Puppet House Cleaning

- 1 min

Below are some of the command’s I’ve found helpful in cleaning up nodes that have been retired, deleted or part of an auto scaling group. These commands could easily be added to a script to automate the process.

This will list all the puppet agent certs signed or pending on your puppet master. The “+” denote’s the cert is signed.

sudo puppet cert list --all
+ "drew-vm-test.local" (SHA256) F8:B1.. (alt names: "DNS:drew-vm-test", "DNS:puppet")


Once you have the cert name you can perform some cleanup tasks such as…

Remove exported resources, that way they stop showing up in compiled catalogs. If you are using PuppetDB you could instead use node-ttl and node-purge-ttl.

sudo puppet node deactivate drew-vm-test.local



Remove the node’s cert from the Puppet Master.

sudo puppet cert clean drew-vm-test.local



Remove the node’s reports from the Puppet Dashboard.

sudo su - puppet-dashboard -c "/opt/puppet/bin/rake RAILS_ENV=production node:del name=drew-vm-test.local"





Thoughts or comments? Please share below…


comments powered by Disqus
rss facebook twitter github youtube mail spotify lastfm instagram linkedin google google-plus pinterest medium vimeo stackoverflow reddit quora quora