puppet node deactivate

asked 2014-04-15 11:53:55 -0600

nicoX
11 ●1 ●1 ●3

I didn't seem to be able to deactivate a node, after I did some changes to them. I have 39 nodes with one puppet master. It totals 40 nodes in the console. Yet 41 licenses are being used. How do I find out which node it is that I once again should puppet cert clean and puppet node deactivate?

edit retag flag offensive close merge delete

add a comment

2 Answers

Sort by » oldest newest most voted

answered 2014-04-15 15:02:45 -0600

ffrank
379 ●6 ●10

updated 2014-04-16 04:26:15 -0600

Find your master log file using puppet master --configprint masterlog. Extract enough lines from the end to cover about two agent cycles (usually agents check in twice an hour, so consider an hour's worth of logs).

You will find a log entry for each compilation. Your unused certificate should be the only one that does not appear.

Assuming you need X lines, try

tail -n X `puppet master --configprint masterlog` | grep Compiled | sed 's/.*for \(.*\) in env.*/\1/' | sort -u

With PE, you ought to be able to identify nodes that do not check in via the Web Console ... (more)

edit flag offensive delete link

Comments

I don't seem to have a puppetmaster.log. The only thing I have in /var/log/pe-puppet/ is two log files that are empty. I actually need to find ...(more)

nicoX ( 2014-04-16 04:12:38 -0600 )edit

I updated my answer to account for PE.

ffrank ( 2014-04-16 04:26:29 -0600 )edit

The same node that is licensed have checked in with a new hostname. It didn't seem to deactivate prior I changed the hostname on that node and checked it ...(more)

nicoX ( 2014-04-16 04:51:54 -0600 )edit

It should be safe to just remove the old fqdn from your database via whatever means PE provides for this.

ffrank ( 2014-04-16 06:29:49 -0600 )edit

I'm trying to figure out which old fqdn it is. Because I changed the hostname for 39 nodes, and don't keep track of which nodes fqdn I didn't revoke.

nicoX ( 2014-04-16 06:32:48 -0600 )edit

add a comment