Introducing our new CEO Don Johnson - Read More

voxpupuli/container-puppetdb

Sponsored OSS

By voxpupuli

Updated 9 days ago

Container image for PuppetDB

Image
Databases & Storage
Integration & Delivery
Monitoring & Observability
0

5.6K

Voxpupuli PuppetDB container

⚠️ Deprecated ⚠️

This repository is deprecated and will be archived soon. Please use the OpenVox DB container instead.

CILicenseDonated by PuppetSponsored by betadots GmbH



⚠️ Attention ⚠️: the container name voxpupuli/container-puppetdb will be deprecated in 2025-02 and might be removed in the future. Please use voxpupuli/puppetdb instead.


This project hosts the Dockerfile and the required scripts to build a PuppetDB container image.

For compose file see: CRAFTY

The PuppetDB container requires a working postgres container or other suitably configured PostgreSQL database. For a Compose example see the CRAFTY OSS Demo compose.yaml

You can change configuration settings by mounting volumes containing configuration files or by using this image as a base image. For the defaults, see the Dockerfile and supporting folders.

For more details about PuppetDB, see the official documentation.

New version schema

The new version schema has the following layout:

<puppet.major>.<puppet.minor>.<puppet.patch>-v<container.major>.<container.minor>.<container.patch>

Example usage:

docker pull ghcr.io/voxpupuli/puppetdb:7.13.0-v1.2.1
NameDescription
puppet.majorDescribes the contained major Puppet version (7 or 8)
puppet.minorDescribes the contained minor Puppet version
puppet.patchDescribes the contained patchlevel Puppet version
container.majorDescribes the major version of the base container (Ubunutu 22.04) or incompatible changes
container.minorDescribes new features or refactoring with backward compatibility
container.patchDescribes if minor changes or bugfixes have been implemented

Configuration

NameUsage / Default
CERTNAMEThe DNS name used on this services SSL certificate

puppetdb
DNS_ALT_NAMESAdditional DNS names to add to the services SSL certificate

Unset
WAITFORCERTNumber of seconds to wait for certificate to be signed

120
USE_PUPPETSERVERSet to false to skip acquiring SSL certificates from a Puppet Server.

true
PUPPETSERVER_HOSTNAMEThe DNS hostname of the puppet server

puppet
PUPPETSERVER_PORTThe port of the puppet server

8140
PUPPETDB_POSTGRES_HOSTNAMEThe DNS hostname of the postgres service

postgres
PUPPETDB_POSTGRES_PORTThe port for postgres

5432
PUPPETDB_POSTGRES_DATABASEThe name of the puppetdb database in postgres

puppetdb
PUPPETDB_USERThe puppetdb database user

puppetdb
PUPPETDB_PASSWORDThe puppetdb database password

puppetdb
PUPPETDB_NODE_TTLMark as ‘expired’ nodes that haven’t seen any activity (no new catalogs, facts, or reports) in the specified amount of time

7d
PUPPETDB_NODE_PURGE_TTLAutomatically delete nodes that have been deactivated or expired for the specified amount of time

14d
PUPPETDB_REPORT_TTLAutomatically delete reports that are older than the specified amount of time

14d
PUPPETDB_JAVA_ARGSArguments passed directly to the JVM when starting the service

-Djava.net.preferIPv4Stack=true -Xms256m -Xmx256m -XX:+UseParallelGC -Xlog:gc*:file=$LOGDIR/puppetdb_gc.log -Djdk.tls.ephemeralDHKeySize=2048
PUPPETDB_CERTIFICATE_ALLOWLISTComma separated list of certnames. No whitespaces!

example: certname1,certname2,certname3, default: empty string
LOGDIRPath of the log directory

/opt/puppetlabs/server/data/puppetdb/logs
SSLDIRPath of the SSL directory

/opt/puppetlabs/server/data/puppetdb/certs
Cert File Locations

The directory structure follows the following conventions. The full path is always available inside the container as the environment variable $SSLDIR

  • 'ssl-ca-cert' /opt/puppetlabs/server/data/puppetdb/certs/certs/ca.pem

  • 'ssl-cert' /opt/puppetlabs/server/data/puppetdb/certs/certs/<certname>.pem

  • 'ssl-key' /opt/puppetlabs/server/data/puppetdb/certs/private_keys/<certname>.pem

Initialization Scripts

If you would like to do additional initialization, add a directory called /docker-custom-entrypoint.d/ and fill it with .sh scripts. These scripts will be executed at the end of the entrypoint script, before the service is ran.

How to Release the container

see here

How to contribute

see here

Transfer Notice

This project was originally authored by Puppet. The maintainer preferred that Vox Pupuli take ownership of the project for future improvement and maintenance. Existing pull requests and issues were transferred over, please fork and continue to contribute here.

Docker Pull Command

docker pull voxpupuli/container-puppetdb