Forge Home

Modules

Resources

PuppetEcosystemPuppet CommunityUpdates

r10k

Dynamic environments with git & r10k
Project URLRSS FeedReport issues

1,884,919 downloads

174,069 latest version

3.8 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 999.999.999 (latest)
  • 3.2.0
  • 3.1.1
  • 3.1.0
  • 3.0.0
  • 2.8.4
  • 2.8.3
  • 2.8.2
  • 2.8.1
  • 2.8.0
  • 2.7.4
  • 2.7.3
  • 2.7.2
  • 2.7.1
  • 2.7.0
  • 2.6.5
  • 2.6.4
  • 2.6.3
  • 2.6.2
  • 2.6.1
  • 2.6.0
  • 2.5.4
  • 2.5.3
  • 2.5.2
  • 2.5.1
  • 2.5.0
  • 2.4.4
  • 2.4.3
  • 2.4.2
  • 2.4.1
  • 2.3.4
  • 2.3.1
  • 2.3.0
  • 2.2.8
  • 2.2.7
  • 2.2.6
  • 2.2.5
  • 2.2.4
  • 2.2.3
  • 2.2.2
  • 1.0.2
  • 1.0.1
  • 1.0.0
  • 0.0.7
  • 0.0.5
  • 0.0.2
  • 0.0.1
released Nov 20th 2014
This module has been deprecated by its author since Oct 27th 2017.

The author has suggested puppet-r10k as its replacement.

Start using this module

Tags: git, mcollective, pe, environment, r10k

Documentation

zack/r10k — version 2.4.1 Nov 20th 2014

r10k Configuration Module

Build Status

This is the r10k setup module. It has a base class to configure r10k to synchronize dynamic environments. You can be simply used by declaring it:

class { 'r10k':
  remote => 'git@github.com:someuser/puppet.git',
}

Installing into the puppet enterprise ruby stack

class { 'r10k':
  remote   => 'git@github.com:someuser/puppet.git',
  provider => 'pe_gem',
}

Version chart

Module Version r10k Version
v2.4.0 1.3.5
v2.3.1 1.3.4
v2.3.0 1.3.2
v2.2.8 1.3.1
v2.2.x 1.1.0

This will configure /etc/r10k.yaml and install the r10k gem after installing ruby using the puppetlabs/ruby module.

Here is an example of deploying the ssh keys needed for r10k to connect to a repo called puppet/control on a gitlab server.

#https://docs.puppetlabs.com/references/latest/type.html#sshkey
sshkey { "your.internal.gitlab.server.com":
  ensure => present,
  type   => "ssh-rsa",
  target => "/root/.ssh/known_hosts",
  key    => "...+dffsfHQ=="
}

# https://github.com/abrader/abrader-gms
git_deploy_key { 'add_deploy_key_to_puppet_control':
  ensure       => present,
  name         => $::fqdn,
  path         => '/root/.ssh/id_dsa.pub',
  token        => hiera('gitlab_api_token'),
  project_name => 'puppet/control',
  server_url   => 'http://your.internal.gitlab.server.com',
  provider     => 'gitlab.com',
}

Helper classes

It also has a few helper classes that do some useful things. The following entry in Hiera will add a postrun_command to puppet.conf.

r10k::include_postrun_command: true

The concept here is that this is declared on the puppet master(s) that have been configured with r10k. This will cause r10k to synchronize before each puppet run. Any errors synchronizing will be logged to the standard puppet run.

This module requires the puppetlabs-ruby module. In the event that your environment already includes the module with some customization, you can use the manage_ruby_dependency parameter to adjust how this module expresses that requirement. The supported values are include,declare, or ignore. The values' behavior is outlined below:

  • declare default This will explicitly declare the ruby module. Additional declarations of the ruby module will result in an inability to compile a catalog.

  • include This will simply include the ruby module. When combined with class ordering, this will permit the user to manage the instantiation of the ruby module elsewhere, potentially with non-standard parameter values.

  • ignore This will assume that ruby is handled via some other mechanism than a puppet module named ruby. It is left to the user to insure the requirement be met.

symlink to r10k.yaml

These entries in Hiera will create a symlink at /etc/r10k.yaml that points to the config file at /etc/puppet/r10k.yaml

r10k::configfile: /etc/puppet/r10k.yaml
r10k::manage_configfile_symlink: true
r10k::configfile_symlink: /etc/r10k.yaml

Alternative install

Installing using a proxy server

# Create a global gemrc for Puppet Enterprise to add the local gem source
# See http://projects.puppetlabs.com/issues/18053#note-12 for more information.

file { '/opt/puppet/etc':
  ensure => 'directory',
  owner  => 'root',
  group  => '0',
  mode   => '0755',
}

file { 'gemrc':
  ensure  => 'file',
  path    => '/opt/puppet/etc/gemrc',
  owner   => 'root',
  group   => '0',
  mode    => '0644',
  content => "---\ngem: --http-proxy=http://your.proxy.server:8080\n",
}

class { 'r10k':
  remote   => 'git@github.com:someuser/puppet.git',
  provider => 'pe_gem',
  require  => File['gemrc'],
}

# The following will allow r10k to use Puppetfile via the proxy
file { '/root/.gitconfig':
  ensure => 'file',
  owner  => 'root',
  group  => '0',
  mode   => '0600',
}

# https://forge.puppetlabs.com/puppetlabs/inifile
Ini_setting {
  ensure  => present,
  path    => '/root/.gitconfig',
  value   => 'http://proxy.your.company.com:8080',
}

file { '/root/.gitconfig':
  ensure => 'file',
  owner  => 'root',
  group  => '0',
  mode   => '0600',
}


ini_setting { 'git http proxy setting':
  section => 'http',
  setting => 'proxy',
}

ini_setting { 'git https proxy setting':
  section => 'https',
  setting => 'proxy',
}

Using a internal gem server

# Create a global gemrc for Puppet Enterprise to add the local gem source
# See http://projects.puppetlabs.com/issues/18053#note-12 for more information.

file { '/opt/puppet/etc':
  ensure => 'directory',
  owner  => 'root',
  group  => '0',
  mode   => '0755',
}

file { 'gemrc':
  ensure  => 'file',
  path    => '/opt/puppet/etc/gemrc',
  owner   => 'root',
  group   => '0',
  mode    => '0644',
  content => "---\nupdate_sources: true\n:sources:\n- http://your.internal.gem.server.com/rubygems/\n",
}

class { 'r10k':
  remote   => 'git@github.com:someuser/puppet.git',
  provider => 'pe_gem',
  require  => File['gemrc'],
}

Mcollective Support

alt tag

An mcollective agent is included in this module which can be used to do on demand synchronization. This mcollective application and agent can be installed on all masters using the following class

include r10k::mcollective

Using mco you can then trigger mcollective to call r10k using

mco r10k synchronize

You can sync an individual environment using:

mco r10k deploy <environment>

An example post-recieve hook is included in the files directory. This hook can automatically cause code to synchronize on your servers at time of push in git.

###Install mcollective support for post recieve hooks Install the mco command from the puppet enterprise installation directory i.e.

cd ~/puppet-enterprise-3.0.1-el-6-x86_64/packages/el-6-x86_64
sudo rpm -i pe-mcollective-client-2.2.4-2.pe.el6.noarch.rpm

Copy the peadmin mcollective configuration and private keys from the certificate authority (puppet master)

/var/lib/peadmin/.mcollective
/var/lib/peadmin/.mcollective.d/mcollective-public.pem
/var/lib/peadmin/.mcollective.d/peadmin-cacert.pem
/var/lib/peadmin/.mcollective.d/peadmin-cert.pem
/var/lib/peadmin/.mcollective.d/peadmin-private.pem
/var/lib/peadmin/.mcollective.d/peadmin-public.pem

Ensure you update the paths in ~/.mcollective when copying to new users whose name is not peadmin. Ideally mcollective will be used with more then just the peadmin user's certificate in the future. That said, if your git user does not have a home diretory, you can rename .mcollective as /etc/client.cfg and copy the certs to somewhere that is readable by the respective user.

/home/gitolite/.mcollective
/home/gitolite/.mcollective.d/mcollective-public.pem
/home/gitolite/.mcollective.d/peadmin-cacert.pem
/home/gitolite/.mcollective.d/peadmin-cert.pem
/home/gitolite/.mcollective.d/peadmin-private.pem
/home/gitolite/.mcollective.d/peadmin-public.pem

Note: PE2 only requires the .mcollective file as the default auth was psk ##Support

Webhook Support

alt tag
For version control systems that use web driven post-receive processes you can use the example webhook included in this module. This webhook currently only runs on Puppet Enterprise and uses mcollective to automatically synchronize your environment across multiple masters. The webhook must be configured on the respective "control" repository a master that has mco installed and can contact the other masters in your fleet.

Currently this is a feature Puppet Enterprise only.

Webhook Prefix Example

The following is an example of declaring the webhook when r10k prefixing is enabled

file {'/usr/local/bin/prefix_command.rb':
  ensure => file,
  mode   => '0755',
  owner  => 'root',
  group  => '0',
  source => 'puppet:///modules/r10k/prefix_command.rb',
}

class {'r10k::webhook::config':
  prefix         => true,
  prefix_command => '/usr/local/bin/prefix_command.rb',
  notify         => Service['webhook'],
  require        => File['/usr/local/bin/prefix_command.rb'],
}

class {'r10k::webhook':
  require => Class['r10k::webhook::config'],
}

# https://github.com/abrader/abrader-gms
git_webhook { 'web_post_receive_webhook' :
  ensure       => present,
  webhook_url  => 'https://puppet:puppet@master.of.masters:8088/payload',
  token        =>  hiera('gitlab_api_token'),
  project_name => 'puppet/controle',
  server_url   => 'http://github.com',
  provider     => 'gitlab',
}

Webhook Non authenticated example

class {'r10k::webhook::config':
  enable_ssl     => false,
  protected      => false,
  notify         => Service['webhook'],
}

class {'r10k::webhook':
  require => Class['r10k::webhook::config'],
}

# https://github.com/abrader/abrader-gms
git_webhook { 'web_post_receive_webhook' :
  ensure       => present,
  webhook_url  => 'http://master.of.masters:8088/payload',
  token        =>  hiera('github_api_token'),
  project_name => 'puppet/controle',
  server_url   => 'http://github.com',
  provider     => 'github',
}

Please log tickets and issues at our Projects site