Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Puppet Server and the various 'puppet cert' tools (like 'puppet cert generate') from the command line create the inventory.txt file.

The only time Puppet Server interacts with the inventory.txt file is just after its Certificate Authority service has generated a new certificate. Puppet Server just writes a new entry onto the end of the file for that certificate - with the serial number, validity dates, and Common Name in the certificate subject.

If you remove the inventory.txt file, Puppet Server does not rebuild the inventory.txt file from the content of any certificates which still remain on disk. Puppet Server will just recreate the file and write a new entry into it for a new certificate that it would generate.

'puppet cert reinventory' might be useful for you in that it will rebuild the contents of the inventory.txt file from the certificates that are currently on disk. If you don't need to preserve the full audit trail for certificates that have been previously cleaned out from the CA, this would help reduce the size of the file.

Keep in mind that you might run into race conditions which corrupt the file if you try to remove or alter the contents of the inventory.txt file at the same time that Puppet Server might be trying to create or append a new entry to the inventory.txt file.