Name: control-repo-pe-fork
Owner: Example42
Description: A control repository template
Forked from: puppetlabs/control-repo
Created: 2016-03-08 20:02:08.0
Updated: 2016-05-12 18:33:54.0
Pushed: 2016-03-09 00:51:23.0
Homepage: null
Size: 96
Language: Puppet
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
This control repo and the steps below are intended to be used during a new installation of PE.
The instructions are geared towards a new installation of PE2015.3.z. However, the control-repo should work just fine on PE2015.2.z
If you intend to use this control-repo on an existing installation then be warned that if you've already written or downloaded modules when you start using r10k it will remove all of the existing modules and replace them with what you define in your Puppetfile. Please copy or move your existing modules to another directory to ensure you do not lose any work you've already started.
As a result of following the instructions below you will receive at least the beginning of a best-practices installation of PE including…
This control repository is setup to manage certain portions of your PE installation for you if you create a trusted fact called pp_role
. In order to do so, lay down a file that looks exactly like the below in /etc/puppetlabs/puppet/csr_attributes.yaml
nsion_requests:
p_role
3.6.1.4.1.34380.1.1.13: 'all_in_one_pe'
Good then you can proceed forward and the trusted fact will be used when you get to the install step.
Trusted facts are created at the time a CSR is generated. So, we need to regenerate the certificate on the master for the above trusted fact to be created.
Follow this document to regenerate the certificate on your master.
http://docs.puppetlabs.com/pe/latest/regenerate_certs_master.html
Install Gitlab
https://about.gitlab.com/downloads/
After Gitlab is installed you may sign if with the root
user and password 5iveL!fe
Make a user for yourself
Make an ssh key to link with your user. You?ll want to do this on the machine you intend to edit code from ( most likely not your puppet master but your local workstation / laptop )
http://doc.gitlab.com/ce/ssh/README.html
https://help.github.com/articles/generating-ssh-keys/
Create a group called puppet
( this is case sensitive )
http://doc.gitlab.com/ce/workflow/groups.html
Create a user called r10k_api_user
and add them to the puppet
group
From the landing page, select groups
Choose the puppet group
In the left hand pane, select memembers
Add the r10k_api_user
with master
permissions
Add your user to the puppet
group as well
Create a project called control-repo
and set the Namespace to be the puppet
group
Logout of root and login as the r10k_api_user
Go to profile settings -> account ( https://
Copy the api token
Clone this control repository to your laptop/workstation
git clone <repository url>
cd control-repo
git mv hieradata/nodes/example-puppet-master.yaml hieradata/nodes/<fqdn_of_your_puppet_master>.yaml
Open hieradata/nodes/<fqdn_of_your_puppet_master>.yaml
gms_api_token
to be your api tokengit_management_system
to be 'gitlab'gms_server_url
git add hieradata/nodes/<fqdn_of_your_puppet_master>.yaml
git commit -m "renaming example-puppet-master.yaml"
Rename my repository as the upstream remote
git remote rename origin upstream
Add your internal repository as the origin remote
git remote add origin <url of your gitlab repository>
Push the production branch of the repository from your machine up to your git server
git push origin production
git branch --set-upstream-to origin/production
Coming soon!
Coming soon!
cd
into the directorypuppet-enterprise-installer
to installIf you run into any issues or have more questions about the installer you can see our docs here:
http://docs.puppetlabs.com/pe/latest/install_basic.html
At this point you have our control-repo code deployed into your git server. However, we have one final challenge: getting that code onto your puppet master. In the end state the master will pull code from the git server via r10k, however, at this moment your puppet master doesn't have credentials to get code from the git server.
So, we'll set up a deploy key in the git server that will allow a ssh-key we make to deploy the code and configure everything else.
/usr/bin/ssh-keygen -t rsa -b 2048 -C 'code_manager' -f /etc/puppetlabs/puppetserver/code_manager.key -q -N ''
control-repo
project in Gitlabcat /etc/puppetlabs/puppetserver/code_manager.key.pub
puppet_enterprise::profile::master
r10k_remote
to the ssh url from the front page of your gitlab repor10k_private_key
parameter to /etc/puppetlabs/puppetserver/code_manager.key
puppet agent -t
r10k.yaml
r10k deploy environment -pv
puppet agent -t
echo 'code_manager_mv_old_code=true' > /opt/puppetlabs/facter/facts.d/code_manager_mv_old_code.txt
puppet agent -t
One of the components setup by this control-repo is that when you “push” code to your git server, the git server will inform the puppet master to deploy branch you just pushed.
tail -f /var/log/puppetlabs/puppetserver/puppetserver.log
touch test_file
git add test_file
git commit -m "adding a test_file"
git push origin production
ls -l /etc/puppetlabs/code/environments/production
puppetserver.log
to see the type of logging each sync will createRemove pe_r10k
from the PE master group in the console and instead add the following two parameters to the puppet_enterprise::profile::master
class under the PE master group.
r10k_remote
= the ssh url for your internal repor10k_private_key
= /etc/puppetlabs/puppetserver/code_manager.key
When upgrading the puppet_enterprise::profile::master
class has the file_sync_enabled
parameter set to false
. This parameter should be removed so that code manager can configure file sync.
Finally, you?ll need to echo 'code_manager_mv_old_code=true' > /opt/puppetlabs/facter/facts.d/code_manager_mv_old_code.txt
so that my puppet code will redeploy all of your code with code manager.
If you are using PE2015.2.z or if you've forced the use of the zack/r10k webhook then you'll want to test that it works.
One of the components setup by this control-repo is that when you “push” code to your git server, the git server will inform the puppet master to run r10k deploy environment -p
.
git add README.md
git commit -m "edit README"
git push origin production
/etc/puppetlabs/code/environments/production/README.md
and confirm your change is present