Launching agent runs from the puppet master using SSH - ghomem/legacy_puppet_infrastructure GitHub Wiki

One simple way to force the execution of the puppet agent in a node directly from the puppet master is executing a script such as:

#!/bin/bash

DOMAIN=mydomain.com # adjust to your case
REMOTE_USER=remcmd  # adjust to your case

function print_usage ()
{
  echo "usage: `basename $0` NODE"
}


### main script

if [ -z $1 ]; then
  print_usage
  exit 1
fi

NODE_NAME=$1
REMOTE_HOST=$NODE_NAME.$DOMAIN
NODE_LIST=$(sudo puppetserver ca list --all | tail -n +2 | awk '{ print $1 }' | tr '\n' ' ' )

if [ "$NODE_LIST" =~ ( ](/ghomem/legacy_puppet_infrastructure/wiki/^)"$NODE_NAME"(-|$)-); then
  sudo -u $REMOTE_USER ssh -o "StrictHostKeyChecking no" $REMOTE_HOST sudo puppet agent -t
else
  echo Node $NODE_NAME not found
fi

This makes it very easy to synchronize the node with the master, simply by executing

./run-puppet-agent.sh NODE

The script above assumes that user remcmd can execute sudo commands without password in every remote host. That can be achieved by adding to the passwd_devops local class something like:

# particular configuration for the remcmd user
sudo::conf { 'remcmd': priority => 10, content => "remcmd ALL=(ALL:ALL) NOPASSWD: ALL" }

apart from the usual user declaration line:

'remcmd'    => { myname => $::remcmd_cname,   myhash => $::remcmd_pwd_hash,   mykey => $::remcmd_ssh_key,   myhomemode => $homemode, },