Ask Your Question
0

Need help understand PE 3.7 REST API

asked 2014-12-16 17:06:07 -0500

Red Cricket gravatar image

updated 2014-12-17 14:09:56 -0500

Hi,

I want to convert my Console RAKE Scripts to the new REST API that comes with PE 3.7, since the RAKE API is going to be depreciated when PE 4.0 comes out. I had found this documentation here ...

https://docs.puppetlabs.com/pe/latest/nc_mapping.html

... but either the documentation is wrong or I just don't understand it.

For example I use to add groups with this RAKE command:

# sudo -u puppet-dashboard /opt/puppet/bin/rake -f /opt/puppet/share/puppet-dashboard/Rakefile nodegroup:add[Compute]

The documentation I sited above says ...

POST /v1/groups/<id>    Creates a new node group and adds the specified classes.

... which I assumes means that I would execute a curl command like so ...

# export PUP='/usr/local/bin/puppet'
# export CACERT=`$PUP config print localcacert`
# CERT=`$PUP config print hostcert`
# KEY=`$PUP config print hostprivkey`
# /usr/bin/curl -v -X POST --cacert $CACERT --cert $CERT --key $KEY --insecure https://mypuppetmaster:4433/v1/groups/Compute

... but the response I get is this ...

* About to connect() to mypuppetmaster port 4433 (#0)
*   Trying 10.29.120.143... connected
* Connected to mypuppetmaster (10.29.120.143) port 4433 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* NSS: client certificate from file
*   subject: CN=mypuppetmaster
*   start date: Dec 14 20:36:42 2014 GMT
*   expire date: Dec 14 20:36:42 2019 GMT
*   common name: mypuppetmaster
*   issuer: CN=Puppet CA generated on mypuppetmaster at 2014-12-15 12:...
* SSL connection using TLS_RSA_WITH_AES_256_CBC_SHA
* Server certificate:
*   subject: CN=mypuppetmaster
*   start date: Dec 14 20:36:42 2014 GMT
*   expire date: Dec 14 20:36:42 2019 GMT
*   common name: mypuppetmaster
*   issuer: CN=Puppet CA generated on mypuppetmaster at 2014-12-15 12:...
> POST /v1/groups/Compute HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: mypuppetmaster:4433
> Accept: */*
> 
< HTTP/1.1 404 Not Found
< Date: Tue, 16 Dec 2014 23:02:13 GMT
< Cache-Control: must-revalidate,no-cache,no-store
< Content-Type: text/html; charset=ISO-8859-1
< Content-Length: 295
< Server: Jetty(9.1.z-SNAPSHOT)
< 
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
<title>Error 404 </title>
</head>
<body>
<h2>HTTP ERROR: 404</h2>
<p>Problem accessing /v1/groups/Compute. Reason:
<pre>    Not Found</pre></p>
<hr /><i><small>Powered by Jetty://</small></i>
</body>
</html>
* Connection #0 to host mypuppetmaster left intact
* Closing connection #0

... and no group gets created.

UPDATE: Thanks rlinehan and all here is what I got now:

    # /usr/bin/curl -v -X POST \
    > -H 'Content-Type: application/json' \
    > -d '{ "name": "Compute", "parent": "00000000-0000-4000-8000-000000000000", "classes": {} }' \
    > --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem \
    > --cert /etc/puppetlabs/puppet/ssl/certs/mypuppetmaster.pem \
    > --key /etc/puppetlabs/puppet/ssl/private_keys/mypuppetmaster.pem \
    > --insecure 'https://mypuppetmaster/classifier-api/v1/groups'

... and this is the output I am getting now:

    * About to connect() to mypuppetmaster port 4433 (#0)
    *   Trying 10.29.120.143... connected
    * Connected to ...
(more)
edit retag flag offensive close merge delete

Comments

1

The Location header shows the "See Other" location (the newly created group: /classifier-api/v1/groups/6c335282-639d-46ef-a354-59e3dbc24238).

steveax gravatar imagesteveax ( 2014-12-17 17:02:02 -0500 )edit

3 answers

Sort by ยป oldest newest most voted
2

answered 2014-12-17 08:47:48 -0500

rlinehan gravatar image

Unfortunately, what seems to be missing from both the NC Mapping page you've listed and the NC groups page Greg has linked to, is that there's a prefix in front of /v1/groups, so it is really /classifier-api/v1/groups.

I believe your requests should be made to https://puppetmaster:4433/classifier-... .

edit flag offensive delete link more
1

answered 2014-12-17 08:59:26 -0500

To add to Greg's response here, I also noticed you were using the human-readable name for the group where "group-id" goes.

You don't need that in the case of creating the group, but for future reference, you can obtain that just by doing a "GET" on "/v1/groups".

edit flag offensive delete link more

Comments

Thanks for the response joshbeard. What can I obtain from "GET" on "/v1/groups"? The group-id or the human-readable name?

Red Cricket gravatar imageRed Cricket ( 2014-12-17 11:40:52 -0500 )edit

You will get both, according to this: https://docs.puppetlabs.com/pe/latest/nc_groups.html#get-v1groups You'll have to pull out the values you want from the JSON response object, but everything you need should be in there.

GregLarkin gravatar imageGregLarkin ( 2014-12-17 20:56:47 -0500 )edit
1

answered 2014-12-16 21:00:05 -0500

GregLarkin gravatar image

To create a new nodegroup, you should use the "POST /v1/groups" endpoint shown here: https://docs.puppetlabs.com/pe/latest... . Also make sure that you are POSTing all of the required data described in the "Request Format" section.

You can also update the nodegroup definition using the "POST /v1/groups/ " endpoint described here: https://docs.puppetlabs.com/pe/latest...

edit flag offensive delete link more

Comments

Thanks for the response Greg. I wonder why the doc leaves out `classifier-api` which rlinehan mentions.

Red Cricket gravatar imageRed Cricket ( 2014-12-17 11:42:17 -0500 )edit

That looks like a bug for sure, and I'll check if an issue has been opened for it yet.

GregLarkin gravatar imageGregLarkin ( 2014-12-17 20:55:38 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2014-12-16 17:06:07 -0500

Seen: 495 times

Last updated: Dec 17 '14