In this example, you add Puppet configuration management to a cloud template deployed on a vCenter compute resource with username and password access.
This procedure shows an example of how you might create a Puppet enabled deployable resource that requires username and password authentication. Username and password access means that the user must manually log in from the compute resource to the Puppet primary machine in order to invoke Puppet configuration management.
Optionally, you can configure remote access authentication which sets up configuration management in a cloud template so that the compute resource handles authentication with the Puppet primary machine. With remote access enabled, the compute resource automatically generates a key to satisfy password authentication. A valid username is still required.
See AWS Puppet configuration management cloud template examples and vCenter Puppet configuration cloud template examples for more examples of how you can configure different Puppet scenarios in Cloud Assembly blueprints.
Prerequisites
- Set up a Puppet Enterprise instance on a valid network.
- Add your Puppet Enterprise instance to Cloud Assembly using the Integrations feature. See Configure Puppet Enterprise integration in Cloud Assembly
- Set up a vSphere account and a vCenter compute resource.
Procedure
- Add a Puppet configuration management component to a vSphere compute resource on the canvas for the desired cloud template.
- Select .
- Click Add Integration and select Puppet.
- Enter the appropriate information on the Puppet configuration page.
Confguration Description Example Value Hostname Host name or IP address of the Puppet primary machine Puppet-Ubuntu SSH Port SSH port for communication between Cloud Assembly and Puppet primary machine. (Optional) NA Autosign secret The shared secret configured on the Puppet primary machine that nodes should provide to support autosign certificate requests. User specific Location Indicate whether the Puppet primary machine is on a private or public cloud. Note: Cross cloud deployment is supported only if there is connectivity between the deployment compute resource and the Puppet primary machine.Cloud proxy Not required for public cloud accounts, such as Microsoft Azure or Amazon Web Services. If you are using a vCenter based cloud account, select the appropriate cloud proxy for your account. NA Username SSH and RBAC user name for Puppet primary machine. User specific. YAML value is '${input.username}' Password SSH and RBAC password for Puppet primary machine. User specific YAML value is '${input.password}' Use sudo commands for this user Select to use sudo commands for the procidd. true Name Puppet primary machine name. PEMasterOnPrem Description
- Add the username and password properties to the Puppet YAML as shown in the following example.
- Ensure that the value for the remoteAccess property to the Puppet cloud template YAML is set to
authentication: username and passwordas shown in the example below.
Example: vCenter username and password YAML code
The following example shows the representative YAML code for adding username and password authentication on a vCenter compute resource.
inputs:
username:
type: string
title: Username
description: Username to use to install Puppet agent
default: puppet
password:
type: string
title: Password
default: VMware@123
encrypted: true
description: Password for the given username to install Puppet agent
resources:
Puppet-Ubuntu:
type: Cloud.vSphere.Machine
properties:
flavor: small
imageRef: >-
https://cloud-images.ubuntu.com/releases/16.04/release-20170307/ubuntu-16.04-server-cloudimg-amd64.ova
remoteAccess:
authentication: usernamePassword
username: '${input.username}'
password: '${input.password}'
Puppet_Agent:
type: Cloud.Puppet
properties:
provider: PEMasterOnPrem
environment: production
role: 'role::linux_webserver'
username: '${input.username}'
password: '${input.password}'
host: '${Puppet-Ubuntu.*}'
useSudo: true
agentConfiguration:
certName: '${Puppet-Ubuntu.address}'
