One-click PuppetMaster

Project and Objective:

provide a client with the ability to build a PuppetMaster using only one click and able to be brought up in any Amazon region.

Needs:

The tool needed to be supportable, produce consistent results and work quickly. Customization and portability were not particularly important – they aren’t going to move off of Amazon anytime soon. Given the needs I utilized CloudFormation for the basis of the the tool. By leveraging the CloudFormation service anyone with familiarity with Amazon can easily build and modify the tooling.

Benefits:

Consistency, speed and availability.

Process:

If you peak under the hood of the tool you’d see the following happening in the order below:

  1. User instantiates CloudFormation with a region parameter.
  2. CloudFormation provisions resources such as an EC2 instance, a security group and an IAM Role (see “Resources Used”)
  3. EC2 resource is created, cloud-init runs user-data shell script.
  4. user-data shell script performs the following:
    1. lightweight machine configuration
    2. installs puppet from Puppetlabs
    3. gets puppetmaster configuration from GitHub
    4. installs the puppetmaster server through a puppet apply

Resources Used:

  1. CloudFormation, used for provisioning AWS resources:
    1. EC2 instance: used for running the PuppetMaster
    2. Security Group: used for allowing access to the PuppetMaster machine
    3. Route53 Resource Record: for locating the PuppterMaster
    4. IAM Role: used for getting configuration information required to access GitHub.
    5. cloud-init with user-data: used for lightweight configuration, connecting to GitHub and bootstrapping puppet.
  2. GitHub: used for storing the PuppetMaster configuration and Puppet client configuration.
  3. Puppet: once running puppet apply was used to build the initial PuppetMaster server
  4. Python and tool cloudinit inject

Result:

Running the following command created a fully-functioning PuppetMaster server in the AWS us-east-1 region.

cfn-create-stack puppetmaster --template-file puppetmaster_merged.json --parameters "puppetFQDN=puppet-prod-iad-001.test.com" --capabilities CAPABILITY_IAM

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s