Ask Your Question
0

How can I check to see if any of my Puppet nodes have not checked in for a while?

asked 2017-10-10 11:54:37 -0500

Zamiel gravatar image

By doing the puppet cert list --all command, I can see a list of all of the nodes that my Puppet server manages. However, some of these nodes might be decomissioned, not having "checked in" with the Puppet server for a long time. Is there some command I can type to find that out? I want to audit my Puppet configuration and clean out any extraneous certs.

edit retag flag offensive close merge delete

Comments

Puppet will either sync the 'reports' to the master by default, or to puppetDB if you have that configured. You can get the 'last run' metrics by inspecting those logs. On your puppetmaster, you can find the reports in `sudo puppet config print reportdir`

DarylW gravatar imageDarylW ( 2017-10-11 09:42:20 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted
1

answered 2017-10-12 13:12:20 -0500

erichymowitz gravatar image

Based on @DarylW's suggestion, you might try

# cd `puppet config print reportdir`
# for i in * ; do ls -lt $i/*.yaml | head -1 ; done

That should give you an ugly but concise list of all of the agents with the last time they contacted the server.

edit flag offensive delete link more

Comments

With the announcements from puppetconf on bolt, you could either use the output from your puppet cert list --all command as the nodes list and look for the last run summary information on the nodes, if you can't reach a node you know it's not there, and if you can you could see the last puppet run

DarylW gravatar imageDarylW ( 2017-10-13 09:16:17 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2017-10-10 11:54:37 -0500

Seen: 23 times

Last updated: Oct 12