Automatic PE, a Bolt driven fusion of puppetlabs/peadm and Terraform.
- Description
- Setup - The basics of getting started with autope
- Usage - Configuration options and additional functionality
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
This Bolt project demonstrates how you can link together automation tools to take advantage of their strengths, e.g. Terraform for infrastructure deployment and Puppet for infrastructure configuration. We take puppetlabs/peadm and a Terraform module for GCP to facilitate rapid and repeatable deployments of Puppet Enterprise built upon the Standard, Large or Extra Large architecture w/ fail over replica (default).
Recent changes and an additional Terraform module have made it possible to also use autope to deploy Puppet Enterprise upon AWS but the interface is still being updated for consistency. While the interface is still being updated, consider the AWS support in beta.
Types of things you'll be paying your cloud provider for
- Instances of various sizes
- Load balancers
- Networks
- AWS CLI
- Environment variables or Shared Credentials file Authentication Method
- If using MFA, a script to set environment variables
- Clone this repository:
git clone https://github.com/puppetlabs/puppetlabs-autope.git && cd puppetlabs-autope/Boltdir
- Install module dependencies:
bolt puppetfile install
- Run plan:
bolt plan run autope project=example ssh_user=john.doe firewall_allow='[ "0.0.0.0/0" ]'
- Wait. This is best executed from a bastion host or alternatively, a fast connection with strong upload bandwidth
The command line will likely serve most uses of autope but if you wish to pass a longer list of IP blocks that are authorized to access your PE stack than creating a params.json file is going to be a good idea, instead of trying to type out a multi value array on the command line. The value that will ultimately be set for the GCP firewall will always include the internal network address space to ensure everything works no matter what is passed in by the user. Single IP addresses must be passed as a /32
.
{
"project" : "example",
"ssh_user" : "john.doe",
"version" : "2019.0.4",
"firewall_allow" : [ "71.236.165.233/32", "131.252.0.0/16", 140.211.0.0/16 ]
}
How to execute plan with params.json: bolt plan run autope --params @params.json
This can also be used to deploy PE's large architecture without a fail over replica on AWS
$(export-profile.py development)
bolt plan run autope provider=aws architecture=standard
Please note that for bolt to authenticate to the AWS-provisioned VMs you need to enable ssh agent like so:
$ eval `ssh-agent`
$ ssh-add
The number of options required are reduced when destroying a stack
bolt plan run autope::destroy
The number of options required are reduced when destroying a stack
bolt plan run autope::destroy provider=aws
Only supports what peadm supports and AWS does not currently have parity with the GCP provider, e.g. AWS ignores a few parameters