Unfortunately I don't have a Terraform provider for Puppet, but we
recently started to use Terraform in combination with Puppet (~3 weeks ago).
This is how we do it currently and there is probably a lot of ways how
to improve it (ENC and Hiera retrieve node specific data from a mysql
based CMDB, default are in git in a yaml structure):
- nodes get staged with a default puppet role assigned which includes
the base profile and sets up mcollective
- once they are staged the final role and parameters are assigned with a
custom provider/resource for the CMDB
there are two null resources to run puppet with a local exec provisioner
and an mco wrapper script which takes a list of nodes and some
parameters to limit concurrent runs. The first one has an instance per
node and triggers the deployment if the node is new and the new role is
assigned. The second one triggers if the parameters change :
resource "null_resource" "puppet_deploy" {
triggers {
instance_ids = "${var.servers[count.index]}"
}
count = "${var.server_count}"
depends_on = ["cmdb_host.host"]
provisioner "local-exec" {
command = "./mco_puppet_wrapper.rb --environment
${var.puppet_env} ${var.servers[count.index]}"
}
}
resource "null_resource" "puppet_change" {
triggers {
some_puppet_class = "${join(",",
cmdb_service.some_puppet_class.parameters)}"
}
depends_on = ["null_resource.puppet_deploy"]
provisioner "local-exec" {
command = "./mco_puppet_wrapper.rb --environment
${var.puppet_env} --strategy ${var.puppet_strategy} --max_parallel
${var.puppet_max_parallel} ${join(" ", var.servers)}"
}
}
All the mco_puppet_wrapper does is wait if puppet is still running, if
not start a run and then wait until it is finished. The strategy option
just lets you decide if the change is applied on all nodes in parallel
or not which is a bit redundant with max_parallel, so I will probably
remove it in the future :-)
So not really what you asked for, but I would be really interested if
the provisioner you have in mind is something along this lines.
Greetings
Andreas
On 10/11/2016 04:37 AM, James Turnbull wrote:
> Is anyone working on a Terraform provisioner? Or have one internal that
> they'd like to open source (If so, am volunteering to make it all nice
> for the outside world and write you documentation, etc).
>
> Cheers
>
> James
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/046da7f1-4714-e8be-e564-d7e66f70c379%40puzzle.ch.
For more options, visit https://groups.google.com/d/optout.
