Skip to main content

Configure Code Manager with multiple control repos in Puppet Enterprise

Adam Bottchen
  • Updated

You can configure Code Manager to use more than one control repo in Hiera.

Version and installation information

PE version: All supported versions

Note: The latest version of our documentation is linked in this article, make sure that you use documentation that matches your version of Puppet Enterprise (PE).

Solution

Configure Code Manager to use more than one control repo by adding them to the Hiera git_settings hash.

Before you begin

  1. Ensure that you have an RBAC token with deploy permissions.

  2. Stop puppet service on the primary server to prevent runs from occurring during configuration, by running puppet resource service puppet ensure=stopped If you run Puppet from cron or a scheduled task, disable that task.

    Next, you must remove old r10k and Code Manager settings from the place where you originally set them, in either the console or in Hiera.

Remove old settings in the console

  1. Navigate to the PE Master node group. Click Classification. Click the + to the left of PE Infrastructure. Click the PE Master node group.

  2. Under the puppet_enterprise::profile::master class, remove the following settings:

    • r10k_private_key
    • r10k_remote
    • code_manager_auto_configure

    Changing the git_settings hash causes a conflict with the default Code Manager settings for r10k_remote and r10k_private_key. If you don’t remove these default settings, after you configure the new control repos, you’ll get an error when you run Puppet:

    Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Error while evaluating a Function Call, Both private_key and git_settings provided to puppet_enterprise::master::code-manager. at /opt/puppetlabs/puppet/modules/puppet_enterprise/manifests/master/code_manager.pp:291:7 on node puppetserver.puppet.com

  3. Commit changes.

  4. If you are using PE 2021.7.1 and earlier, check that the settings are removed due to an issue with the puppet recover configuration command. The issue was fixed in PE 2021.7.2. On the primary server, to ensure that r10k_private_key settings are removed from the cache, run grep -R r10k_private_key /etc/puppetlabs/enterprise/conf.d/*. Remove any entries that are output.

    When the old settings are removed, you can add new configuration info for your repos.

Remove old settings in Hiera

If you’re not using the default Hiera configuration, modify these instructions to match your configuration.

Changing the git_settings hash causes a conflict with the default Code Manager settings for r10k_remote and r10k_private_key. If you don’t remove these default settings, after you configure the new control repos, you’ll get an error when you run Puppet:

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Error while evaluating a Function Call, Both private_key and git_settings provided to puppet_enterprise::master::code-manager. at /opt/puppetlabs/puppet/modules/puppet_enterprise/manifests/master/code_manager.pp:291:7 on node puppetserver.puppet.com

  1. On the primary server search for the r10k_private_key setting:

    puppet lookup puppet_enterprise::profile::master::r10k_private_key --explain

    If present, the key and its location will appear in the output. Remove the setting from the Hiera data file on both your primary server and the same data file in your repo.

  2. On the primary server, search for the r10k_remote setting:

    puppet lookup puppet_enterprise::profile::master::r10k_remote --explain

    If present, the key and its location will appear in the output. Remove the setting from the Hiera data file on both your primary server and the same data file in your repo. To specify a map of your source repositories, read Configuring sources in our documentation.

  3. On the primary server, search for the code_manager_auto_configure setting:

    puppet lookup puppet_enterprise::profile::master::code_manager_auto_configure --explain

    If present, the key and its location will appear in the output. Remove the setting from the Hiera data file on both your primary server and the same data file in your repo.

  4. If you are using PE 2021.7.1 and earlier, check that the settings are removed due to an issue with the puppet recover configuration command. The issue was fixed in PE 2021.7.2. On the primary server, to ensure that r10k_private_key settings are removed from the cache, run grep -R r10k_private_key /etc/puppetlabs/enterprise/conf.d/*. Remove any entries that are output.

When the old settings are removed, you can add new configuration info for your repos.

Add new configuration information for your repos

  1. Add your control repo links and private key paths to your Hiera data. By default, the Hiera data file specific to your primary server is in the following location on the primary server: /etc/puppetlabs/code/environments/production/data/nodes/$(hostname -f).yaml

    For example, when each branch name is unique across all repositories:

    puppet_enterprise::profile::master::code_manager_auto_configure: true
puppet_enterprise::master::code_manager::git_settings:
  private-key: <DEFAULT KEY FOR ALL YOUR REPOS>
  repositories:
    - remote: "<CONTROL REPO LINK 1>"
      private-key: "<FULL PATH TO PRIVATE KEY FOR CONTROL REPO 1>"
    - remote: "<CONTROL REPO LINK 2>"
      private-key: "<FULL PATH TO PRIVATE KEY FOR CONTROL REPO 2>"
puppet_enterprise::master::code_manager::sources:
    repo1:
      remote: "<CONTROL REPO LINK 1>"
      prefix: false
    repo2:
      remote: "<CONTROL REPO LINK 2>"
      prefix: false

    • Set prefix to true in your Hiera data for each repository with a duplicate branch name, this will deploy your code to environment directories named <REPO>_<BRANCH NAME>.

    • Make sure that the repo with production has prefix set to false.

    • If you add a default key, it will be used any time you don’t include a key for an individual repo. If you’re using a different key than the default key, you must add it as part of the repository information.

  2. To prevent data from being overwritten during a code deployment, in your Git repo, add the Hiera data you configured in the previous step to the control repo production branch in the default location for Hiera data file specific to your primary server at: data/nodes/<PRIMARY SERVER CERTNAME>.yaml

  3. Update Code Manager configuration files. On the primary server, run: puppet agent -t.

  4. Deploy code. On the primary server, run: puppet code deploy --all --wait

  5. Start puppet service on the primary server by running puppet resource service puppet ensure=running. If Puppet is being run from cron or a scheduled task, enable the task.

Did this solve your problem?
9 out of 12 found this helpful

How can we improve this article?

0 comments

Please sign in to leave a comment.

Related articles