Table of Contents
In this article, I will take you through top 10 Puppet Commands in Linux. Puppet is an open source systems management tool for centralizing and automating configuration management. Configuration management is the detailed recording and updating of information that describes an enterprise’s hardware and software. If you are working in Automation or in DevOps profile, you need to essentially know the below daily used puppet commands.
To install puppet server and agent, you can go and follow the instructions at How to install Puppet Master and Agent.
Puppet Commands
1. To Debug the Puppet Agent Connection
For troubleshooting any error in puppet connection, it is always a good idea to debug through –DEBUG switch option in puppet commands.
[root@puppet-agent facts.d]# /opt/puppetlabs/bin/puppet agent -t --DEBUG
Debug: Applying settings catalog for sections main, agent, ssl
Debug: Caching environment 'production' (ttl = 0 sec)
Debug: Evicting cache entry for environment 'production'
Debug: Caching environment 'production' (ttl = 0 sec)
Debug: Evicting cache entry for environment 'production'
Debug: Caching environment 'production' (ttl = 0 sec)
Debug: Evicting cache entry for environment 'production'
Debug: Caching environment 'production' (ttl = 0 sec)
Debug: Using settings: adding file resource 'confdir': 'File[/etc/puppetlabs/puppet]{:path=>"/etc/puppetlabs/puppet", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
Debug: Using settings: adding file resource 'codedir': 'File[/etc/puppetlabs/code]{:path=>"/etc/puppetlabs/code", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
Debug: Evicting cache entry for environment 'production'
Debug: Caching environment 'production' (ttl = 0 sec)
Debug: Failed to load library 'cfpropertylist' for feature 'cfpropertylist'
Debug: Evicting cache entry for environment 'production'
Debug: Caching environment 'production' (ttl = 0 sec)
Debug: Evicting cache entry for environment 'production'
...............................................................................................................
2. To check the requested Cert
Check all the certificate signing request sent by the puppet agent nodes through below command.
[root@puppet-master ~]# /opt/puppetlabs/bin/puppet cert list
"puppet" (SHA256) 39:71:70:6E:AE:58:E5:73:E6:81:A8:74:9F:8E:D7:4E:08:14:DB:6D:FB:81:2D:01:4F:7E:6C:ED:33:81:03:2E (alt names: "DNS:puppet", "DNS:puppet-master") **
3. To remove the requested cert
If you want to remove the previous certificate request sent by the puppet agent, you can use the below command.
[root@puppet-master ~]# /opt/puppetlabs/bin/puppet cert clean puppet-agent
Notice: Revoked certificate with serial 3
Notice: Removing file Puppet::SSL::Certificate puppet-agent at '/etc/puppetlabs/puppet/ssl/ca/signed/puppet-agent.pem'
Notice: Removing file Puppet::SSL::Certificate puppet-agent at '/etc/puppetlabs/puppet/ssl/certs/puppet-agent.pem'
To check if the certificate is removed or not, below command can be used.
[root@puppet-master ~]# /opt/puppetlabs/bin/puppet cert list
"puppet" (SHA256) 39:71:70:6E:AE:58:E5:73:E6:81:A8:74:9F:8E:D7:4E:08:14:DB:6D:FB:81:2D:01:4F:7E:6C:ED:33:81:03:2E (alt names: "DNS:puppet", "DNS:puppet-master") **
"puppet-agent" (SHA256) 42:2B:20:95:18:51:D5:01:B1:5E:FB:9E:22:B6:89:33:DE:15:44:81:13:B9:07:AB:8D:AA:F0:32:BE:85:BA:83 (alt names: "DNS:puppet-agent", "DNS:puppet-master") **
4. To remove the old cert which is not in requested state
For some reason if puppet agent node decided to send another certificate signature request and try to ignore the previous one then you can clean those certs using below command.
[root@puppet-master ~]# /opt/puppetlabs/bin/puppet cert clean puppet Notice: Removing file Puppet::SSL::CertificateRequest puppet at '/etc/puppetlabs/puppet/ssl/ca/requests/puppet.pem' [root@puppet-master ~]# /opt/puppetlabs/bin/puppet cert list "puppet-agent" (SHA256) 42:2B:20:95:18:51:D5:01:B1:5E:FB:9E:22:B6:89:33:DE:15:44:81:13:B9:07:AB:8D:AA:F0:32:BE:85:BA:83 (alt names: "DNS:puppet-agent", "DNS:puppet-master") **
5. To search a module
If you want to search a module jgazeley-nagios, you can use the below puppet commands.
[root@puppet-master ~]# /opt/puppetlabs/bin/puppet module search jgazeley-nagios
Notice: Searching https://forgeapi.puppet.com ...
NAME DESCRIPTION AUTHOR KEYWORDS
jgazeley-nagios Manage Nagios, NRPE, NSCA, PNP4Nagios, BPI and other monitoring components @jgazeley
6. To Install module jgazeley-nagios
If you want to install a module jgazeley-nagios, you can use below command.
[root@puppet-master ~]# /opt/puppetlabs/bin/puppet module install jgazeley-nagios
Notice: Preparing to install into /etc/puppetlabs/code/environments/production/modules ...
Notice: Downloading from https://forgeapi.puppet.com ...
Notice: Installing -- do not interrupt ...
/etc/puppetlabs/code/environments/production/modules
└─┬ jgazeley-nagios (v0.4.0)
├── dalen-dnsquery (v3.0.0)
├── puppet-selinux (v1.6.1)
├── puppetlabs-apache (v1.3.0)
├── puppetlabs-concat (v4.2.1)
├── puppetlabs-firewall (v1.15.3)
├── puppetlabs-stdlib (v4.25.1)
├── puppetlabs-vcsrepo (v2.4.0)
├── saz-sudo (v4.2.0)
└── stahnma-epel (v1.3.1)
7. To List out all the installed modules
All the installed modules can be checked through /opt/puppetlabs/bin/puppet module list command.
[root@puppet-master ~]# /opt/puppetlabs/bin/puppet module list
/etc/puppetlabs/code/environments/production/modules
├── dalen-dnsquery (v3.0.0)
├── jgazeley-nagios (v0.4.0)
├── puppet-selinux (v1.6.1)
├── puppetlabs-apache (v1.3.0)
├── puppetlabs-concat (v4.2.1)
├── puppetlabs-firewall (v1.15.3)
├── puppetlabs-stdlib (v4.25.1)
├── puppetlabs-vcsrepo (v2.4.0)
├── saz-sudo (v4.2.0)
└── stahnma-epel (v1.3.1)
/etc/puppetlabs/code/modules (no modules installed)
/opt/puppetlabs/puppet/modules (no modules installed)
8. To uninstall package jgazeley-nagios
Puppet modules can be installed through /opt/puppetlabs/bin/puppet module uninstall command as shown below.
[root@puppet-master ~]# /opt/puppetlabs/bin/puppet module uninstall jgazeley-nagios
Notice: Preparing to uninstall 'jgazeley-nagios' ...
Removed 'jgazeley-nagios' (v0.4.0) from /etc/puppetlabs/code/environments/production/modules
9. To check the Puppet Version
One of the very basic but important command is to check the puppet version. It can be checked using below command.
[root@puppet-master ~]# /opt/puppetlabs/bin/puppet --version
4.10.12
10. To force upgrade the package
Puppet installed packages can be forcefully upgraded using –force switch.
[root@puppet-master ~]# puppet module upgrade --force --version 0.4.0 jgazeley-nagios
Notice: Preparing to upgrade 'jgazeley-nagios' ...
Notice: Found 'jgazeley-nagios' (v0.3.1) in /etc/puppetlabs/code/environments/production/modules ...
Notice: Downloading from https://forgeapi.puppet.com ...
Notice: Upgrading -- do not interrupt ...
/etc/puppetlabs/code/environments/production/modules
└── jgazeley-nagios (v0.3.1 -> v0.4.0)
Also Read: How to install and Set Up Puppet Master and Agent
Reference: Puppet Documentation