Terraform provisioner?

142 views
Skip to first unread message

James Turnbull

unread,
Oct 10, 2016, 10:37:44 PM10/10/16
to puppet...@googlegroups.com
Is anyone working on a Terraform provisioner? Or have one internal that
they'd like to open source (If so, am volunteering to make it all nice
for the outside world and write you documentation, etc).

Cheers

James

--
* The Art of Monitoring (https://artofmonitoring.com)
* The Docker Book (https://dockerbook.com)
* The LogStash Book (https://logstashbook.com)
* Pro Puppet (http://tinyurl.com/ppuppet2 )
* Pro Linux System Administration (http://tinyurl.com/linuxadmin)
* Hardening Linux (http://tinyurl.com/hardeninglinux)

Andreas Zuber

unread,
Oct 12, 2016, 5:43:38 AM10/12/16
to puppet...@googlegroups.com

Unfortunately I don't have a Terraform provider for Puppet, but we recently started to use Terraform in combination with Puppet (~3 weeks ago).

This is how we do it currently and there is probably a lot of ways how to improve it (ENC and Hiera retrieve node specific data from a mysql based CMDB, default are in git in a yaml structure):

- nodes get staged with a default puppet role assigned which includes the base profile and sets up mcollective

- once they are staged the final role and parameters are assigned with a custom provider/resource for the CMDB

there are two null resources to run puppet with a local exec provisioner and an mco wrapper script which takes a list of nodes and some parameters to limit concurrent runs. The first one has an instance per node and triggers the deployment if the node is new and the new role is assigned. The second one triggers if the parameters change :

resource "null_resource" "puppet_deploy" {

    triggers {

        instance_ids = "${var.servers[count.index]}"

    }

    count = "${var.server_count}"

    depends_on = ["cmdb_host.host"] 

    provisioner "local-exec" {

        command = "./mco_puppet_wrapper.rb --environment ${var.puppet_env} ${var.servers[count.index]}"

    }

} 

resource "null_resource" "puppet_change" {

    triggers {

        some_puppet_class = "${join(",", cmdb_service.some_puppet_class.parameters)}"

    }

    depends_on = ["null_resource.puppet_deploy"] 

    provisioner "local-exec" {

        command = "./mco_puppet_wrapper.rb --environment ${var.puppet_env} --strategy ${var.puppet_strategy} --max_parallel ${var.puppet_max_parallel} ${join(" ", var.servers)}"

    }

}

All the mco_puppet_wrapper does is wait if puppet is still running, if not start a run and then wait until it is finished. The strategy option just lets you decide if the change is applied on all nodes in parallel or not which is a bit redundant with max_parallel, so I will probably remove it in the future :-)

So not really what you asked for, but I would be really interested if the provisioner you have in mind is something along this lines.

Greetings

Andreas

Reply all
Reply to author
Forward
0 new messages