A solution instance such as Puppet master, must be created within a deployment environment in vCloud Application Director so that the Puppet master is always used when an application using Puppet based services is deployed in that deployment environment.

You can create only one Puppet master instance per a deployment environment. You can also use the same Puppet master in another deployment environment.

Verify that your user account has the ROLE_CLOUD_ADMIN cloud administrator role assigned to it.

Depending on your cloud provider, you must have at least one vCloud Director, vCloud Automation Center, or Amazon EC2 deployment environment mapped in vCloud Application Director. See Create a vCloud Director Deployment Environment, Create a vCloud Automation Center Deployment Environment, or Create an Amazon EC2 Deployment Environment.

Make sure that the Puppet master is configured to work with the vCloud Application Director server. See Prepare the Puppet Master Environment for Registration or http://kb.vmware.com/kb/2068342.

If you are using a custom policy, verify that it is available in the catalog. See Add a Policy to the Catalog.

1

Log in to the vCloud Application Director Web interface.

2

On the vCloud Application Director title bar, click the drop-down menu and select Clouds > Deployment Environments.

3

Select an existing deployment environment.

4

Select the Solution Instances tab and click Create Solution Instance.

5

Complete the solution instance information for the deployment environment.

Option

Description

Name and Description

Include the solution name.

You can add property or agent configuration information for the solution in the description section.

Solution

Select the available Puppet Master v1.0.0 solution from the drop-down list.

The solution properties and corresponding agents are populated.

6

In the Properties section, type the required property values.

Property

Description

puppet_server

Qualified domain name of the Puppet master server.

For the agent to trust the Puppet master certificate, use one of the valid DNS names you set when you installed the Puppet master. The vCloud Application Director server must be able to contact Puppet master at this DNS name, unless the puppet_server_ip property is also supplied.

puppet_server_ip

Puppet master server IP address.

The IP address must be specified if the host name of the Puppet master server is not resolvable in the vCloud Application Director server or agent nodes.

identity_private_key

Private key of the certificate issued to the vCloud Application Director server by the Puppet master.

vCloud Application Director uses this certificate for authentication with Puppet master and MCollective. The format of the certificate is PEM encoded including the header and trailer. The header for example is formatted as, '-----BEGIN RSA PRIVATE KEY--'

Copy contents of the file TempCredsDir/private_keys/Name.pem you created to prepare the Puppet master, as the value for this property.

identity_public_cert

The X509 certificate corresponding to the identity_private_key property.

The format of the certificate is PEM encoded including the header and trailer. The header for example is formatted as, '-----BEGIN CERTIFICATE--'

Copy contents of the file TempCredsDir/certs/Name.pem you created to prepare the Puppet master, as the value for this property.

ca_cert

The X509 certificate of the certificate authority that issues digital certificates used to authenticate with Puppet master and MCollective.

The format of the certificate is PEM encoded including the header and trailer. The header for example is formatted as, '-----BEGIN CERTIFICATE--'

Copy contents of the file TempCredsDir/certs/ca.pem you created to prepare the Puppet master, as the value for this property.

mc_servers_shared_cert

Shared server certificate or public key for the MCollective cluster.

The format of the certificate is PEM encoded including the header and trailer. The header for example is formatted as, '-----BEGIN CERTIFICATE-----' or '-----BEGIN PUBLIC KEY--'

Copy contents of the file TempCredsDir/certs/pe-internal-mcollective-servers.pem for Puppet enterprise or TempCredsDir/certs/mcollective-servers.pem for Puppet OpenSource you created to prepare the Puppet master, as the value for this property.

The trailer for example is formatted as,' -----END CERTIFICATE-----' or '-----END RSA PUBLIC KEY--'

mc_messaging_server_password

Password corresponding to the config setting plugin.activemq.pool.1.password in the MCollective server config file.

For example, the MCollective server config file in the Puppet enterprise is located at /etc/puppetlabs/mcollective/server.cfg .

identity_cert_name

Name of the identity certificate.

This name is the string which you set when you generated the vCloud Application Director certificate to correspond to the Puppet master during the preparation of the Puppet master.

puppet_version

Puppet enterprise suite version for a Puppet enterprise and Puppet package version for a Puppet open source.

For example, the Puppet enterprise version is 3.0.1 and the Puppet open source version is 3.2.4.

mc_messaging_server_username

User name corresponding to the config setting plugin.activemq.pool.1.user in the MCollective server config file.

For example, the MCollective server config file in the Puppet enterprise is located at /etc/puppetlabs/mcollective/server.cfg .

mc_messaging_server_port

Port corresponding to the config setting plugin.activemq.pool.1.port in the MCollective server config file.

For example, the MCollective server config file in the Puppet enterprise is located at /etc/puppetlabs/mcollective/server.cfg .

node_manifest_dir

Directory where the node definition manifests are located for virtual machines deployed using vCloud Application Director.

The Puppet master site.pp must be able to import *.pp files from this directory.

mc_appd_agent_ddl

Location of the MCollective vCloud Application Director agent DDL file.

You do not need to override this value.

mc_client_setup_script

Location of the MCollective Client setup Beanshell script.

You do not need to override this value.

global_conf

URL to download the Darwin global configuration for each node.

7

In the Agents section, type the required values.

Option

Description

pe_installer_payload_base_path

Base URI where the operating system and architecture specific Puppet enterprise tar files are hosted.

The script detects the URI based on the pe_installer_payload_base_path and the current version of operating system and architecture on the machine. You can skip this auto detection by specifying a value for the pe_installer_payload property. Automatic detection assumes that the specific directory structure mirrors the structure of the Puppet Labs hosted tar files that are located at https://s3.amazonaws.com/pe-builds/.

is_enterprise

Indicates if the Puppet master being registered is a Puppet enterprise with a value set to true or a Puppet open source with a value set to false.

8

In the Agents section, type the optional value.

Option

Description

pe_installer_payload

Link to download tar file for Puppet Enterprise.

Leave this value empty unless you want to explicitly provide a complete URI of an OS-neutral Puppet Enterprise tar file. If the value is not specified, the script detects the URI based on the pe_installer_payload_base_path and current version of operating system and architecture on the machine. An example URI is, https://s3.amazonaws.com/pe-builds/released/3.0.1/puppet-enterprise-3.0.1-all.tar.gz

9

Click Save when you finish.

vCloud Application Director checks the property and agent values you typed and displays an error message if the required values are missing.

10

Click Validate Connection to check the connection to the server.

11

Click the arrow next to the solution instance name to return to the previous page.

12

(Optional) On the client machine that has Puppet installed, type the command to remove the temporary credential directory.

rm -rf TempCredsDir

Import Puppet content into the vCloud Application Director catalog as services. See Import a Puppet Service to the Catalog.