Menu
AWS OpsWorks
User Guide (API Version 2013-02-18)

Add Nodes for the Puppet Master to Manage

The recommended way to add nodes is by using the AWS OpsWorks associateNode() API. The Puppet Enterprise master server hosts a repository that you use to install the Puppet agent software on nodes that you want to manage, whether nodes are on-premises physical computers or virtual machines. Puppet agent software for some operating systems is installed on the AWS OpsWorks for Puppet Enterprise server as part of the launch process. The following table shows the operating system agents that are available on your AWS OpsWorks for Puppet Enterprise server at launch.

Preinstalled operating system agents

Supported operating system Versions
Ubuntu 14.04, 16.04
Red Hat Enterprise Linux (RHEL) 6
Windows 64-bit editions of all Puppet-supported Windows releases

You can add puppet-agent to your server for other operating systems. Be aware that system maintenance will delete agents that you have added to your server after launch. Although most existing attached nodes that are already running the deleted agent continue to check in, nodes running Debian operating systems can stop reporting. We recommend that you manually install puppet-agent on nodes that are running operating systems for which the agent software is not preinstalled on your AWS OpsWorks for Puppet Enterprise server. For detailed information about how to make puppet-agent available on your server for nodes with other operating systems, see Installing agents in the Puppet Enterprise documentation.

For information about how to associate nodes with your Puppet master automatically by populating EC2 instance user data, see Adding Nodes Automatically in AWS OpsWorks for Puppet Enterprise.

Supported Operating Systems

For the current list of supported operating systems for nodes, see the Puppet agent platforms in the Puppet Enterprise documentation.

Run associateNode() API calls

After you add nodes by installing puppet-agent, nodes send certificate signing requests (CSRs) to the AWS OpsWorks for Puppet Enterprise server. You can view the CSRs in the Puppet console; for more information about node CSRs, see Managing certificate signing requests in the Puppet Enterprise documentation. Running the AWS OpsWorks for Puppet Enterprise associateNode() API call processes node CSRs, and associates the node with your server. The following is an example of how to use this API call in the AWS CLI to associate a single node. You will need the PEM-formatted CSR that the node sends; you can get this from the Puppet console.

aws opsworks-cm associate-node --server-name "test-puppet-server" --node-name "node or instance ID" --engine-attributes "Name=PUPPET_NODE_CSR,Value='PEM_formatted_CSR_from_the_node'

For more information about how to add nodes automatically by using associateNode(), see Adding Nodes Automatically in AWS OpsWorks for Puppet Enterprise.

Considerations for Adding On-premises Nodes

After you have installed puppet-agent on your on-premises computers or virtual machines, you can use either of two ways to associate on-premises nodes with your AWS OpsWorks for Puppet Enterprise master.

  • If a node supports installation of the AWS SDK, AWS CLI, or AWS Tools for PowerShell, you can use the recommended method for associating a node, which is to run an associateNode() API call. The starter kit that you download when you first create an AWS OpsWorks for Puppet Enterprise master shows how to assign roles to nodes by using tags. You can apply tags at the same time that you are associating nodes with the Puppet master by specifying trusted facts in the CSR. For example, the demo control repository that is included with the starter kit is configured to use the tag pp_role to assign roles to Amazon EC2 instances. For more information about how to add tags to a CSR as trusted facts, see Extension requests (permanent certificate data) in the Puppet platform documentation.

  • If the node cannot run AWS management or development tools, you can still register it with your AWS OpsWorks for Puppet Enterprise master the same way you would register it with any unmanaged Puppet Enterprise master. As mentioned in this topic, installing puppet-agent sends a CSR to the AWS OpsWorks for Puppet Enterprise master. An authorized Puppet user can sign the CSR manually, or configure automatic signing of CSRs by editing the autosign.conf file that is stored on the Puppet master. For more information about configuring autosigning and editing autosign.conf, see SSL configuration: autosigning certificate requests in the Puppet platform documentation.

More Information

Visit the Learn Puppet tutorial site to learn more about using AWS OpsWorks for Puppet Enterprise servers and Puppet Enterprise console features.