This module configures the Puppet Data Service (PDS).
This module is not supported by Puppet and does not qualify for Puppet Support plans. It's provided without guarantee or warranty and is intended for use when deployed by Puppet's Solutions Architects team.
[tier:experimental]
This module contains classes to configure the PDS on Puppet servers, or to configure the PostgreSQL database backend on PE PostgreSQL servers.
See also: Puppet Data Service
- Add the
puppet_data_servicemodule to the Puppetfile in your control-repo
mod 'puppet_data_service',
git: 'https://github.com/puppetlabs/puppetlabs-puppet_data_service',
branch: 'main'- Include the PDS Hiera level in your control-repo's
hiera.yamlfile
For the database server:
include puppet_data_service::databaseFor every puppetserver which will be hosting the PDS service:
class { 'puppet_data_service::server':
database_host => 'database.example.com',
pds_token => Sensitive('a-secure-admin-token'),
}NOTE It is imperative that you classify every single puppetserver in your infrastructure with this class. So this means:
- the Primary server
- the Replica, if it exists
- all the compilers, if they exist.
Failing to classify all the puppetservers with PDS will lead to a situation where some puppetservers will compile a different catalog than others which will lead to unpredictable behaviour.
This will automatically load configuration from the default file, /etc/puppetlabs/pds/pds-client.yaml.
- name: "Puppet Data Service"
data_hash: puppet_data_service::data_hash
uris:
- "nodes/%{trusted.certname}"
- "os/%{operatingsystem}"
- "common"
options:
# By default, the backend loads its configuration from
# /etc/puppetlabs/pds-server/pds-cli.yaml. If the file does not exist,
# or if the file does not contain the required values, the backend will
# raise an exception and halt. Setting `on_config_absent` to "continue"
# will cause the backend to instead return `not_found` and continue.
on_config_absent: "continue"This includes the required options directly. The configuration file does not need to exist or contain options.
Servers may optionally include the scheme http:// or https:// (default is https://). The port is not configurable at this time, and is expected to be 8160.
- name: "Puppet Data Service"
data_hash: puppet_data_service::data_hash
uris:
- "nodes/%{trusted.certname}"
- "os/%{operatingsystem}"
- "common"
options:
token: admintoken
servers:
- pe-server-c37144-0.us-west1-a.c.puppet-solutions-architects.internal
- pe-server-c37144-1.us-west1-b.c.puppet-solutions-architects.internal