6

I'm in the situation where I am constantly spinning up new vms for development. I've got a base image that i can clone but it quickly gets out of date and you have no method of adding a change across a lot of vms.

I want to set up a puppet script that runs on first boot of a virtual machine and there are lots of guides to creating a site.pp that is run directly by puppet, but that involves a single file that you have to set up on a node. What i would like to do is have a development setup on a puppetmaster so that all my vms can call into the same point and stay up to date and allow me to create a comprehensive set of packages using fileserver etc.

The problems I see with this is that i can't/don't want to rely on hostnames to identify vms, I don't care about keeping a history of pki as vm names may get reused.

Can puppet be used with puppetmaster and essentially ignore all pki? Can I create a environment such that i can register a vm into via a fact or some other means? I would like to do puppet agent type=test1 or similar.

Generally how can I use puppet via a centralized source where i don't particularly care about the security of the nodes and expect nodes to come and go frequently?

jamielennox
  • 61
  • 1

3 Answers3

4

Since the VMs are for development purposes, you may want to look at Vagrant. Vagrant has support for Puppet out-of-the-box.

dunxd
  • 9,632
  • 22
  • 81
  • 118
François Beausoleil
  • 761
  • 2
  • 9
  • 21
2

Setup your VMs to be provisioned via DHCP and add to your config (you can give your VMs random or sequential names if you want, but keep the domain part to ease deploying):

option domain-name "my.domain.com";

Set your puppetmaster to provide the modules you want:

node /.*my.domain.com/ inherits default {
}

And enable autosign for that domain:

$ cat autosign.conf 
# Domains you want SSL certificates autosigned for
#*.my.domain.com

And regarding "adding a change across a lot of vms", well, that is what puppet is for. If you want/need other kind of on-demand operation, take a look at Marionette Collective.

dawud
  • 15,096
  • 3
  • 42
  • 61
1

puppet can work in a client/server way, but it's not mandatory. You can call puppet locally for the current machine, it's far simpler (but less scalable of course)

In my case, when firing up a new VM, I just copy the puppet full config with sftp (ssh) and call puppet locally. Instructions here (fr) http://offirmo.net/wiki/index.php?title=Amor%C3%A7age_d%27un_serveur_Ubuntu_avec_puppet

cd ~/puppet
sudo puppet apply --debug --detailed-exitcodes --verbose manifests/site.pp --modulepath=modules --ignorecache --no-usecacheonfailure

If I need updates, my puppet config is in a git repo (https://github.com/Offirmo/offirmo-puppet) and I can just get the latest one with git pull and apply again.

Up to you to judge if this method is better in your case.

Offirmo
  • 141
  • 3