A solution instance such as Puppet Master, must be created in an Application Services deployment environment so that the Puppet Master is always used when an application using Puppet-based services is deployed in that deployment environment.

You can create only one Puppet Master solution instance per a deployment environment. The solution instances of multiple deployment environments can point to the same Puppet Master. For information on using a Ruby script that runs locally on the Puppet Master server, see Register a Puppet Master Solution Instance.

Log in to Application Services as an application cloud administrator.

Depending on your cloud provider, you must have at least one vCloud Director, vCloud Automation Center, or Amazon EC2 deployment environment mapped in Application Services. See Create a vCloud Director Deployment Environment, Create a vCloud Director Deployment Environment, Create a vCloud Automation Center Deployment Environment, or Create an Amazon EC2 Deployment Environment.

Make sure that the Puppet Master is configured to work with the Application Services server. See Prepare the Puppet Master Environment for Registration or Register a Puppet Master Solution Instance.

If you are using a custom policy, verify that it is available in the library. See Add a Policy to the Library.

1

Log in to the Application Services Web interface.

2

On the Application Services title bar, click the drop-down menu and select Clouds > Deployment Environments.

3

Select an existing deployment environment.

4

Select the Solution Instances tab and click Create Solution Instance.

5

Complete the solution instance information for the deployment environment.

Option

Description

Name and Description

Include the solution name.

You can add property or agent configuration information for the solution in the description section.

Solution

Select the available Puppet Master v1.0.0 solution from the drop-down list.

The solution properties and corresponding agents are populated.

6

In the Properties section, enter the required property values.

Property

Description

puppet_server

Qualified domain name of the Puppet Master server.

For the agent to trust the Puppet Master certificate, use one of the valid DNS names you set when you installed the Puppet Master. The Application Services server must be able to contact Puppet Master at this DNS name, unless the puppet_server_ip property is also supplied.

puppet_server_ip

Puppet Master server IP address.

The IP address must be specified if the host name of the Puppet Master server is not resolvable in the Application Services server or agent nodes.

puppet_environment

Name of the Puppet Master environment assigned to a puppet agent. This name corresponds to the environment configuration property of a puppet agent .

agent_run_interval

How frequently the puppet agent applies the library. The default run interval is every 30 minutes (30m). You can specify the run interval in the following units.

Seconds. For example, 30 or 30s.

Minutes. For example, 30m.

Hours. For example, 6h.

Days. For example, 5d.

Years. For example, 2y.

A run interval of 0 tells the puppet agent to run continuously.

identity_private_key

Private key of the certificate issued to the Application Services server by the Puppet Master.

Application Services uses this certificate for authentication with Puppet Master and MCollective. The format of the certificate is PEM encoded including the header and trailer. The header for example is formatted as, '-----BEGIN RSA PRIVATE KEY--'

Copy contents of the file TempCredsDir/private_keys/Name.pem you created to prepare the Puppet Master, as the value for this property.

identity_public_cert

The X509 certificate corresponding to the identity_private_key property.

The format of the certificate is PEM encoded including the header and trailer. The header for example is formatted as, '-----BEGIN CERTIFICATE--'

Copy contents of the file TempCredsDir/certs/Name.pem you created to prepare the Puppet Master, as the value for this property.

ca_cert

The X509 certificate of the certificate authority that issues digital certificates used to authenticate with Puppet Master and MCollective.

The format of the certificate is PEM encoded including the header and trailer. The header for example is formatted as, '-----BEGIN CERTIFICATE--'

Copy contents of the file TempCredsDir/certs/ca.pem you created to prepare the Puppet Master, as the value for this property.

mc_servers_shared_cert

Shared server certificate or public key for the MCollective cluster.

The format of the certificate is PEM encoded including the header and trailer. The header for example is formatted as, '-----BEGIN CERTIFICATE-----' or '-----BEGIN PUBLIC KEY--'

Copy contents of the file TempCredsDir/certs/pe-internal-mcollective-servers.pem for Puppet Enterprise or TempCredsDir/certs/mcollective-servers.pem for Puppet Open Source you created to prepare the Puppet Master, as the value for this property.

The trailer for example is formatted as,' -----END CERTIFICATE-----' or '-----END RSA PUBLIC KEY--'

mc_messaging_server_password

Password corresponding to the config setting plugin.activemq.pool.1.password in the MCollective server config file.

For example, the MCollective server config file in the Puppet Enterprise is located at /etc/puppetlabs/mcollective/server.cfg .

identity_cert_name

Name of the identity certificate.

This name is the string which you set when you generated the Application Services certificate to correspond to the Puppet Master during the preparation of the Puppet Master.

puppet_version

Puppet Enterprise suite version for a Puppet Enterprise and Puppet package version for a Puppet open source.

For example, the Puppet Enterprise version is 3.2.3 and the Puppet open source version is 3.6.2.

mc_messaging_server_username

User name corresponding to the config setting plugin.activemq.pool.1.user in the MCollective server config file.

For example, the MCollective server config file in the Puppet Enterprise is located at /etc/puppetlabs/mcollective/server.cfg .

mc_messaging_server_port

Port corresponding to the config setting plugin.activemq.pool.1.port in the MCollective server config file.

For example, the MCollective server config file in the Puppet Enterprise is located at /etc/puppetlabs/mcollective/server.cfg .

node_manifest_dir

Directory where the node definition manifests are located for virtual machines deployed using Application Services.

The Puppet Master site.pp must be able to import *.pp files from this directory.

mc_appd_agent_ddl

Location of the MCollective Application Services agent DDL file.

You do not need to override this value.

mc_client_setup_script

Location of the MCollective Client setup Beanshell script.

You do not need to override this value.

global_conf

URL to download the Darwin global configuration for each node.

agent_post_install_wait

Time in seconds to wait after installing the agent.

7

In the Agents section, enter the required values.

Option

Description

pe_installer_payload_base_path

Base URI where the operating system and architecture specific Puppet Enterprise tar files are hosted. Not for Windows.

The script detects the URI based on the pe_installer_payload_base_path and the current version of operating system and architecture on the machine. You can skip this auto detection by specifying a value for the pe_installer_payload property. Automatic detection assumes that the specific directory structure mirrors the structure of the Puppet Labs hosted tar files that are located at https://s3.amazonaws.com/pe-builds/.

installer_payload_base_path

Windows version of pe_installer_payload_base_path.

is_enterprise

Indicates if the Puppet Master being registered is a Puppet Enterprise with a value set to true or a Puppet open source with a value set to false.

8

In the Agents section, enter the optional value.

Option

Description

pe_installer_payload

Link to download tar file for Puppet Enterprise. Not for Windows.

Leave this value empty unless you want to explicitly provide a complete URI of an OS-neutral Puppet Enterprise tar file. If the value is not specified, the script detects the URI based on the pe_installer_payload_base_path and current version of operating system and architecture on the machine. An example URI is, https://s3.amazonaws.com/pe-builds/released/3.0.1/puppet-enterprise-3.0.1-all.tar.gz

installer_payload

Windows version of pe_installer_payload.

9

Click Save.

Application Services checks the property and agent values you entered and displays an error message if the required values are missing.

10

Click Validate Connection to verify the connection to the server.

11

Click the arrow next to the solution instance name to return to the previous page.

12

(Optional) On the client machine that has Puppet installed, enter the command to remove the temporary credential directory you created when you downloaded the public certificate from the Puppet Master.

rm -rf TempCredsDir