Configure r10k

To configure r10k in an existing Puppet Enterprise (PE) installation, set r10k parameters in the PE console. You can also use the console to adjust r10k settings.

Before you begin
You need a control repo (with a Puppetfile) and the file path for the SSH private key you created when you set up your control repo. For information and instructions on setting up a control repo, go to Managing environments with a control repository.
  1. In the PE console, go to Node groups > PE Master > Classes, and locate the puppet_enterprise::profile::master class.
  2. For the r10k_remote parameter, enter a string that is a valid SSH URL for your Git control repository, such as git@<YOUR.GIT.SERVER.COM>:puppet/control.git.
    Important: Some Git providers have additional requirements for enabling SSH access. For example, BitBucket requires ssh:// at the beginning of the SSH URL (such as ssh://git@<YOUR.GIT.SERVER.COM>:puppet/control.git). See your provider's documentation for this information.
  3. For the r10k_private_key parameter, enter a string specifying the path to the SSH private key you created when you set up your control repo, such as "/etc/puppetlabs/puppetserver/ssh/id-control_repo.ed25519".
    This key permits the pe-puppet user to access your Git control repo. The private key file must be located on the primary server, owned by the pe-puppet user, and in a directory that the pe-puppet user has permission to view. We recommend /etc/puppetlabs/puppetserver/ssh/id-control_repo.ed25519.
  4. For the r10k_known_hosts parameter, enter an array of hashes, with each hash containing the following key-value pairs:
    • "name":"<HOSTNAME>": Specify the hostname of your control repository host.
    • "type":"<HOST_KEY_TYPE>": Specify the type of host key, such as rsa, dsa, ecds, or ed25519.
    • "key":"<HOST_PUBLIC_KEY>": Specify the SSH public key for your control repository host.
    Structure the parameter as shown in the following example:
    [{"name":"<HOSTNAME>","type":"<HOST_KEY_TYPE>","key":"<HOST_PUBLIC_KEY>"},{"name":"<HOSTNAME>","type":"<HOST_KEY_TYPE>","key":"<HOST_PUBLIC_KEY>"}]

    Optionally, each hash can accept values for "title", "ensure", and "host_aliases".

    The r10k_known_hosts parameter manages your known_hosts file to allow SSH host key verification, which is required when you use r10k.

  5. Run Puppet on your primary server and compilers.
What to do next

You can customize your r10k configuration in Hiera, if needed.

To deploy environments with r10k, you must use the command line to manually trigger deployments. PE does not automatically run r10k after you configure it.