如何自动将节点添加到组?

时间:2015-05-11 19:46:51

标签: puppet-enterprise

我刚从PE 3.3切换到Puppet Enterprise 3.8。 我使用rake api来创建我的组,类和节点。这在PE 3.8中不再有效,并且除了使用仪表板(https://docs.puppetlabs.com/pe/latest/console_classes_groups.html#adding-nodes-to-a-node-group)之外,似乎没有任何记录方式将节点添加到给定组。

有人能指出一些关于如何自动向组添加节点的文档吗?

1 个答案:

答案 0 :(得分:4)

您可以使用Node Classifier API添加组,或将节点添加到组中。您需要在master和include the correct certs with the requests上运行这些curl命令。在下面的命令中,将“fqdn”替换为主服务器的完全限定域名。

创建一个名为“foo”的组,该组是默认组的子级

curl 'https://fqdn:4433/classifier-api/v1/groups' \
   -H "Content-Type: application/json" \
   --cert /etc/puppetlabs/puppet/ssl/certs/fqdn.pem \
   --key /etc/puppetlabs/puppet/ssl/private_keys/fqdn.pem \
   --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem

获取所有组,以便我们可以获取新创建的组的ID 

{
  "environment_trumps": false,
  "parent": "00000000-0000-4000-8000-000000000000",
  "name": "foo",
  "variables": {},
  "id": "085e2797-32f3-4920-9412-8e9decf4ef65",
  "environment": "production",
  "classes": {}
},

对该请求的响应将包含新创建的组:

curl -X POST -H 'Content-Type: application/json' \
  --cert /etc/puppetlabs/puppet/ssl/certs/fqdn.pem \
  --key /etc/puppetlabs/puppet/ssl/private_keys/fqdn.pem \
  --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem \
  -d '{ "rule": ["or", ["=", "name", "u38a.vm"]] }' \
  https://fqdn:4433/classifier-api/v1/groups/085e2797-32f3-4920-9412-8e9decf4ef65

修改新组以“固定”节点

curl -X POST -H 'Content-Type: application/json' \
  --cert /etc/puppetlabs/puppet/ssl/certs/fqdn.pem \
  --key /etc/puppetlabs/puppet/ssl/private_keys/fqdn.pem \
  --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem \
  -d '{ "rule": ["or", ["=", "name", "u38a.vm"], ["=", "name", "u38.vm"]] }' \
  https://fqdn:4433/classifier-api/v1/groups/085e2797-32f3-4920-9412-8e9decf4ef65

修改新组以“固定”另一个节点(您必须提供完整的新规则)

curl -X POST -H 'Content-Type: application/json' \
  --cert $(puppet config print hostcert) \
  --key $(puppet config print hostprivkey) \
  --cacert $(puppet config print localcacert) \
-d '{"nodes": ["foo.tld", "bar.tld", "baz.tld"]}' \
  https://$HOSTNAME:4433/classifier-api/v1/groups/<group id>/pin

更新2016-04-12

从Puppet Enterprise 2016.1.1开始,您可以使用new pin/unpin endpoints of the classifier API更轻松地执行此操作:

固定节点

curl -X POST -H 'Content-Type: application/json' \
  --cert $(puppet config print hostcert) \
  --key $(puppet config print hostprivkey) \
  --cacert $(puppet config print localcacert) \
-d '{"nodes": ["foo.tld", "bar.tld", "baz.tld"]}' \
  https://$HOSTNAME:4433/classifier-api/v1/groups/<group id>/unpin

取消固定节点

curl -X POST -H 'Content-Type: application/json' \
  --cert $(puppet config print hostcert) \
  --key $(puppet config print hostprivkey) \
  --cacert $(puppet config print localcacert) \
-d '{"nodes": ["foo.tld", "bar.tld", "baz.tld"]}' \
  https://$HOSTNAME:4433/classifier-api/v1/commands/unpin-from-all

取消固定所有组中的节点

使用新的(技术预览)commands/unpin-from-all端点:

Warning: include(Mage/Webviews/Helper/Data.php): failed to open stream: No such file or directory  in /media/ephemeral0/vep_mage-primaries-prod/web/lib/Varien/Autoload.php on line 93

使用所有这些端点,您还可以generate a token提供而不是使用基于证书的身份验证。

相关问题
最新问题