Setup
Using VMware Tools
The Service Account being used for the vCenter endpoint needs to be a member of the SystemConfiguration.Administrators group in vCenter (Administration > Single Sign-On > Users and Groups).
VMware Cloud on AWS
Enable connectivity for VM tools for VMware Cloud on AWS and VM tools support
- Establish a VPN between the MGW (Management Network) and CGW (Customer Network)
- Open port 443 from the firewall
This allows Guest Operations API
Add SovLabs vCenter Endpoint
- Login to vRA tenant
- Click on the Catalog tab
- Request the Add SovLabs vCenter Endpoint vRA Catalog Item
- Fill out the form accordingly (see below) and Submit
Add SovLabs vCenter Endpoint
| Field | Value |
|---|---|
| Configuration label |
No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
| Version |
Choose the appropriate vCenter version |
| Platform Service Controller (FQDN) |
Shown when 'Version' is 6+ Type in the PSC FQDN |
| Is the PSC embedded on the vCenter server? |
Shown when 'Version' is 6+ Select if the PSC embedded on the vCenter server |
| vCenter hostname (FQDN) |
Text input if 'Version' is less than 6. Auto-generated list in dropdown if 'Version' 6+ Type in or select the appropriate vCenter server FQDN |
| Credential Configuration for vCenter Endpoint | |
| Create credential? |
Check the checkbox to create a new credential. |
| Credential |
Shown when 'Create credential?' is not checked Select the appropriate credential from an existing list of credentials |
| Credential Configuration label |
Shown when 'Create credential?' is checked No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
| Username |
Shown when 'Create credential?' is checked Username that has necessary permissions |
| Password |
Shown when 'Create credential?' is checked User's password |
Add Foreman Master Configuration
- Login to vRA tenant
- Click on the Catalog tab
- Request the Add Foreman Master Configuration vRA Catalog Item
- Fill out the form accordingly (see below) and Submit
Add Foreman Master Configuration
A Foreman Master Configuration is a target Foreman Master
| Field | Value |
|---|---|
| General | |
| Configuration label |
No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
| Puppet Open Source with Foreman version |
Select the Puppet Open Source with Foreman version |
| Foreman Configuration | |
| Use Foreman classifier? |
Select to define a separate Foreman server (if not on the Puppet Master) |
| Foreman Hostname |
Shown when 'Use Foreman classifier?' is checked Foreman hostname in FQDN format |
| Foreman Port |
Shown when 'Use Foreman classifier?' is checked Port for Foreman, defaults to 443 |
| Create credential? |
Check the checkbox to create a new credential. |
| Credential |
Shown when 'Create credential?' is not checked Select the appropriate credential from an existing list of credentials |
| Credential Configuration label |
Shown when 'Create credential?' is checked No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
| Username |
Shown when 'Create credential?' is checked Username that has necessary permissions |
| Password |
Shown when 'Create credential?' is checked User's password |
| Puppet Master Connection Configuration | |
| Puppet Master OS family |
Currently, only allows for |
| Puppet pe-puppetserver port |
Defaults to 8140 Port the pe-puppetserver listens on |
| Puppet Master connection method |
Select the connection method to connect to the Puppet Master server |
| Puppet Master hostname |
Shown when 'Puppet Master connection method' is Hostname of Puppet Master server in FQDN format |
| Puppet Master vCenter Endpoint |
Shown when 'Puppet Master connection method' is Select an existing SovLabs vCenter Endpoint where the Puppet Master VM resides in |
| Puppet Master VM name as it appears in vCenter |
Shown when 'Puppet Master connection method' is Type in the VM name of the Puppet Master server as it appears in vCenter *VM name is case sensitive! |
| Directory for temporary Puppet Master scripts |
Directory to put temporary scripts on the Puppet Master |
| Create credential? |
Check the checkbox to create a new credential. |
| Credential |
Shown when 'Create credential?' is not checked Select the appropriate credential from an existing list of credentials |
| Credential Configuration label |
Shown when 'Create credential?' is checked No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
| SSH Key used? |
Shown when Create credential?' is checked and 'Connection method' is Check the checkbox to use an SSH Key |
| Username |
Shown when 'Create credential?' is checked Username that has necessary permissions |
| Password |
Shown when 'Create credential?' is checked and SSH Key used? is not checked User's password |
| SSH Key |
Shown when 'Create credential?' is checked and SSH Key used? is checked SSH Key |
| SSH Key Password |
Shown when 'Create credential?' is checked and SSH Key used? is checked SSH Key password, if any |
| Compile Masters | |
| Use separate Compile Masters? |
Check the checkbox to define Compile Masters |
| Compile Masters OS family |
Shown when 'Use separate Compile Masters?' is checked Currently, only allows for |
| Compile Masters connection method |
Shown when 'Use separate Compile Masters?' is checked Select the connection method to connect to the Compile Masters server |
| Compile Masters hostnames |
Shown when 'Use separate Compile Masters?' is checked and 'Compile Masters connection method' is Compile Masters server(s) in FQDN format |
| Compile Masters vCenter Endpoint |
Shown when 'Use separate Compile Masters?' is checked and 'Compile Masters connection method' is Select an existing SovLabs vCenter Endpoint where the Compile Masters VMs reside in |
| Compile Masters VM names as they appears in vCenter |
Shown when 'Use separate Compile Masters?' is checked and 'Compile Masters connection method' is Type in the VM names of the Compile Masters servers as they appears in vCenter *VM name is case sensitive! |
| Directory for temporary Compile Masters scripts |
Shown when 'Use separate Compile Masters?' is checked Directory to put temporary scripts on the Compile Masters |
| Compile Masters Create credential? |
Check the checkbox to create a new Compile Masters credential. |
| Compile Masters Credential |
Shown when 'Create credential?' is not checked Select the appropriate Compile Masters credential from an existing list of credentials |
| Compile Masters Credential Configuration label |
Shown when 'Create credential?' is checked No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
| Compile Masters SSH Key used? |
Shown when Create credential?' is checked and 'Connection method' is Check the checkbox to use an SSH Key |
| Compile Masters Username |
Shown when 'Create credential?' is checked Username that has necessary permissions |
| Compile Masters Password |
Shown when 'Create credential?' is checked and SSH Key used? is not checked User's password |
| Compile Masters SSH Key |
Shown when 'Create credential?' is checked and SSH Key used? is checked Compile Masters SSH Key |
| Compile Masters SSH Key Password |
Shown when 'Create credential?' is checked and SSH Key used? is checked SSH Key password, if any |
| Database Configuration | |
| Use separate Database? |
Check the checkbox to define Database |
| Database OS family |
Shown when 'Use separate Database?' is checked Currently, only allows for |
| Database connection method |
Shown when 'Use separate Database?' is checked Select the connection method to connect to the Puppet Database server |
| Database hostname |
Shown when 'Use separate Database?' is checked and 'Database connection method' is Puppet Database server in FQDN format |
| Database vCenter Endpoint |
Shown when 'Use separate Database?' is checked and 'Database connection method' is Select an existing SovLabs vCenter Endpoint where the Puppet Database VM resides in |
| Database VM name as it appears in vCenter |
Shown when 'Use separate Database?' is checked and 'Database connection method' is Type in the VM name of the Puppet Database server as it appears in vCenter *VM name is case sensitive! |
| Directory for temporary Database scripts |
Shown when 'Use separate Database?' is checked Directory to put temporary scripts on the Puppet Database |
| Database Create credential? |
Check the checkbox to create a new Database credential. |
| Database Credential |
Shown when 'Create credential?' is not checked Select the appropriate Database credential from an existing list of credentials |
| Database Credential Configuration label |
Shown when 'Create credential?' is checked No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
| Database SSH Key used? |
Shown when Create credential?' is checked and 'Connection method' is Check the checkbox to use an SSH Key |
| Database Username |
Shown when 'Create credential?' is checked Username that has necessary permissions |
| Database Password |
Shown when 'Create credential?' is checked and SSH Key used? is not checked User's password |
| Database SSH Key |
Shown when 'Create credential?' is checked and SSH Key used? is checked Database SSH Key |
| Database SSH Key Password |
Shown when 'Create credential?' is checked and SSH Key used? is checked SSH Key password, if any |
| Field | Value |
|---|---|
| Certificate PEM files | |
| API Certificate |
Normally found on the Puppet Master and is the Service Account Certificate Puppet API Certificate PEM file |
| API RSA Private Key |
Normally found on the Puppet Master and is the Service Account Private Puppet API RSA Private Key PEM file |
| API CA Certificate |
Normally found on the Puppet Master and is the CA Certificate CA Certification |
| Certificate Authority | |
| Is auto-sign enabled in Puppet? |
If checked, skips signing the certificate Select if auto-sign is enabled in Puppet |
| Certificate Authority hostname |
Puppet Certificate Authority Hostname (FQDN) |
| Certificate Authority port |
Defaults to 8140 Port the Puppet Certificate Authority listens on |
| Field | Value |
|---|---|
| Hiera Configuration | |
| Create hiera node data? |
Check the checkbox to create hiera node data |
| Hiera on Puppet Master server? |
Shown when 'Create hiera node data?' is checked Check the checkbox if the hiera server is not on the Puppet master server |
| Hiera OS family |
Shown when 'Hiera on Puppet Master server?' is not checked Select Hiera OS type |
| Hiera connection method |
Shown when 'Hiera on Puppet Master server?' is not checked Select the connection method to connect to the hiera server |
| Hiera hostname |
Shown when 'Hiera connection method' is Hiera hostname in FQDN format |
| Hiera vCenter Endpoint |
Shown when 'Hiera connection method' is Select an existing SovLabs vCenter Endpoint where the Hiera server VM resides in |
| Hiera VM name as it appears in vCenter |
Shown when 'Hiera connection method' is Type in the VM name of the Hiera server as it appears in vCenter *VM name is case sensitive! |
| Directory for temporary Hiera scripts |
Directory to put temporary scripts on the Hiera server |
| Hiera Create credential? |
Check the checkbox to create a new Hiera credential. |
| Hiera Credential |
Shown when 'Create credential?' is not checked Select the appropriate Hiera credential from an existing list of credentials |
| Hiera Credential Configuration label |
Shown when 'Create credential?' is checked No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
| Hiera SSH Key used? |
Shown when Create credential?' is checked and 'Connection method' is Check the checkbox to use an SSH Key |
| Hiera Username |
Shown when 'Create credential?' is checked Username that has necessary permissions |
| Hiera Password |
Shown when 'Create credential?' is checked and SSH Key used? is not checked User's password |
| Hiera SSH Key |
Shown when 'Create credential?' is checked and SSH Key used? is checked Hiera SSH Key |
| Hiera SSH Key Password |
Shown when 'Create credential?' is checked and SSH Key used? is checked SSH Key password, if any |
| Hiera Node Data Configuration | |
Shown when 'Create Hiera node data?' is checked | |
| Hiera node data format |
Hiera node data format |
| Hiera node data filename |
Filename for hiera node data This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Hiera node data template |
Hiera data template This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Hiera eyaml Public Key |
Shown when 'Hiera node data format' is Hiera eyaml public key |
| Field | Value |
|---|---|
| Hiera Pre-Create Script | |
| Hiera pre-create script |
Script to execute prior to creating the hiera node data This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Hiera pre-create script arguments |
Script arguments, if any |
| Hiera pre-create script interpreter |
Script interpreter, e.g. |
| Compile Masters Hiera pre-create script |
Shown when 'Use separate Compile Masters?' is checked Script to execute prior to creating the hiera node data on the Compile Masters |
| Compile Masters Hiera pre-create script arguments |
Shown when 'Use separate Compile Masters?' is checked Script arguments, if any |
| Compile Masters Hiera pre-create script interpreter |
Shown when 'Use separate Compile Masters?' is checked Script interpreter, e.g. |
| Hiera Post-Create Script | |
| Hiera post-create script |
Script to execute after creating the hiera node data This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Hiera post-create script arguments |
Script arguments, if any |
| Hiera post-create script interpreter |
Script interpreter, e.g. |
| Compile Masters Hiera post-create script |
Shown when 'Use separate Compile Masters?' is checked Script to execute after creating the hiera node data on the Compile Masters |
| Compile Masters Hiera post-create script arguments |
Shown when 'Use separate Compile Masters?' is checked Script arguments, if any |
| Compile Masters Hiera post-create script interpreter |
Shown when 'Use separate Compile Masters?' is checked Script interpreter, e.g. |
| Hiera Pre-Delete Script | |
| Hiera pre-delete script |
Script to execute prior to deleting the hiera node data This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Hiera pre-delete script arguments |
Script arguments, if any |
| Hiera pre-delete script interpreter |
Script interpreter, e.g. |
| Compile Masters Hiera pre-delete script |
Shown when 'Use separate Compile Masters?' is checked Script to execute prior to deleting the hiera node data on the Compile Masters |
| Compile Masters Hiera pre-delete script arguments |
Shown when 'Use separate Compile Masters?' is checked Script arguments, if any |
| Compile Masters Hiera pre-delete script interpreter |
Shown when 'Use separate Compile Masters?' is checked Script interpreter, e.g. |
| Hiera Post-Delete Script | |
| Hiera post-delete script |
Script to execute after deleting the hiera node data This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Hiera post-delete script arguments |
Script arguments, if any |
| Hiera post-delete script interpreter |
Script interpreter, e.g. |
| Compile Masters Hiera post-delete script |
Shown when 'Use separate Compile Masters?' is checked Script to execute after deleting the hiera node data on the Compile Masters |
| Compile Masters Hiera post-delete script arguments |
Shown when 'Use separate Compile Masters?' is checked Script arguments, if any |
| Compile Masters Hiera post-delete script interpreter |
Shown when 'Use separate Compile Masters?' is checked Script interpreter, e.g. |
| Field | Value |
|---|---|
| Purge Node Script | |
| Purge node script |
Script purge the node This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Purge node script arguments |
Script arguments, if any |
| Purge node script interpreter |
Script interpreter, e.g. |
Add Foreman Agent Configuration
- Login to vRA tenant
- Click on the Catalog tab
- Request the Add Foreman Agent Configuration vRA Catalog Item
- Fill out the form accordingly (see below) and Submit
Add Foreman Agent Configuration
A Foreman Agent configuration defines the Puppet Open Source with Foreman Agent settings
| Field | Value |
|---|---|
| General | |
| Configuration label |
No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
| Puppet Open Source with Foreman version |
Select the Puppet Open Source with Foreman version |
| Puppet Environment |
Provisioned node environment This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| OS Family for provisioned nodes |
Choose whether the provisioned nodes are |
| Directory for temporary scripts |
Directory to put temporary scripts on the provisioned node |
| puppet.conf configuration | |
| puppet.conf file content |
If not defined, the puppet.conf will not be updated on the provisioned node File content of puppet.conf This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| puppet.conf filename |
Filename of puppet.conf This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Connection configuration | |
| Credential connection method |
Select the connection method to connect to the provisioned node |
| vCenter Endpoint |
Shown when 'Credential connection method' is Select an existing SovLabs vCenter Endpoint where the provisioned node's VM will resides in |
| Create credential? |
Check the checkbox to create a new credential. |
| Credential |
Shown when 'Create credential?' is not checked Select the appropriate credential from an existing list of credentials |
| Credential Configuration label |
Shown when 'Create credential?' is checked No spaces, periods or special characters except underscore ( Unique label DO NOT prepend with your tenant name and an underscore, e.g. mytenant_ |
| SSH Key used? |
Shown when Create credential?' is checked and 'Connection method' is Check the checkbox to use an SSH Key |
| Username |
Shown when 'Create credential?' is checked Username that has necessary permissions |
| Password |
Shown when 'Create credential?' is checked and SSH Key used? is not checked User's password |
| SSH Key |
Shown when 'Create credential?' is checked and SSH Key used? is checked SSH Key |
| SSH Key Password |
Shown when 'Create credential?' is checked and SSH Key used? is checked SSH Key password, if any |
| Field | Value |
|---|---|
| Facter Files | |
| Facter facts template |
Warning! Facter facts file contents does not support encryption Template of the facter facts This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Facter facts format |
Format for the Facter facts file |
| Facter facts filename |
Filename (with path) for Facter facts This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Classes | |
| Classes |
Add existing classes in Puppet Console for provisioned node to join This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Groups | |
| Groups |
Add existing groups in Puppet Console for provisioned node to join This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Field | Value |
|---|---|
| Installer File(s) | |
| Source Installer file |
Define source installer file (for Windows Puppet Agent) |
| Destination Installer file |
Define destination installer file (for Windows Puppet Agent) |
| Install Puppet on a Node Script | |
| Install script |
If left blank, expects Puppet to already installed Script to install Puppet on a provisioned node This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Install script arguments |
Script arguments, if any |
| Install script interpreter |
Script interpreter, e.g. |
| Field | Value |
|---|---|
| Max retry attempt to Run Puppet |
Maximum number of attempts to retry Run Puppet |
| Ignore final Run Puppet errors? |
Useful in initial development of new Puppet content If true, any errors found on the final Puppet run will be ignored and install will be allowed to continue |
| Run Puppet Script | |
| Run Puppet script |
Script to run Puppet on a provisioned node This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Run Puppet script arguments |
Script arguments, if any |
| Run Puppet script interpreter |
For Windows, only Script interpreter, e.g. |
| Run Puppet Script Validation | |
| Run Puppet script success exit codes |
List multiple exit codes comma separated Success exit code(s) |
| Run Puppet script arguments |
Overrides defined exit codes, if any Match the regular expression(s) to the output to determine success |
| Run Puppet Script Validation prior to Certificate being Signed | |
| Pre-certificate success exit codes |
List multiple exit codes comma separated Success exit code(s) |
| Pre-certificate success exit RegExp |
Overrides defined exit codes, if any Match the regular expression(s) to the output to determine success |
| Final Run Puppet Script Validation | |
| Final Puppet Run script success exit codes |
List multiple exit codes comma separated Success exit code(s) |
| Final Puppet Run script success exit RegExp |
Overrides defined exit codes, if any Match the regular expression(s) to the output to determine success |
| Field | Value |
|---|---|
| Post Script |
Script to execute after final Puppet run on a provisioned node This field is templatable. Click the link below to view documentation on the SovLabs Template Engine SovLabs Template Engine page |
| Post script arguments |
Script arguments, if any |
| Post script interpreter |
For Windows, only Script interpreter, e.g. |
| Post Script Validation | |
| Post script success exit codes |
List multiple exit codes comma separated Success exit code(s) |
| Post script arguments |
Overrides defined exit codes, if any Match the regular expression(s) to the output to determine success |