Setting up a control repository
Puppet Enterprise (PE) includes both Code Manager and r10k, so you don’t need to separately download or install them. Before you begin using these code management tools, however, you need to make sure they can communicate with Git.
Managing code with a control repository
Code management in PE uses your existing Git repository (repo) branches to create environments. Environments allow you to designate a node or node group to use a specific environment. For example, you could designate one node group to use the development environment and another to use the production environment. As you update the code in your control repo, code management tracks the state of that repo to keep each environment updated.
Each branch of a connected repository is copied into a directory named after the branch. These environments are created in
/etc/puppetlabs/code/environmentson the Puppet master. For instance, if your repository is called “mycontrolrepo”, with branches named “production”, “test”, and “development”, your production branch becomes a production directory, the test branch becomes a test directory, and the development branch becomes a development directory.
Warning! Because these environment directories are managed by Puppet’s code management, existing environments are not preserved. Environments with the same name as the new one are overwritten. Environments not represented in the new control repo are erased. If you were using environments before, commit any necessary files or code to the appropriate new environment branch, or back them up somewhere before you start configuring code management.
Set up your Git repo
Code management relies on version control, so before you begin configuring or using code management, set up your control repository:
Create a Git repository to act as a repo for your code. You’ll maintain this control repo using a development machine that is separate from your Puppet master.
Create a ‘production’ branch in your repo, and then delete the ‘master’ branch. The production branch is the default branch for your control repo. (Note: Your control repo must have a production branch.) If you are using multiple control repos, do not duplicate branch names. The Puppet
control repotemplate provides an example of a control repo.
You’ll base your other branches and environments on the production branch, but before you start creating those branches, you’ll create a base production Puppetfile as detailed in your next steps.
Generate a private SSH key to allow access to the control repository. See Github’s Generating SSH keys for details on generating an SSH key for your repo. Your development machine needs full read/write access to your repos, and the Puppet master needs read access.
After PE installation is complete, place this private key in a location that the
pe-puppetuser can access; we recommend
/etc/puppetlabs/puppetserver/ssh/id-control_repo.rsa. Verify that the file itself has the correct permissions for the
pe-puppetuser, which is created during PE installation, to use that key.