Simple orchestration with Puppet Bolt

March 30, 2020 – Samuli Seppänen

As discussed in the introductory post one of the use-cases for Puppet Bolt is orchestration - running actions on multiple targets in a certain order, possibly using results of actions or data from some targets on other targets. Orchestration with Bolt plans is quite easy: you just create a plan with multiple TargetSpec parameters, each representing a target or a type of target. A classic example is two or more web servers behind a load balancer. In this case we do something even simpler and just take a fact from a node called "first" and create a file on node "second" that uses the value of that fact in a file.

In this case our inventory.yaml at the root of our control repository (also Boltdir) looks like this:

---
version: 2
groups:
  - name: vagrant
    targets:
    - ubuntu-1604
    - ubuntu-1804

Both of these nodes are Vagrant VMs. Their SSH connection defaults have been added to ~/.ssh/config in the usual "vagrant ssh-config ubuntu-1604 >> ~/.ssh/config" style. This allows Bolt to connect to them easily.

Our plan is in site/profile/plans/orchestrate.pp and looks like this:

# Demo of simple orchestration
plan profile::orchestrate
(
  TargetSpec $first,
  TargetSpec $second
)
{
  # Prepare nodes for Bolt (install Puppet etc)
  apply_prep([$first, $second])

  # This makes references to "first" a bit easier. If several "first" servers were
  # defined this would refer to the first of them.
  $first_node = get_targets($first)[0]

  # Run "puppet apply" on the "second" server and use a fact from "first"
  apply($second) {
    file { '/first.info':
      ensure  => 'present',
      content => "FQDN of first node: ${first_node.facts['fqdn']}\n",
    }
  }
}

This plan is targeted to correct nodes by giving both plan parameters a value. As both parameters are of TargetSpec type we don't want or need to use the --target parameter at all, unlike with ad hoc commands:

$ bolt plan run profile::orchestrate first=ubuntu-1604 second=ubuntu-1804 --run-as root
 Starting: plan profile::orchestrate
 Starting: install puppet and gather facts on ubuntu-1604, ubuntu-1804
 Finished: install puppet and gather facts with 0 failures in 8.01 sec
 Starting: apply catalog on ubuntu-1804
 Finished: apply catalog with 0 failures in 9.49 sec
 Finished: plan profile::orchestrate in 17.53 sec
 Plan completed successfully with no result

Nothing seems to have happened. However, if we run an ad hoc command to check the value of /first.info on the second server we see that things have worked as expected:

$ bolt command run "cat /first.info" --target ubuntu-1804
 Started on ubuntu-1804…
 Finished on ubuntu-1804:
   STDOUT:
     FQDN of first node: ubuntu-1604.local
 Successful on 1 target: ubuntu-1804
 Ran on 1 target in 0.81 sec                 

...

Did you like the article? Share it with others!
Categories
#aad #Access #acl #alertmanager #ansible #ansible module development #Apache #API #augeas #authentication #authorization #automation #automatization #aws #azure #backup #bash #bitbucket #buildbot #cache #centos #cloud #cloud-init #cloudflare #cloudfront #cluster #connectionsJpa #control repo #custom fact #database #debian #devops #digital sovereignty #DNS #docker #domain mode #duplo #edenred #ejabberd #email #encryption #erb #europe #eyaml #fabric #facter #facts #fargate #fedora #file #finnish #foreman #freeipa #git #github #gitlab #gnome #google #grafana #hammer #hiera #IAM #import #infinispan #Infrastructure as Code #ipmi #irc #jboss #jdk #jenkins #JMESPath #json #kanban #keycloak #letsencrypt #librarian-puppet #librenms #linkedin #Linux #Location #loop #marketing #mautic #Mellon #mfa #microsoft #monitoring #mysql #nagios #network-manager #oauth #oauth2 #office365 #oidc #openshift #open source #openvpn #oxygen #packer #paranormal #pdk #people #php #pkcs7 #pomodoro #Powershell #preseed #presentation #profiles #prometheus #provisioning #puppet #puppet-bolt #puppet-litmus #puppetboard #puppetdb #Puppetfile #puppetserver #puppet types and providers #pxeboot #qemu #quality #r10k #rds #recruitment #redirect #Restrict #Reverse Proxy #robotframework #roles #rspec #ruby #SAML #selinux #sem #shell #showsql #snmp #snmpd #software developement #spam #ssh #sso #standardization #systemd #systemd-resolved #teams #terraform #twilio #ubuntu #user-data #vagrant #vanity awards #variable #vim #virtualbox #visualstudio #webdevelopment #wildfly #Windows #wireguard #wordpress #workflow #x11 #xmpp #zimbra
We are
 Puppeteers
menucross-circle