To configure r10k in an existing Puppet Enterprise (PE) installation, set r10k parameters in the PE console. You can also use the console
to adjust r10k settings.
Before you begin
You need a control repo (with a Puppetfile) and the
file path for the SSH private key you created when you set up your control repo. For
information and instructions on setting up a control repo, go to Managing environments with a control repository.
-
In the PE console, go to , and locate the
puppet_enterprise::profile::master
class.
-
For the
r10k_remote
parameter, enter a string that is a valid SSH
URL for your Git control repository, such as git@<YOUR.GIT.SERVER.COM>:puppet/control.git
.
Important: Some Git providers have
additional requirements for enabling SSH access. For example, BitBucket requires
ssh://
at the beginning of the SSH URL (such as
ssh://git@<YOUR.GIT.SERVER.COM>:puppet/control.git
). See your
provider's documentation for this information.
-
For the
r10k_private_key
parameter, enter a string specifying the
path to the SSH private key you created when you set up your control repo, such as
"/etc/puppetlabs/puppetserver/ssh/id-control_repo.ed25519"
.
This key permits the pe-puppet
user to access your Git control repo. The private key file must be located
on the primary server, owned by the pe-puppet
user, and in a
directory that the pe-puppet
user has permission to view. We
recommend
/etc/puppetlabs/puppetserver/ssh/id-control_repo.ed25519
.
-
For the
r10k_known_hosts
parameter,
enter an array of hashes, with each hash containing the following
key-value pairs:
-
"name":"<HOSTNAME>"
: Specify the hostname
of your control repository host.
-
"type":"<HOST_KEY_TYPE>"
:
Specify the type of host key, such as rsa
, dsa
, ecds
, or ed25519
.
-
"key":"<HOST_PUBLIC_KEY>"
:
Specify the SSH public key for your control repository
host.
Structure the parameter as shown in the following
example:
[{"name":"<HOSTNAME>","type":"<HOST_KEY_TYPE>","key":"<HOST_PUBLIC_KEY>"},{"name":"<HOSTNAME>","type":"<HOST_KEY_TYPE>","key":"<HOST_PUBLIC_KEY>"}]
Optionally, each hash can accept values for "title"
, "ensure"
, and
"host_aliases"
.
The r10k_known_hosts
parameter
manages your known_hosts
file to
allow SSH host key verification, which is required when you use r10k.
-
Run Puppet on your primary server and
compilers.
What to do next
You can customize your r10k configuration in Hiera, if needed.
To deploy environments with r10k, you must use the command line to manually
trigger deployments. PE does not automatically run r10k after you configure it.