DEV Community

Martez Reed for puppet

Posted on • Originally published at Medium on

Puppet Bolt Dynamic Inventory for Azure

Microsoft Azure Logo

Public cloud workloads are often very dynamic in nature and sometimes there isn’t a master list of all the instances that have been provisioned. There are times that you need to run a command against all the workloads or a subset of workloads based upon some node metadata such as an instance or virtual machine tag. In this blog post we’ll take a look at how Puppet Bolt integrates with Microsoft Azure.

Puppet Bolt includes an Azure inventory plugin that enables the dynamic discovery of workloads in an Azure environment. The following virtual machine attributes can be used for targeting or classifying virtual machines.

  • resource group
  • scale set
  • location
  • tags

Bolt will only target virtual machines and virtual machine scale sets that have a public IP address. The uri of the target will be set to the public IP address and the name will be set to either the fully qualified domain name if one exists or the instance name otherwise.

Generate Azure Credentials

The first thing we need to do is to generate Azure credentials for Puppet Bolt to use when searching for virtual machines. The following command generates the necessary credentials assuming you are logged into Azure.

az ad sp create-for-rbac --query "{ client_id: appId, client_secret: password, tenant_id: tenant }"
Enter fullscreen mode Exit fullscreen mode

The Azure credentials should be displayed on the screen similar to those displayed below.

Safe guard the generated credentials, they should not be shared.

{
  "client_id": "b27e2468-e9ad-5ea8-c043-196fc8d2q1mw",
  "client_secret": "91f28cwg-49e3-1qr2-825a-42fne279fd01",
  "tenant_id": "tg4b7md3-630k-8664-2t45-d1w923dww21w"
}
Enter fullscreen mode Exit fullscreen mode

Inventory File

Now that we’ve got our Azure credentials we’re ready to create our Bolt inventory file. In this example we’re specifying the Azure location and the Azure resource group for our azure-vms Bolt inventory group.

# inventory.yaml
version: 2
groups:
  - name: azure-vms
    targets:
      - _plugin: azure_inventory
        tenant_id: tg4b7md3-630k-8664-2t45-d1w923dww21w
        client_id: b27e2468-e9ad-5ea8-c043-196fc8d2q1mw
        client_secret: 91f28cwg-49e3-1qr2-825a-42fne279fd01
        subscription_id: 9a656783-3215-4627-b1e2-c8973fh5r21w
        location: eastus
        resource_group: bolt
Enter fullscreen mode Exit fullscreen mode

Now that we’ve defined the criteria for our Bolt inventory group we can run the bolt inventory show command to list the virtual machines that Bolt found for the group or groups specified. In the example we are listing all the virtual machines from all groups.

bolt inventory show --targets all -i inventory.yaml
Enter fullscreen mode Exit fullscreen mode

The command should return the names of the Azure virtual machines that were found based upon the attributes provided.

nixagent
1 target
Enter fullscreen mode Exit fullscreen mode

This unlocks the ability to quickly run commands or scripts against a dynamic group of virtual machines in an Azure environment.

Top comments (0)