Public cloud workloads are often very dynamic in nature and sometimes there isn’t a master list of all the instances that have been provisioned. There are times that you need to run a command against all the workloads or a subset of workloads based upon some node metadata such as an instance or virtual machine tag. In this blog post we’ll take a look at how Puppet Bolt integrates with Microsoft Azure.
Puppet Bolt includes an Azure inventory plugin that enables the dynamic discovery of workloads in an Azure environment. The following virtual machine attributes can be used for targeting or classifying virtual machines.
- resource group
- scale set
- location
- tags
Bolt will only target virtual machines and virtual machine scale sets that have a public IP address. The uri of the target will be set to the public IP address and the name will be set to either the fully qualified domain name if one exists or the instance name otherwise.
Generate Azure Credentials
The first thing we need to do is to generate Azure credentials for Puppet Bolt to use when searching for virtual machines. The following command generates the necessary credentials assuming you are logged into Azure.
az ad sp create-for-rbac --query "{ client_id: appId, client_secret: password, tenant_id: tenant }"
The Azure credentials should be displayed on the screen similar to those displayed below.
Safe guard the generated credentials, they should not be shared.
{
"client_id": "b27e2468-e9ad-5ea8-c043-196fc8d2q1mw",
"client_secret": "91f28cwg-49e3-1qr2-825a-42fne279fd01",
"tenant_id": "tg4b7md3-630k-8664-2t45-d1w923dww21w"
}
Inventory File
Now that we’ve got our Azure credentials we’re ready to create our Bolt inventory file. In this example we’re specifying the Azure location and the Azure resource group for our azure-vms Bolt inventory group.
# inventory.yaml
version: 2
groups:
- name: azure-vms
targets:
- _plugin: azure_inventory
tenant_id: tg4b7md3-630k-8664-2t45-d1w923dww21w
client_id: b27e2468-e9ad-5ea8-c043-196fc8d2q1mw
client_secret: 91f28cwg-49e3-1qr2-825a-42fne279fd01
subscription_id: 9a656783-3215-4627-b1e2-c8973fh5r21w
location: eastus
resource_group: bolt
Now that we’ve defined the criteria for our Bolt inventory group we can run the bolt inventory show command to list the virtual machines that Bolt found for the group or groups specified. In the example we are listing all the virtual machines from all groups.
bolt inventory show --targets all -i inventory.yaml
The command should return the names of the Azure virtual machines that were found based upon the attributes provided.
nixagent
1 target
This unlocks the ability to quickly run commands or scripts against a dynamic group of virtual machines in an Azure environment.
Top comments (0)