3.4 KiB
layout | page_title | sidebar_current | description |
---|---|---|---|
docs | Provisioner: puppet | docs-provisioners-puppet | The `puppet` provisioner installs, configures and runs the Puppet agent on a resource. |
Puppet Provisioner
The puppet
provisioner installs, configures and runs the Puppet agent on a
remote resource. The puppet
provisioner supports both ssh
and winrm
type
connections.
Requirements
The puppet
provisioner has some prerequisites for specific connection types:
- For
ssh
type connections,cURL
must be available on the remote host. - For
winrm
connections,PowerShell 2.0
must be available on the remote host.
Without these prerequisites, your provisioning execution will fail.
Additionally, the puppet
provisioner requires
Bolt to be installed on your workstation
with the following modules
installed
danieldreier/autosign
puppetlabs/puppet_agent
Example usage
resource "aws_instance" "web" {
# ...
provisioner "puppet" {
server = aws_instance.puppetmaster.public_dns
server_user = "ubuntu"
extension_requests = {
pp_role = "webserver"
}
}
}
Argument Reference
The following arguments are supported:
-
server (string)
- (Required) The FQDN of the Puppet master that the agent is to connect to. -
server_user (string)
- (Optional) The user that Bolt should connect to the server as (defaults toroot
). -
os_type (string)
- (Optional) The OS type of the resource. Valid options are:linux
andwindows
. If not supplied, the connection type will be used to determine the OS type (ssh
will assumelinux
andwinrm
will assumewindows
). -
use_sudo (boolean)
- (Optional) Iftrue
, commands run on the resource will have their privileges elevated with sudo (defaults totrue
when the OS type islinux
andfalse
when the OS type iswindows
). -
autosign (boolean)
- (Optional) Set totrue
if the Puppet master is using Daniel Dreier's policy-based autosigning tool (defaults totrue
). -
open_source (boolean)
- (Optional) Iftrue
the open source Puppet agent will be installed on the resource, otherwise the Puppet Enterprise agent will be installed (defaults totrue
). -
certname (string)
- (Optional) The Subject CN used when requesting a certificate from the Puppet master CA (defaults to the FQDN of the resource). -
extension_request (map)
- (Optional) A map of extension requests to be embedded in the certificate signing request before it is sent to the Puppet master CA and then transferred to the final certificate when the CSR is signed. -
custom_attributes (map)
- (Optional) A map of custom attributes to be embedded in the certificate signing request before it is sent to the Puppet master CA. -
environment (string)
- (Optional) The name of the environment which the Puppet agent will be running in (defaults toproduction
). -
bolt_timeout (string)
- (Optional) The timeout to wait for Bolt tasks to complete. This should be specified as a string like30s
or5m
(defaults to5m
- 5 minutes).