Forge logo
❮ Return to Configuration Management

Set up the Puppet Plug-in to provision nodes with vRA

by Puppet
Posted: July 30, 2020

The Puppet Plug-in for VMware vRealize Automation (vRA) provisions a node by installing an agent, adding the agent to Puppet Enterprise (PE), and assigning a role and environment to the node at the push of a button. This guide details setting up the plug-in using a module to configure the PE server, installing the plug-in, and adding the endpoint that allows you to start building blueprints with Puppet features in vRA.

These instructions help you start running the Puppet plug-in with vRA 7.x in a production environment. There is a simpler way to get started with the plug-in using the reference implementation, which contains a prepackaged implementation complete with sample blueprints. However, the reference implementation is not suitable to run in a production environment out of the box. You can download the reference implementation and customize the content and blueprints to meet your needs, but this guide assumes you are starting from scratch.

Note: the plug-in does not work with vRA 8 and newer because similar Puppet functionalities are now integrated in vRA.

Before you begin

  • Install Puppet Enterprise >= 2018.1
  • Install VRA
    • The Puppet vRO plugin is compatible with VRA 7.3 to 7.6. If you already use a different version of vRA and want to start fresh, you must completely remove the previous version prior to installing the other version.

1. Install the plug-in prep module

The vra_puppet_plug-in_prep module configures the PE server for you by doing the following:

  • Creates a user for the plug-in to use with SSH and the API.
  • Creates sudo rules for this user so the plug-in can run commands.
  • Configures the autosign policy.

After you install the module, follow the README to finish setup.

2. Install the plugin

  1. Download the Puppet plug-in .vmoapp package.
  2. Log in to the vRO server control center at https://:8283/vco-controlcenter.
  3. On the Plugins tab, click Install plug-in, and install the plug-in .vmoapp package downloaded from the VMware Solution Exchange.
  4. After the installation confirmation message appears, click the Startup options link in the message reminding you to restart the orchestrator server. You must always restart the orchestrator after installation.
  5. On the Startup options page, click Restart.

3. Classify nodes and create a rule

Classify a node with its intended role based on the pp_role trusted fact.

The plug-in populates the pp_role trusted fact with the name of the role class. Depending on the method you use to classify nodes and node groups, you can classify the node with the role class in one of two ways.

  • Create a node group that matches the role class provided by the vRA blueprint.
    For example: trusted.extensions.pp_role = role::example_role
  • Declare the $trusted['pp_role'] for inclusion in the site.pp manifest.
    For example:
if $trusted['pp_role'] and defined($trusted['pp_role']) {
  include $trusted['pp_role']
}

Set a rule for trusted.extensions.pp_environment in your environment node groups.

Each node has the pp_environment trusted fact populated with the desired Puppet code environment as configured in vRA. In each environment group, create a rule to match the corresponding trusted.extensions.pp_environment. For example: trusted.extensions.pp_environment = production

4. Add a server endpoint

The endpoint points to your server and allows you to create blueprints with Puppet features.

Run the Add a Puppet Enterprise (PE) server workflow provided by the Puppet plug-in with these parameters:

  • Display Name for this Puppet server: The name for this PE server
  • Hostname or IP Address: The hostname or IP address of the PE server
  • SSH Port: 22
  • SSH and RBAC Username: The user you created
  • SSH and RBAC Password: The password you configured
  • Use sudo for shell commands on this server?: yes (no if using the root user)

5. Make blueprints with Puppet features

Now that Puppet and vRA are connected using the plug-in, you can start building blueprints. Blueprints are sets of instructions for provisioning a node and you can create and customize them in the vRA GUI.

To build a blueprint from scratch, see the Designing blueprints docs on the VMware website. You can use the vRO/vRA property reference for a list of Puppet properties to include in your blueprints and workflows.

vRA graphical interface, new Blueprint

Make sure to set the Puppet.RoleClass property in the blueprint you create. This allows the plug-in to find role information. For example: vRA graphical interface, add the Puppet.RoleClass property with value of example_role

Learn more

Now that you’ve installed the plug-in and started making blueprints, here are some additional resources for configuring, troubleshooting, and expanding your setup.