

Select the appropriate Console credential from an existing list of credentials

Console Credential Configuration label

Shown when 'Create credential?' is checked

No spaces, periods, nor special characters except underscore (_) and dash (-)

Unique label that does NOT contain {tenantName}_

Console SSH Key used?

Shown when Create credential?' is checked and 'Connection method' is SSH based

Check the checkbox to use an SSH Key

Console Username

Shown when 'Create credential?' is checked

Username that has necessary permissions

Console Password

Shown when 'Create credential?' is checked and SSH Key used? is not checked

User's password

Console SSH Key

Shown when 'Create credential?' is checked and SSH Key used? is checked

Console SSH Key

Console SSH Key Password

Shown when 'Create credential?' is checked and SSH Key used? is checked

SSH Key password, if any

Compile Masters
Use separate Compile Masters?

Check the checkbox to define Compile Masters

Compile Masters OS family

Shown when 'Use separate Compile Masters?' is checked

Currently, only allows for unix

Compile Masters connection method

Shown when 'Use separate Compile Masters?' is checked

Select the connection method to connect to the Compile Masters server

Compile Masters hostnames

Shown when 'Use separate Compile Masters?' is checked and 'Compile Masters connection method' is ssh

Compile Masters server(s) in FQDN format

Compile Masters vCenter Endpoint

Shown when 'Use separate Compile Masters?' is checked and 'Compile Masters connection method' is vmware-tools

Select an existing SovLabs vCenter Endpoint where the Compile Masters VMs reside in

Compile Masters VM names as they appears in vCenter

Shown when 'Use separate Compile Masters?' is checked and 'Compile Masters connection method' is vmware-tools

Type in the VM names of the Compile Masters servers as they appears in vCenter

*VM name is case sensitive!

Directory for temporary Compile Masters scripts

Shown when 'Use separate Compile Masters?' is checked

Directory to put temporary scripts on the Compile Masters

Compile Masters Create credential?

Check the checkbox to create a new Compile Masters credential.

Uncheck the checkbox to use an existing Compile Masters credential.

Compile Masters Credential

Shown when 'Create credential?' is not checked

Select the appropriate Compile Masters credential from an existing list of credentials

Compile Masters Credential Configuration label

Shown when 'Create credential?' is checked

No spaces, periods, nor special characters except underscore (_) and dash (-)

Unique label that does NOT contain {tenantName}_

Compile Masters SSH Key used?

Shown when Create credential?' is checked and 'Connection method' is SSH based

Check the checkbox to use an SSH Key

Compile Masters Username

Shown when 'Create credential?' is checked

Username that has necessary permissions

Compile Masters Password

Shown when 'Create credential?' is checked and SSH Key used? is not checked

User's password

Compile Masters SSH Key

Shown when 'Create credential?' is checked and SSH Key used? is checked

Compile Masters SSH Key

Compile Masters SSH Key Password

Shown when 'Create credential?' is checked and SSH Key used? is checked

SSH Key password, if any

Database Configuration
Use separate Database?

Check the checkbox to define Database

Database OS family

Shown when 'Use separate Database?' is checked

Currently, only allows for unix

Database connection method

Shown when 'Use separate Database?' is checked

Select the connection method to connect to the Puppet Database server

Database hostname

Shown when 'Use separate Database?' is checked and 'Database connection method' is ssh

Puppet Database server in FQDN format

Database vCenter Endpoint

Shown when 'Use separate Database?' is checked and 'Database connection method' is vmware-tools

Select an existing SovLabs vCenter Endpoint where the Puppet Database VM resides in

Database VM name as it appears in vCenter

Shown when 'Use separate Database?' is checked and 'Database connection method' is vmware-tools

Type in the VM name of the Puppet Database server as it appears in vCenter

*VM name is case sensitive!

Directory for temporary Database scripts

Shown when 'Use separate Database?' is checked

Directory to put temporary scripts on the Puppet Database

Database Create credential?

Check the checkbox to create a new Database credential.

Uncheck the checkbox to use an existing Database credential.

Database Credential

Shown when 'Create credential?' is not checked

Select the appropriate Database credential from an existing list of credentials

Database Credential Configuration label

Shown when 'Create credential?' is checked

No spaces, periods, nor special characters except underscore (_) and dash (-)

Unique label that does NOT contain {tenantName}_

Database SSH Key used?

Shown when Create credential?' is checked and 'Connection method' is SSH based

Check the checkbox to use an SSH Key

Database Username

Shown when 'Create credential?' is checked

Username that has necessary permissions

Database Password

Shown when 'Create credential?' is checked and SSH Key used? is not checked

User's password

Database SSH Key

Shown when 'Create credential?' is checked and SSH Key used? is checked

Database SSH Key

Database SSH Key Password

Shown when 'Create credential?' is checked and SSH Key used? is checked

SSH Key password, if any

Group Configuration
Parent Group

Any existing group in the Puppet console that will be the parent for all newly created node groups to be created under

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Parent Group Environment

The parent group environment

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Group name template

Template for the group name

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Click for
FieldValue
Certificate PEM files
API Certificate

Normally found on the Puppet Master and is the Service Account Certificate /etc/puppetlabs/puppet/ssl/certs/CERTNAME

Puppet API Certificate PEM file

API RSA Private Key

Normally found on the Puppet Master and is the Service Account Private /etc/puppetlabs/puppet/ssl/private_keys/CERTNAME

Puppet API RSA Private Key PEM file

API CA Certificate

Normally found on the Puppet Master and is the CA Certificate /etc/puppetlabs/puppet/ssl/ca/ca_crt

CA Certification

Certificate Authority
Is auto-sign enabled in Puppet?

If checked, skips signing the certificate

Select if auto-sign is enabled in Puppet

Certificate Authority hostname

Puppet Certificate Authority Hostname (FQDN)

Certificate Authority port

Defaults to 8140

Port the Puppet Certificate Authority listens on

Click for
FieldValue
Hiera Configuration
Create hiera node data?

Check the checkbox to create hiera node data

Hiera on Puppet Master server?

Shown when 'Create hiera node data?' is checked

Check the checkbox if the hiera server is not on the Puppet master server

Hiera OS family

Shown when 'Hiera on Puppet Master server?' is not checked

Select Hiera OS type

Hiera connection method

Shown when 'Hiera on Puppet Master server?' is not checked

Select the connection method to connect to the hiera server

Hiera hostname

Shown when 'Hiera connection method' is ssh

Hiera hostname in FQDN format

Hiera vCenter Endpoint

Shown when 'Hiera connection method' is vmware-tools

Select an existing SovLabs vCenter Endpoint where the Hiera server VM resides in

Hiera VM name as it appears in vCenter

Shown when 'Hiera connection method' is vmware-tools

Type in the VM name of the Hiera server as it appears in vCenter

*VM name is case sensitive!

Directory for temporary Hiera scripts

Directory to put temporary scripts on the Hiera server

Hiera Create credential?

Check the checkbox to create a new Hiera credential.

Uncheck the checkbox to use an existing Hiera credential.

Hiera Credential

Shown when 'Create credential?' is not checked

Select the appropriate Hiera credential from an existing list of credentials

Hiera Credential Configuration label

Shown when 'Create credential?' is checked

No spaces, periods, nor special characters except underscore (_) and dash (-)

Unique label that does NOT contain {tenantName}_

Hiera SSH Key used?

Shown when Create credential?' is checked and 'Connection method' is SSH based

Check the checkbox to use an SSH Key

Hiera Username

Shown when 'Create credential?' is checked

Username that has necessary permissions

Hiera Password

Shown when 'Create credential?' is checked and SSH Key used? is not checked

User's password

Hiera SSH Key

Shown when 'Create credential?' is checked and SSH Key used? is checked

Hiera SSH Key

Hiera SSH Key Password

Shown when 'Create credential?' is checked and SSH Key used? is checked

SSH Key password, if any

Hiera Node Data Configuration

Shown when 'Create Hiera node data?' is checked

Hiera node data format

Hiera node data format

Hiera node data filename

Filename for hiera node data

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Hiera node data template

Hiera data template

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Hiera eyaml Public Key

Shown when 'Hiera node data format' is eyaml

Hiera eyaml public key

Click for
FieldValue
Hiera Pre-Create Script
Hiera pre-create script

Script to execute prior to creating the hiera node data

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Hiera pre-create script arguments

Script arguments, if any

Hiera pre-create script interpreter

Script interpreter, e.g. /bin/bash

Compile Masters Hiera pre-create script

Shown when 'Use separate Compile Masters?' is checked

Script to execute prior to creating the hiera node data on the Compile Masters

Compile Masters Hiera pre-create script arguments

Shown when 'Use separate Compile Masters?' is checked

Script arguments, if any

Compile Masters Hiera pre-create script interpreter

Shown when 'Use separate Compile Masters?' is checked

Script interpreter, e.g. /bin/bash

Hiera Post-Create Script
Hiera post-create script

Script to execute after creating the hiera node data

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Hiera post-create script arguments

Script arguments, if any

Hiera post-create script interpreter

Script interpreter, e.g. /bin/bash

Compile Masters Hiera post-create script

Shown when 'Use separate Compile Masters?' is checked

Script to execute after creating the hiera node data on the Compile Masters

Compile Masters Hiera post-create script arguments

Shown when 'Use separate Compile Masters?' is checked

Script arguments, if any

Compile Masters Hiera post-create script interpreter

Shown when 'Use separate Compile Masters?' is checked

Script interpreter, e.g. /bin/bash

Hiera Pre-Delete Script
Hiera pre-delete script

Script to execute prior to deleting the hiera node data

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Hiera pre-delete script arguments

Script arguments, if any

Hiera pre-delete script interpreter

Script interpreter, e.g. /bin/bash

Compile Masters Hiera pre-delete script

Shown when 'Use separate Compile Masters?' is checked

Script to execute prior to deleting the hiera node data on the Compile Masters

Compile Masters Hiera pre-delete script arguments

Shown when 'Use separate Compile Masters?' is checked

Script arguments, if any

Compile Masters Hiera pre-delete script interpreter

Shown when 'Use separate Compile Masters?' is checked

Script interpreter, e.g. /bin/bash

Hiera Post-Delete Script
Hiera post-delete script

Script to execute after deleting the hiera node data

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Hiera post-delete script arguments

Script arguments, if any

Hiera post-delete script interpreter

Script interpreter, e.g. /bin/bash

Compile Masters Hiera post-delete script

Shown when 'Use separate Compile Masters?' is checked

Script to execute after deleting the hiera node data on the Compile Masters

Compile Masters Hiera post-delete script arguments

Shown when 'Use separate Compile Masters?' is checked

Script arguments, if any

Compile Masters Hiera post-delete script interpreter

Shown when 'Use separate Compile Masters?' is checked

Script interpreter, e.g. /bin/bash

Click for
FieldValue
Purge Node Script
Purge node script

Script purge the node

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Purge node script arguments

Script arguments, if any

Purge node script interpreter

Script interpreter, e.g. /bin/bash

Compile Masters

Shown when 'Use separate Compile Masters?' is checked

Compile Masters Purge node script

Shown when 'Use separate Compile Masters?' is checked

Script purge the node

Compile Masters Hiera Purge node script arguments

Shown when 'Use separate Compile Masters?' is checked

Script arguments, if any

Compile Masters Hiera Purge node script interpreter

Shown when 'Use separate Compile Masters?' is checked

Script interpreter, e.g. /bin/bash

Console
Purge node console script

Script purge the node

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Purge node console script arguments

Script arguments, if any

Purge node console script interpreter

Script interpreter, e.g. /bin/bash

Database

Shown when 'Use separate database?' is checked

Purge node database script

Script purge the node

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Purge node database script arguments

Script arguments, if any

Purge node database script interpreter

Script interpreter, e.g. /bin/bash


Add Puppet Agent Configuration

  1. Login to vRA tenant
  2. Click on the Catalog tab
  3. Request the Add Puppet Agent Configuration vRA Catalog Item
  4. Fill out the form accordingly (see below) and Submit
Add Puppet Agent Configuration
Add Puppet Agent Configuration

FieldValue
General
Configuration label

No spaces, periods, nor special characters except underscore (_) and dash (-)

Unique label that does NOT contain {tenantName}_

Puppet version

Select the Puppet Agent version

Environment

Provisioned node environment

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
OS Family for provisioned nodes

Choose whether the provisioned nodes are unix or windows

Directory for temporary scripts

Directory to put temporary scripts on the provisioned node

puppet.conf configuration
puppet.conf file content

If not defined, the puppet.conf will not be updated on the provisioned node

File content of puppet.conf

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
puppet.conf filename

Filename of puppet.conf

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Connection configuration
Credential connection method

Select the connection method to connect to the provisioned node

vCenter Endpoint

Shown when 'Credential connection method' is vmware-tools

Select an existing SovLabs vCenter Endpoint where the provisioned node's VM will resides in

Create credential?

Check the checkbox to create a new credential.

Uncheck the checkbox to use an existing credential.

Credential

Shown when 'Create credential?' is not checked

Select the appropriate credential from an existing list of credentials

Credential Configuration label

Shown when 'Create credential?' is checked

No spaces, periods, nor special characters except underscore (_) and dash (-)

Unique label that does NOT contain {tenantName}_

SSH Key used?

Shown when Create credential?' is checked and 'Connection method' is SSH based

Check the checkbox to use an SSH Key

Username

Shown when 'Create credential?' is checked

Username that has necessary permissions

Password

Shown when 'Create credential?' is checked and SSH Key used? is not checked

User's password

SSH Key

Shown when 'Create credential?' is checked and SSH Key used? is checked

SSH Key

SSH Key Password

Shown when 'Create credential?' is checked and SSH Key used? is checked

SSH Key password, if any

Click for
FieldValue
Facter Files
Facter facts template

Warning! Facter facts file contents does not support encryption

Template of the facter facts

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Facter facts format

Format for the Facter facts file

Facter facts filename

Filename (with path) for Facter facts

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Classes
Classes

Add existing classes in Puppet Console for provisioned node to join

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Groups
Groups

Add existing groups in Puppet Console for provisioned node to join

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Click for
FieldValue
Installer File(s)
Source Installer file

Define source installer file (for Windows Puppet Agent)

Destination Installer file

Define destination installer file (for Windows Puppet Agent)

Install Puppet on a Node Script
Install script

If left blank, expects Puppet to already installed

Script to install Puppet on a provisioned node

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Install script arguments

Script arguments, if any

Install script interpreter

Script interpreter, e.g. /bin/bash

Click for
FieldValue
Max retry attempt to Run Puppet

Maximum number of attempts to retry Run Puppet

Ignore final Run Puppet errors?

Useful in initial development of new Puppet content

If true, any errors found on the final Puppet run will be ignored and install will be allowed to continue

Run Puppet Script
Run Puppet script

Script to run Puppet on a provisioned node

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Run Puppet script arguments

Script arguments, if any

Run Puppet script interpreter

For Windows, only powershell and bat are valid interpreters

Script interpreter, e.g. /bin/bash

Run Puppet Script Validation
Run Puppet script success exit codes

List multiple exit codes comma separated

Success exit code(s)

Run Puppet script arguments

Overrides defined exit codes, if any

Match the regular expression(s) to the output to determine success

Run Puppet Script Validation prior to Certificate being Signed
Pre-certificate success exit codes

List multiple exit codes comma separated

Success exit code(s)

Pre-certificate success exit RegExp

Overrides defined exit codes, if any

Match the regular expression(s) to the output to determine success

Final Run Puppet Script Validation
Final Puppet Run script success exit codes

List multiple exit codes comma separated

Success exit code(s)

Final Puppet Run script success exit RegExp

Overrides defined exit codes, if any

Match the regular expression(s) to the output to determine success

Click for
FieldValue
Post Script

Script to execute after final Puppet run on a provisioned node

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Post script arguments

Script arguments, if any

Post script interpreter

For Windows, only powershell and bat are valid interpreters

Script interpreter, e.g. /bin/bash

Post Script Validation
Post script success exit codes

List multiple exit codes comma separated

Success exit code(s)

Post script arguments

Overrides defined exit codes, if any

Match the regular expression(s) to the output to determine success

Click for
FieldValue
Pre-Puppet Remove script

Script to run prior to removing Puppet from node during deprovisioning

This field is templatable. Click the link below to view documentation on the SovLabs Template Engine

SovLabs Template Engine page
Pre-Puppet Remove script arguments

Script arguments, if any

Pre-Puppet Remove script interpreter

For Windows, only powershell and bat are valid interpreters

Script interpreter, e.g. /bin/bash