A solution instance such as Puppet Master, must be created in an Application Services deployment environment so that the Puppet Master is always used when an application using Puppet-based services is deployed in that deployment environment.

About this task

You can create only one Puppet Master solution instance per a deployment environment. The solution instances of multiple deployment environments can point to the same Puppet Master. For information on using a Ruby script that runs locally on the Puppet Master server, see Register a Puppet Master Solution Instance.

Prerequisites

Procedure

  1. Log in to the Application Services Web interface.
  2. On the Application Services title bar, click the drop-down menu and select Clouds > Deployment Environments.
  3. Select an existing deployment environment.
  4. Select the Solution Instances tab and click Create Solution Instance.
  5. Complete the solution instance information for the deployment environment.

    Option

    Description

    Name and Description

    Include the solution name.

    You can add property or agent configuration information for the solution in the description section.

    Solution

    Select the available Puppet Master v1.0.0 solution from the drop-down list.

    The solution properties and corresponding agents are populated.

  6. In the Properties section, enter the required property values.

    Property

    Description

    puppet_server

    Qualified domain name of the Puppet Master server.

    For the agent to trust the Puppet Master certificate, use one of the valid DNS names you set when you installed the Puppet Master. The Application Services server must be able to contact Puppet Master at this DNS name, unless the puppet_server_ip property is also supplied.

    puppet_server_ip

    Puppet Master server IP address.

    The IP address must be specified if the host name of the Puppet Master server is not resolvable in the Application Services server or agent nodes.

    puppet_environment

    Name of the Puppet Master environment assigned to a puppet agent. This name corresponds to the environment configuration property of a puppet agent .

    agent_run_interval

    How frequently the puppet agent applies the library. The default run interval is every 30 minutes (30m). You can specify the run interval in the following units.

    • Seconds. For example, 30 or 30s.

    • Minutes. For example, 30m.

    • Hours. For example, 6h.

    • Days. For example, 5d.

    • Years. For example, 2y.

    A run interval of 0 tells the puppet agent to run continuously.

    identity_private_key

    Private key of the certificate issued to the Application Services server by the Puppet Master.

    Application Services uses this certificate for authentication with Puppet Master and MCollective. The format of the certificate is PEM encoded including the header and trailer. The header for example is formatted as, '-----BEGIN RSA PRIVATE KEY--'

    Copy contents of the file TempCredsDir/private_keys/Name.pem you created to prepare the Puppet Master, as the value for this property.

    identity_public_cert

    The X509 certificate corresponding to the identity_private_key property.

    The format of the certificate is PEM encoded including the header and trailer. The header for example is formatted as, '-----BEGIN CERTIFICATE--'

    Copy contents of the file TempCredsDir/certs/Name.pem you created to prepare the Puppet Master, as the value for this property.

    ca_cert

    The X509 certificate of the certificate authority that issues digital certificates used to authenticate with Puppet Master and MCollective.

    The format of the certificate is PEM encoded including the header and trailer. The header for example is formatted as, '-----BEGIN CERTIFICATE--'

    Copy contents of the file TempCredsDir/certs/ca.pem you created to prepare the Puppet Master, as the value for this property.

    mc_servers_shared_cert

    Shared server certificate or public key for the MCollective cluster.

    The format of the certificate is PEM encoded including the header and trailer. The header for example is formatted as, '-----BEGIN CERTIFICATE-----' or '-----BEGIN PUBLIC KEY--'

    Copy contents of the file TempCredsDir/certs/pe-internal-mcollective-servers.pem for Puppet Enterprise or TempCredsDir/certs/mcollective-servers.pem for Puppet Open Source you created to prepare the Puppet Master, as the value for this property.

    The trailer for example is formatted as,' -----END CERTIFICATE-----' or '-----END RSA PUBLIC KEY--'

    mc_messaging_server_password

    Password corresponding to the config setting plugin.activemq.pool.1.password in the MCollective server config file.

    For example, the MCollective server config file in the Puppet Enterprise is located at /etc/puppetlabs/mcollective/server.cfg .

    identity_cert_name

    Name of the identity certificate.

    This name is the string which you set when you generated the Application Services certificate to correspond to the Puppet Master during the preparation of the Puppet Master.

    puppet_version

    Puppet Enterprise suite version for a Puppet Enterprise and Puppet package version for a Puppet open source.

    For example, the Puppet Enterprise version is 3.2.3 and the Puppet open source version is 3.6.2.

    mc_messaging_server_username

    User name corresponding to the config setting plugin.activemq.pool.1.user in the MCollective server config file.

    For example, the MCollective server config file in the Puppet Enterprise is located at /etc/puppetlabs/mcollective/server.cfg .

    mc_messaging_server_port

    Port corresponding to the config setting plugin.activemq.pool.1.port in the MCollective server config file.

    For example, the MCollective server config file in the Puppet Enterprise is located at /etc/puppetlabs/mcollective/server.cfg .

    node_manifest_dir

    Directory where the node definition manifests are located for virtual machines deployed using Application Services.

    The Puppet Master site.pp must be able to import *.pp files from this directory.

    mc_appd_agent_ddl

    Location of the MCollective Application Services agent DDL file.

    You do not need to override this value.

    mc_client_setup_script

    Location of the MCollective Client setup Beanshell script.

    You do not need to override this value.

    global_conf

    URL to download the Darwin global configuration for each node.

    agent_post_install_wait

    Time in seconds to wait after installing the agent.

  7. In the Agents section, enter the required values.

    Option

    Description

    pe_installer_payload_base_path

    Base URI where the operating system and architecture specific Puppet Enterprise tar files are hosted. Not for Windows.

    The script detects the URI based on the pe_installer_payload_base_path and the current version of operating system and architecture on the machine. You can skip this auto detection by specifying a value for the pe_installer_payload property. Automatic detection assumes that the specific directory structure mirrors the structure of the Puppet Labs hosted tar files that are located at https://s3.amazonaws.com/pe-builds/.

    installer_payload_base_path

    Windows version of pe_installer_payload_base_path.

    is_enterprise

    Indicates if the Puppet Master being registered is a Puppet Enterprise with a value set to true or a Puppet open source with a value set to false.

  8. In the Agents section, enter the optional value.

    Option

    Description

    pe_installer_payload

    Link to download tar file for Puppet Enterprise. Not for Windows.

    Leave this value empty unless you want to explicitly provide a complete URI of an OS-neutral Puppet Enterprise tar file. If the value is not specified, the script detects the URI based on the pe_installer_payload_base_path and current version of operating system and architecture on the machine. An example URI is, https://s3.amazonaws.com/pe-builds/released/3.0.1/puppet-enterprise-3.0.1-all.tar.gz

    installer_payload

    Windows version of pe_installer_payload.

  9. Click Save.

    Application Services checks the property and agent values you entered and displays an error message if the required values are missing.

  10. Click Validate Connection to verify the connection to the server.
  11. Click the arrow next to the solution instance name to return to the previous page.
  12. (Optional) : On the client machine that has Puppet installed, enter the command to remove the temporary credential directory you created when you downloaded the public certificate from the Puppet Master.

    rm -rf TempCredsDir