[Update] Vagrant, Puppet, OpenStack

Recently, Puppet Labs released an “Grizzly” module, based on their work with the Puppet Labs OpenStack module, that takes a more role based approach. That is, it breaks out things like controller, compute, and storage. It also combines them with Hiera in a much more elegant way than before. I covered using Puppet and Hiera to deploy OpenStack before, here. What follows, is an update to that, using CentOS, and the new Puppet Labs – Grizzly module.

tl;dr – I’ve updated my Vagrant / Puppet / OpenStack test environment to use the new Puppet module. It’s pretty great (the module that is). To use: git clone https://github.com/bunchc/Vagrant_OpenStack_Puppet.git -b “puppetlabs-grizzly”

Getting Started

This time around, we’ve added some things to the configuration. Specifically, we’ve broken out storage. There will be more to come later. You will need at least 4 CentOS VMs, these will serve the following roles:

  • Puppet Server
  • OpenStack Controller
  • OpenStack Block Storage (Cinder)
  • OpenStack Compute (Nova)

Additionally, each node will need 4 networks for:

  • API
  • External
  • Management
  • Storage

Installing the Puppet Server

This part isn’t too dissimilar to how it’s done on Ubuntu. Log in to your Puppet server VM, and run the following commands:

sudo rpm -ivh http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm
sudo yum update -y
sudo yum -y install puppet-server
sudo puppet resource service puppetmaster ensure=running enable=true

In our config, we also set auto signing and disable iptables (it’s a VM on my laptop, you’d likely not want to do that in prod):

sudo cat > /etc/puppet/autosign.conf <<EOF
sudo service iptables stop
chkconfig –level 2345 iptables off

Install and Configure the PuppetLabs-Grizzly Module

Still on the Puppet server, we need to install and configure the PuppetLabs-Grizzly module. To do that, run the following commands:

sudo puppet module install puppetlabs/grizzly –version 1.0.0-rc2
sudo cp /etc/puppet/modules/grizzly/examples/common.yaml /var/lib/hiera/
sudo cat > /etc/puppet/manifests/site.pp <<EOF
node /puppet-controller-[0-9][0-9]/ {
  include ::grizzly::role::controller
node /puppet-storage/ {
  include ::grizzly::role::storage
node /puppet-compute-[0-9][0-9]/ {
  include ::grizzly::role::compute

What the above commands did was install the module, copy the example Hiera configuration file into a location where the Puppet Server can make use of it, and then configure a site.pp for each of our remaining roles.

Editing the common.yaml file

The common.yaml file that ships with the Grizzly module has three areas that you will want to edit to suit your environment. Specifically, they surround networking. I’ve included them here:

######## Network
grizzly::network::api: ‘’
grizzly::network::api::device: ‘eth1’

grizzly::network::external: ‘’
grizzly::network::external::device: ‘eth2’

grizzly::network::management: ‘’
grizzly::network::management::device: ‘eth3’

grizzly::network::data: ‘’
grizzly::network::data::device: ‘eth4’

######## Fixed IPs (controller)

grizzly::controller::address::api: ‘’
grizzly::controller::address::management: ‘’
grizzly::storage::address::api: ‘’
grizzly::storage::address::management: ‘’

######## Database

grizzly::mysql::root_password: ‘spam-gak’
grizzly::mysql::allowed_hosts: [‘localhost’, ‘’, ‘172.16.33.%’]

Installing the OpenStack Nodes

Assuming your nodes can ping your puppet server by name, you should be able to ssh to each of them in order (controller, storage, compute) and run the following:

sudo rpm -ivh http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm
sudo yum install -y puppet
sudo service puppet stop
sudo puppet agent -td
sudo service puppet restart

sudo puppet resource service puppet ensure=running enable=true


The new PuppetLabs Grizzly module for OpenStack makes deployment much much easier than it was last time around. The new module also provides a simplified way to define or change out sections of an environment.

2 thoughts on “[Update] Vagrant, Puppet, OpenStack

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.