Configuring MCollective with Choria is generally very simple and involves just including 1 module and setting some Hiera data, it takes care of the entire process for you.

In MCollective terminology a client is one you manage your network from - where you run mco commands - and a server is a node being managed.

Every node

All nodes should have the choria-mcollective module on them, by default every node becomes an MCollective Server ready to be managed via MCollective:

The choria/mcollective_choria module has a number of dependencies, if you use R10k to manage environments please be sure to fetch all dependencies.

node "" {
  include mcollective

Client nodes

On machines where you wish to run mco commands like your Bastion nodes you have to configure them to be clients, you do this via Hiera:

mcollective::client: true

If you wish to have Client Only machines, you can disable the server on them:

mcollective::client: true
mcollective::server: false