Testing Puppet Code Using the Vagrant Provisioner

March 14, 2018 Security and Compliance, MOVEit

Vagrant is an excellent tool used for testing out application deployments and scripts. It is lightweight, fast, and allows you to bring up environments quickly. Vagrant supplies several “provisioners” that allow boxes to be configured via shell script or using various configuration management solutions like Puppet, Ansible and Salt.

In previous articles, I have demonstrated how to provision Vagrant boxes and configure them using shell scripting (Bash and PowerShell). This method is easy enough, but why not make use of solutions we already have in place like Puppet? This allows you to use your existing Puppet configuration code from your Puppet master and point Vagrant boxes to it for testing.

Prerequisites

Besides having Vagrant installed on your local computer, you will also need a Puppet master in this scenario configured to serve your Puppet node. I will be using a Vagrant box configured as a Puppet Master in this example, which will be on the same private network as my Puppet node VM. If you are already using Puppet, you will want to use the Puppet master that you use for your production and development machines, so that you get the most accurate testing.

Vagrant Code

There are not many options available for the Vagrant Puppet Provisioner, which is a good thing. This means less complexity! For documentation on this go here. Keep in mind by default, a Vagrant box will only run the Puppet Agent Provisioner on its first vagrant up. If you would like, you can also run vagrant up --provision parameter.

Here, I am just specifying in my Vagrant file to point my Vagrant VM to “Puppet-test”. If you would like, it can be as simple as that.

Vagrant.configure("2") do |config|

  config.vm.provision "puppet_server" do |puppettest|

    puppettest.puppet_server = "puppet-test

  end

end

We can also specify other options such as Puppet’s binary path, client certificate path, and the name of the node. In my Vagrant file, I will just specify the Puppet master server and name of the node: 

This is my Vagrant code for my node:

config.vm.define "puppetagent-1" do |puppetagent1|

    puppetagent1.vm.box = "bento/centos-7.2"

    puppetagent1.vbguest.auto_update = false

    puppetagent1.vm.network "private_network", ip: "192.168.10.22"

    puppetagent1.vm.hostname = "puppetagent-1"

    puppetagent1.vm.provision "shell", inline: <<-SHELL

       sudo echo "192.168.10.21 puppet-test" | sudo tee -a /etc/hosts

       sudo timedatectl set-timezone America/New_York

       sudo rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm

       sudo yum -y install puppet-agent

    SHELL

    puppetagent1.vm.provision "puppet_server" do |puppetagentnode|

      puppetagentnode.puppet_node = "puppetagent-1"

      puppetagentnode.puppet_server = "puppet-test"

      puppetagentnode.options = "--verbose --waitforcert 10"

      end

    end

As you can see my shell code, is just setting my time, adding the Puppet master hostname to my hosts file and installing the Puppet agent. After this block of code, I use the Puppet Agent Provisioner to specify my Puppet node name “puppetagent-1”, the Puppet master “puppet-test” and command line options that will run along with the puppet agent command, which are --verbose and --waitforcert.

Testing Puppet manifests in Vagrant

So on my Puppet master box, I have a very simple manifest in my site.pp that will simply install Apache on my node with default settings:

node 'puppetagent-1' {

  class { 'apache': }

}

Now, when I run vagrant up puppetagent-1, my box will first run my shell script to install the Puppet agent software, but then use the Puppet provisioner to install Apache while connecting to my Puppet master. Here is some of the output related to the Puppet agent provisioning process:

==> puppetagent-1: Running provisioner: puppet_server...

==> puppetagent-1: Running Puppet agent...

==> puppetagent-1: Info: Creating a new SSL key for puppetagent-1

==> puppetagent-1: Info: Caching certificate for ca

At the bottom of the output we see httpd is running and the manifest applied successfully:

==> puppetagent-1: Notice: /Stage[main]/Apache::Service/Service[httpd]/ensure: ensure changed 'stopped' to 'running'

==> puppetagent-1: Info: /Stage[main]/Apache::Service/Service[httpd]: Unscheduling refresh on Service[httpd]

==> puppetagent-1: Info: Creating state file /opt/puppetlabs/puppet/cache/state/state.yaml

==> puppetagent-1: Notice: Applied catalog in 8.22 seconds

Dan Franciscus

Dan Franciscus is a systems engineer and VMware Certified Professional (VCP) specializing in VMware, PowerShell, and other Microsoft-based technologies. You can reach Dan at his blog (http://www.winsysblog.com/) or Twitter at @dan_franciscus.

Read next Create Multiple Machine Environments With Vagrant