Create and manage PE node groups as resources.
- *nix operating system
- Puppet >= 3.7.1
- New
https
provider which doesn't needpuppetclassify
gem
Using the types and functions on the PE Console server will read the configuration at
/etc/puppetlabs/puppet/classifier.yaml
which contains the default server information
and SSL certificate paths. No extra configuration is necessary.
In order to manage node groups from a remote client, you'll need to whitelist a certificate
or generate a token with permissions to edit node groups.
Create a file at /etc/puppetlabs/puppet/node_manager.yaml
in the following format:
server: master.puppetlabs.vm # Defaults to $settings::server
port: 4433 # Defaults to 4433
# Supply certs
hostcert: /root/certs/client.pem
hostprivkey: /root/certs/client_key.pem
localcacert: /root/certs/ca.pem
# Or token
token: AJLqDQxalbVSMWrZcX03aGtixvk_S2xGZfQizY9YvzVk
NOTE: The token will be favored if both SSL and a token is provided.
Node_groups will autorequire parent node_groups.
Enumerate all node groups:
puppet resource node_group
Example output for puppet resource node_group 'PE MCollective'
node_group { 'PE MCollective':
ensure => 'present',
classes => {'puppet_enterprise::profile::mcollective::agent' => {}},
environment => 'production',
id => '4cdec347-20c6-46d7-9658-7189c1537ae9',
override_environment => 'false',
parent => 'PE Infrastructure',
rule => ['and', ['~', ['fact', 'pe_version'], '.+']],
}
-
description
Description of the node_group.
-
classes
Classes that are assigned to the node in hash format. Elements of the hash are class parameters.
Default (empty hash):
{}
-
environment
Environment selected for this node group.
Default:
production
-
name
(namevar) Node group's name.
-
id
Universal ID for the group. This attribute is read-only.
-
override_environment
Whether or not this group's environment ment setting overrides all other other environments.
Default:
false
-
parent
The UID for the data group. Can be specified by group name or UID.
Default:
All Nodes
-
rules
An array of classification rules. To submit an empty ruleset, use
''
as your value.Default (empty array):
[]
-
variables
Global variables for the node group expressed in a hash as
{ 'var' => 'value' }
.Default (empty hash):
{}
-
data
Configuration data supplied for automatic parameter lookup for the group. Data for the node group expressed in a hash as
{ 'class' => { 'param' => 'value' }}
. This parameter is supported for PE >=2017.3.x.Default (empty hash):
{}
-
purge_behavior
Defines how purging of classification or data will be handled. By default, or when set to
all
, the node_group resource will ensure classes and data are matched exactly, and remove any values not described by the resource. When set tonone
, the node_group resource will ensure data and classes described are present with the prescribed values, but will not remove other classification, or other data, present in the node group. Thedata
setting purges only data values, and theclasses
setting purges only classes values.Default:
all
Values:
all
,data
,classes
,none
Trigger update-classes job
puppet task run node_manager::update_classes --nodes 'pe-master' environment=production
NOTE: Default environment value is production
.
Retrieve all or one node_group and its data.
node_groups()
will return:
{
"All Nodes"=>{
"environment_trumps"=>false,
"parent"=>"00000000-0000-4000-8000-000000000000",
"name"=>"All Nodes",
"rule"=>["and", ["~", "name", ".*"]],
"variables"=>{}, "id"=>"00000000-0000-4000-8000-000000000000",
"environment"=>"production",
"classes"=>{},
"config_data"=>{}
},
"Production environment"=>{
"environment_trumps"=>false,
"parent"=>"00000000-0000-4000-8000-000000000000",
"name"=>"Production environment",
"rule"=>["and", ["~", "name", ".*"]],
"variables"=>{},
"id"=>"7233f964-951e-4a7f-88ea-72676ed3104d",
"environment"=>"production",
"classes"=>{},
"config_data"=>{}
},
...
}
node_groups('All Nodes')
will return:
{
"All Nodes"=>{
"environment_trumps"=>false,
"parent"=>"00000000-0000-4000-8000-000000000000",
"name"=>"All Nodes",
"rule"=>["and", ["~", "name", ".*"]],
"variables"=>{}, "id"=>"00000000-0000-4000-8000-000000000000",
"environment"=>"production",
"classes"=>{},
"config_data"=>{}
}
}
Type: rvalue
Retrieve historical info about a node's check-ins and classification, if check-in storage is enabled.
get_nodes(nodename)
will return:
{
"name": "Deep Space 9",
"check_ins": [
{
"time": "2369-01-04T03:00:00Z",
"explanation": {
"53029cf7-2070-4539-87f5-9fc754a0f041": {
"value": true,
"form": [
"and",
{
"value": true,
"form": [">=", {"path": ["fact", "pressure hulls"], "value": "3"}, "1"]
},
{
"value": true,
"form": ["=", {"path": ["fact", "warp cores"], "value": "0"}, "0"]
},
{
"value": true,
"form": [">" {"path": ["fact", "docking ports"], "value": "18"}, "9"]
}
]
}
}
}
],
"transaction_uuid": "d3653a4a-4ebe-426e-a04d-dbebec00e97f"
}
get_nodes()
(without the nodename argument) is deprecated, but is included for coverage of the API. It
will return the same structure, but for all nodes with their historical check-in information.
Type: rvalue
The node_manager
face allows you to interact with endpoints other than
the groups endpoint using the type or function. Use the --help
flag
to explore functionaliy of each action.
# puppet node_manager --help
USAGE: puppet node_manager <action>
Interact with node classifier API
OPTIONS:
--render-as FORMAT - The rendering format to use.
--verbose - Whether to log verbosely.
--debug - Whether to log debug information.
ACTIONS:
classes List class information
classified List classification information
environments Query environment sync status
groups List group information
pin Pin a node to a group
unpin Unpin a node from groups
See 'puppet man node_manager' or 'man puppet-node_manager' for full help.
- Nothing at the moment
New puppet-less provider with bash here
This repositority is largely the work of some Puppet community members. It is not officially maintained by Puppet, or any individual in particular. Issues should be opened in Github. Questions should be directed at the individuals responsible for committing that particular code.