The Puppet Labs Issue Tracker has Moved:

Feature #13416

Add support for Amazon VPC to Cloud Provisioner

Added by James Turnbull over 2 years ago. Updated about 1 year ago.

Status:Needs DecisionStart date:03/26/2012
Priority:NormalDue date:
Assignee:-% Done:


Category:cloud provisioner
Target version:-
Keywords: customer cloud_provisioner Affected URL:
Branch: Affected PE version:

We've Moved!

Ticket tracking is now hosted in JIRA:

This ticket may be automatically exported to the ENTERPRISE project on JIRA using the button below:


CLoud Provisioner doesn’t currently support creating and bootstrapping Amazon VPC instances.


#1 Updated by James Turnbull over 2 years ago

  • Status changed from Unreviewed to Needs Decision
  • Assignee set to Nigel Kersten

#2 Updated by James Turnbull over 2 years ago

It looks like the subnet ID needed for VPC was added in but it looks like group ID is not being properly set:

VPC subnet is now working, but the security group is not. Using the group ID produces an error:

# puppet node_aws create --image=ami \ 
> --group=group-id \ 
> --keyname=mykey \ 
> --subnet=subnet-id \ 
> --type=m1.small 
err: Unrecognized security groups: group-id
err: Try 'puppet help node_aws create' for usage
Using the group name results in setting the default group and not the one specified: 
# puppet node_aws create --image=ami \ 
> --group=mygroup \ 
> --keyname=mykey \ 
> --subnet=subnet-id \ 
> --type=m1.small \ 
notice: Creating new instance ... 
notice: Server instance-id public dns name:

#3 Updated by Jeff McCune over 2 years ago


What’s the decision that needs to be made? Does Nigel still need to make it?


#4 Updated by James Turnbull over 2 years ago

The decision was “will we devote some time to fixing this bug”. It’s probably more a Josh question than a Nigel one now.

#5 Updated by Michael Arnold over 2 years ago

I understand that this is fixed in newer versions of Fog.

#6 Updated by Thomas Linkin over 2 years ago

FWIW – I just tested this with fog v1.4.0 and I am getting the same behaviour as James.

#7 Updated by Michael Arnold about 2 years ago

I just tested with PE 2.6.1 (fog 1.5.0) and I still see this problem.

#8 Updated by Charlie Sharpsteen over 1 year ago

  • Keywords set to customer

#11 Updated by Nigel Kersten over 1 year ago

  • Assignee changed from Nigel Kersten to Anonymous

Ugh. Apologies, I haven’t been watching Redmine for a while.

Assigning to Randall as PE product owner and following up in email.

#12 Updated by Zachary Stern over 1 year ago

It also looks like we have some basic support here….

puppet help node_aws create


--group= | -g= | --security-g - The instance's security group(s).
--region= - The geographic region of the instance. Defaults to us-east-1.
--subnet= | -s= - The subnet in which to deploy the VM (VPC only)

But it doesn’t work amazingly. E.g. there’s no way to get the private address/dns of a node in a VPC.

#13 Updated by Kenn Hussey about 1 year ago

  • Support Urls deleted (

This is fixed in PE 3.1.0, which is now available.

#14 Updated by Josh Gagnon about 1 year ago

  • Support Urls deleted (

The security group and subnet aspects work now, but bootstrapping still fails when attempting to SSH to the newly created machine. The ruby code makes an assumption that the new machine will have a public dns name – often untrue in a VPC – and attempts to contact a server with a nil hostname until you give up and kill it.

I have a basic fix that may work for everyone. As soon as I figure out how to I will submit a pull request. (New to git…)


#15 Updated by Charlie Sharpsteen about 1 year ago

  • Project changed from Cloud-Provisioner to Puppet Enterprise (Public)
  • Category deleted (aws)

#16 Updated by Kenn Hussey about 1 year ago

  • Category set to cloud provisioner

Also available in: Atom PDF