In this example, you add Puppet configuration management to a blueprint deployed on a vCenter compute resource with username and password access.

This procedure shows an example of how you might create a Puppet enabled deployable resource that requires username and password authentication. Username and password access means that the user must manually log in from the compute resource to the Puppet Master in order to invoke Puppet configuration management.

Optionally, you can configure remote access authentication which sets up configuration management in a blueprint so that the compute resource handles authentication with the Puppet master. With remote access enabled, the compute resource automatically generates a key to satisfy password authentication. A valid username is still required.

See AWS Puppet configuration management blueprint examples and vCenter Puppet configuration blueprint examples for more examples of how you can configure different Puppet scenarios in Cloud Assembly blueprints.

Prerequisites

  • Set up a Puppet Enterprise instance on a valid network.
  • Add your Puppet Enterprise instance to Cloud Assembly using the Integrations feature. See Configure Puppet integration in Cloud Assembly
  • Set up a vSphere account and a vCenter compute resource.

Procedure

  1. Add a Puppet configuration management component to a vSphere compute resource on the canvas for the desired blueprint.
    1. Select Infrastructure > Manage > Integrations.
    2. Click Add Integration and select Puppet.
    3. Enter the appropriate information on the Puppet configuration page.
      Confguration Description Example Value
      Hostname Host name or IP address of the Puppet master Puppet-Ubuntu
      SSH Port SSH port for communication between Cloud Assembly and Puppet master. (Optional) NA
      Autosign secret The shared secret configured on the Puppet master that nodes should provide to support autosign certificate requests. User specific
      Location Indicate whether the Puppet Master is on a private or public cloud.
      Note: Cross cloud deployment is supported only if there is connectivity between the deployment compute resource and the Puppet master.
      Cloud proxy Not required for public cloud accounts, such as Microsoft Azure or Amazon Web Services. If you are using a vCenter based cloud account, select the appropriate cloud proxy for your account. NA
      Username SSH and RBAC user name for Puppet master. User specific. YAML value is '${input.username}'
      Password SSH and RBAC password for Puppet master. User specific YAML value is '${input.password}'
      Use sudo commands for this user Select to use sudo commands for the procidd. true
      Name Puppet master name. PEMasterOnPrem
      Description
  2. Add the username and password properties to the Puppet YAML as shown in the following example.
  3. Ensure that the value for the remoteAccess property to the Puppet YAML is set to authentication: username and password as shown in the example below.

Example: vCenter username and password YAML code

The following example shows the representative YAML code for adding username and password authentication on a vCenter compute resource.

inputs:
  username:
    type: string
    title: Username
    description: Username to use to install Puppet agent
    default: puppet
  password:
    type: string
    title: Password
    default: VMware@123
    encrypted: true
    description: Password for the given username to install Puppet agent
resources:
  Puppet-Ubuntu:
    type: Cloud.vSphere.Machine
    properties:
      flavor: small
      imageRef: >-
        https://cloud-images.ubuntu.com/releases/16.04/release-20170307/ubuntu-16.04-server-cloudimg-amd64.ova
      remoteAccess:
        authentication: usernamePassword
        username: '${input.username}'
        password: '${input.password}'
  Puppet_Agent:
    type: Cloud.Puppet
    properties:
      provider: PEMasterOnPrem
      environment: production
      role: 'role::linux_webserver'
      username: '${input.username}'
      password: '${input.password}'
      host: '${Puppet-Ubuntu.*}'
      useSudo: true
      agentConfiguration:
        certName: '${Puppet-Ubuntu.address}'