Building Puppet Integration in VMware vRealize Automation 7.1 and 7.2
In this article
VMware and Puppet integration
VMware's vRealize Suite is a cloud management platform that provides performance/capacity management and automation of IT infrastructure that allows development teams to easily access and provision resources within a hybrid cloud environment. Puppet is a configuration management tool that provides a standardized platform to deploy and operate software. The integration of Puppet modules with VMware's vRealize Automation (vRA) provides a centralized life-cycle management and standardized configuration from a single console.
Earlier this year, we documented the process of using the vRA Guest Agent to deliver a Puppet module into a provisioned VM in vRA 6.2.3. After the releases of vRA 7.1 in August 2016 and 7.2 in November 2016, the ability to create property definitions has changed enough to warrant new instructions on integrating with Puppet 2016.4. In fact, this procedure requires no vRealize Orchestrator (vRO) workflows for the basic setup.
vRA 7.1 and 7.2 no longer include the simple method of creating property attributes in XML format for adding to a custom property for a blueprint. Instead, they use property definitions and property groups from the web UI.
Prerequisites
- A working instance of Puppet 2016.2 or later (we used 2016.4.2)
- Puppet agent packages imported to Puppet Master
- Puppet's install.ps1 and install.bash files readily available
- Operational VMware vRealize Automation 7.x
- VMware NSX 6.2.4 (optional)
Create the property definition
1. In the vRA UI, click Administration > Property Dictionary > Property Definitions.
2. Click New.
3. Create a new drop-down list in a string type format and then add the static list of Puppet Node Classifications.
4. For different agents, consider creating a property definition for each OS type.
Create the software component
A software component allows for administrators to design their own custom application installs at the middleware level, instead of pre-installing inside a virtual machine (VM) template. This process allows for faster adoption of applications across a single template, instead of the need to carry multiple templates running multiple versions of the same product.
5. In the vRA UI, click Design > Software Components.
6. Click New.
7. Name the software and then specify the machine container. Click Next.
8. Add the following properties for the new component and click Next.
- PUPPET_ACCOUNT (value example: administrator)
- PUPPET_DOMAIN (value example: Domain.local)
- PUPPET_PASSWORD (value example: password for administrator)
- PUPPET_MASTER_SERVER (value example: PE server hosting port 8140 services)
- PUPPET_ROLE_MAN (no value entered, but set to overridable and required)
9. Under the Install lifecycle, select Powershell. Click the link that reads Click here to edit.
10. Paste the following code in line 1 of the script and click OK.
[Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}; $webClient = New-Object System.Net.WebClient; $webClient.DownloadFile('https://$PUPPET_MASTER_SERVER:8140/packages/current/install.ps1', 'c:\windows\temp\install.ps1'); c:\windows\temp\install.ps1 msi:PUPPET_AGENT_ACCOUNT_DOMAIN=$PUPPET_DOMAIN msi:PUPPET_AGENT_ACCOUNT_USER=$PUPPET_ACCOUNT msi:PUPPET_AGENT_ACCOUNT_PASSWORD=$PUPPET_PASSWORD extension_requests:pp_role=$PUPPET_ROLE_MAN
11. Repeat this step for the Uninstall lifecycle and add the command below before clicking OK.
msiexec /qn /norestart /x c:\windows\temp\puppet-agent-x64.msi
12. Click Next.
13. Click Finish.
Modify Puppet's install scripts
Included with Puppet Enterprise are two install scripts for deploying agents for Windows in Linux. They are called install.ps1 and install.bash, and can be found in the same packages directory for the agents on the server.
In the case of our automated deployment, we needed to modify each script for the environment, and to add the pp_role extension from vRA properly. If you need assistance here, please contact your local WWT account team.
Modify Puppet's node classifications
Now that the software component, property definition and Puppet install script is set, we need to link the vRA roles to the Puppet node classifications before creating the blueprint in vRA.
1. Login to the Puppet UI and click Nodes > Classification.
2. Click the name of a classification to edit it. Under the Rules tab, type extensions.pp_role in the fact field.
3. In the value field, type the role name specified in vRA (case sensitive) and then click Add Rule.
4. Click Commit Changes to save. The results should look similar to this image below.
Create the vRA blueprint
The last step is to tie everything together into a blueprint for the service catalog.
1. In the vRA UI, click Design > Blueprints.
2. Click New.
3. Drag a vSphere Machine over to the design canvas, and then drag the Puppet software component into the machine.
4. Drag an existing network over to the canvas as well to assign which network will be used on the built VM.
5. On the vSphere Machine Properties tab, add the Puppet property definition. Leave the value blank, enable overridable and enable show in request. Click OK.
6. Click the Puppet software component and then click the Properties.
7. Click Edit to change the PUPPET_ROLE_MAN.
8. Enable Binding. In the value field, select the vSphere machine name and then append the property definition (~PUPPET_ROLE_LNX for our linux property). This tells the software component to use the value selected from the LNX dropdown list as the value for the PUPPET_ROLE_MAN property.
9. Configure any remaining settings for the blueprint and click Finish.
10. Publish the blueprint and then add it to a vRA Service in the catalog.
11. Entitle a user group to have access to the blueprint.
Final testing
Once the blueprint is published and entitled, it's now time to test things out.
Our blueprint included the ability to select the following other options:
- NSX Network Selection to match the VM service (Source: Jad El-Zein's Network Selection Blog)
- Avamar Data Protection Option (Note: Custom IP workflows from EMC's Enterprise Hybrid Cloud)
- Puppet Role Selection
- Manual Hostname entry (instead of machine prefix)
- Dennis Derks's vRA 7 Template Selection
Interested in hearing more? Explore our related content or reach out to WWT directly.