Using Puppet to Launch a Puppet Enterprise Cluster in AWS

Last week we released Puppet Enterprise 3.7. Whether you're new to Puppet, or an existing Puppet open source or Puppet Enterprise user, this is a great time to try out our latest release. There’s a ton of new stuff in Puppet Enterprise 3.7: Puppet Server and metrics; dynamic, rules-based classification; role-based access control and more.

Last week we also released a Puppet module to manage resources in Amazon Web Services like security groups and instances. Combining these two releases together we have a great way of spinning up a test environment for Puppet Enterprise quickly.

Puppet Enterprise is free for up to 10 nodes so it’s easy to just jump in. You’ll still be paying for the EC2 instances launched so remember to terminate those when you’re done.

Let’s create a brand new infrastructure in EC2 containing a Puppet Master and two agents, one running Linux and one running Windows. All you’ll need to try this out is an Amazon Web Services account.

The files used for this example this can be found in the examples folder of the project.

##The Master

First let’s define a security group, and create a node to run the master. Save this as pe_master.pp, or run it from a checkout of the source code.

$pe_username = 'admin@puppetlabs.com'
$pe_password = 'puppetlabs'
$pe_version_string = '3.7.0'

ec2_securitygroup { 'puppet':
  ensure           => present,
  region           => 'us-west-2',
  description      => 'Group for testing puppet AWS module',
  ingress          => [{
    security_group => 'puppet',
  },{
    protocol => 'tcp',
    port     => 443,
   cidr     => '0.0.0.0/0',
  }]
}

ec2_instance { 'puppet-master':
  ensure          => present,
  region          => 'us-west-2',
  image_id        => 'ami-e08efbd0',
  instance_type   => 'm3.large',
  monitoring      => 'true',
  security_groups => ['puppet'],
  user_data       => template('master-pe-userdata.erb'),
}

The important part here is the user data. This is a script which is passed to the newly created instance and run when it boots. For this example, the user data script installs a Puppet Enterprise master.

With the module installed as described in the README, you can run:

puppet apply pe_master.pp --test --templatedir templates

This will bring up the master node, create the security group and install PE via an answers file as described in the manifest. Please note that this could take up to 10 minutes for the machine to boot and Puppet Enterprise to fully install.

##The Console

Let’s access the running console. You can find the IP address under Public DNS in the AWS web console. Alternatively, you can use the Puppet resource command like so:

puppet resource ec2_instance puppet-master

This should return a Puppet resource, including the public IP and DNS details. Now let’s log in to your new Puppet Enterprise console. Go to https://your-public-ip-address in your web browser.

Once everything is running, you can log in with the username admin and the password puppetlabs, or you can change these in the pe_agent.pp file shown above.

Note the https part. Because we're just using a temporary IP address here you'll likely get a certificate error from your browser which you can safely ignore for now.

##The Agents

Now that we have a fully working master, we’re ready to launch the agents. Save the following as pe_agent.pp.

$pe_master_hostname = 'ip-your-ip-here.us-west-2.compute.internal'
$pe_version_string = '3.7.0'

ec2_instance { 'puppet-agent':
  ensure          => present,
  region          => 'us-west-2',
  image_id        => 'ami-e08efbd0', # RHEL 6.5
  instance_type   => 'm3.medium',
  monitoring      => 'true',
  security_groups => ['puppet'],
  user_data       => template('agent-pe-userdata.erb'),
}

ec2_instance { 'puppet-windows-agent':
  ensure          => present,
  region          => 'us-west-2',
  image_id        => 'ami-21f0bc11', # Windows Server 2012
  instance_type   => 'm3.medium',
  monitoring      => 'true',
  security_groups => ['puppet'],
  user_data       => template('windows-pe.erb'),
}

We now need to modify the pe_agent.pp manifest so it points at the newly created master. Open up pe_agent.pp again and change the line:

$pe_master_hostname = 'ip-your-ip-here.us-west-2.compute.internal'

You can find the IP address under Private DNS in the AWS web console. Alternatively, you can use the Puppet resource command again like so:

puppet resource ec2_instance puppet-master

This should return a Puppet resource, including the private IP and DNS details.

Finally you can run:

puppet apply pe_agent.pp --test --templatedir templates

This should take just a few minutes this time for the nodes to boot and communicate with the Puppet master. They should appear automatically in the PE console.

##Conclusions

Using Puppet to launch the infrastructure on which you run Puppet may seem a bit meta, but the real advantage comes when you manage that same infrastructure over time, not just launch it for the first time.

This and other examples of using the AWS module can be found alongside the modules source code. If you have an example you’d like to see just let us know.

Thanks for Chris Barker from our Technical Services Engineering team who did most of the work on this example.

##Learn More

Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.