To register a Puppet master within a deployment environment in vCloud Application Director you must prepare the Puppet master to work with the vCloud Application Director server.

You can also automate the registration process, see http://kb.vmware.com/kb/2068342.

Verify that the Puppet enterprise version 3.0.1 or later or Puppet OpenSource version 3.2.4 or later is installed.

Make sure that there is a client machine available with Puppet installed besides the Puppet master.

1

Navigate to the directory on your Puppet master and create a directory called nodes.

On Puppet enterprise, navigate to /etc/puppetlabs/puppet/manifests/.

On Puppet OpenSource, navigate to /etc/puppet/manifests/.

2

Open the /etc/puppetlabs/puppet/manifests/site.pp or /etc/puppet/manifests/site.pp file and add the command import 'nodes/*.pp' to the first line of the file.

3

In the command line, create the empty_manifest_file.pp file.

On Puppet enterprise, type touch /etc/puppetlabs/puppet/manifests/nodes/empty_manifest_file.pp

On Puppet OpenSource, type touch /etc/puppet/manifests/nodes/empty_manifest_file.pp

4

Download the appdintegn.rb and appdintegn.ddl agent files.

http://Application_Director_IP/artifacts/solutions/puppet/mcollective/agent/appdintegn.ddl

http://Application_Director_IP/artifacts/solutions/puppet/mcollective/agent/appdintegn.rb

5

Copy the appdintegn.rb and appdintegn.ddl agent files to the LIBDIR/mcollective/agent directory on the Puppet master.

LIBDIR is the value of the MCollective libdir setting that is typically set to /opt/puppet/libexec/mcollective/.

6

Restart MCollective to view the newly copied agent files.

On Puppet enterprise, type /etc/init.d/pe-mcollective restart.

On Puppet OpenSource, type /etc/init.d/mcollective restart.

7

On a client machine that has Puppet installed, generate a certificate puppet certificate generate Name --ssldir TempCredsDir --ca-location remote --ca_server CAPuppetMaster

Name is the name of a string for the vCloud Application Director certificate corresponding to the Puppet master. TempCredsDir is a locally created directory in the /tmp folder such as /tmp/appd_mc/credentials and CAPuppetMaster is the host name or IP address of the Puppet master.

8

(Optional) On the Puppet master, if the auto-sign for the certificate is not turned on type the command sudo puppet cert sign Name.

9

Copy the signed public certificate file to the MCollective authorized client list.

cp CertDirectory/Name.pem AuthorizedClientsDirectory

CertDirectory is the Puppet master certdir config setting and AuthorizedClientsDirectory is the config setting for the MCollective server plugin.ssl_client_cert_dir.

A sample Puppet enterprise copy command, cp /etc/puppetlabs/puppet/ssl/ca/signed/vmware-appd.pem /etc/puppetlabs/mcollective/ssl/clients/

10

On the client machine that has Puppet installed, get the signed certificates from the Puppet master.

puppet certificate find Name --ssldir TempCredsDir --ca-location remote --ca_server CAPuppetMaster

puppet certificate find ca --ssldir TempCredsDir --ca-location remote --ca_server CAPuppetMaster

11

On the client machine that has Puppet installed, get the public certificate from the Puppet master.

On Puppet enterprise, type puppet certificate find pe-internal-mcollective-servers --ssldir TempCredsDir --ca-location remote --ca_server CAPuppetMaster.

On Puppet OpenSource, type puppet certificate find mcollective-servers --ssldir TempCredsDir --ca-location remote --ca_server CAPuppetMaster.

vCloud Application Director creates the node definition file *.pp for each virtual machine it provisions in the /etc/puppetlabs/puppet/manifests/nodes or /etc/puppet/manifests/nodes directory.

Register the Puppet master within a deployment environment in vCloud Application Director. See Create a Solution Instance.