Basic Concept of Managing Nodes in Puppet

Agent Node Addition and Removal 

But, What is a Agent Node?

Agent node is a server that runs on each host computer system in the Network Deployment configuration. It serves only as an administrative agent and does not perform any application-serving functions.

Nodes that you wish Puppet Enterprise (PE) to handle can be added easily, and nodes that you no longer require can be removed easily. 

Adding Agent Nodes
 

1. First step is Installing agents in the nodes.

Click on Install agent.

Credit: www.vulongtrant.com

Fill in Node details.

Credit: www.vulongtrant.com

2. Integrate the CSRs(Certificate Signing Request), 

CSR? What is that ?

A Certificate Signing Request (CSR) is a specially formatted encrypted message sent from a digital certificate applicant to a certificate authority through Secure Sockets Layer (SSL).  The CSR validates the information required by the CA to issue a certificate.

Credit: www.vulongtrant.com

Delete Agent Nodes 

You can use the node's license on another node by clearing a node, which removes it from your inventory and makes it no longer under Puppet Enterprise's (PE) control. 

Steps to clear the node.

1. Delete the node from PuppetDB by clearing it. 
    
2. Deletes the node's data cache on the main server. 
    
3. Enables the license for a different node. 
    
4. Enables another node to use the hostname. 
    

Limitation: Purging (removing) nodes does not remove agents from the nodes. 

Run the following command on the agent node to stop the agent service.

service puppet stop

Run the following command to remove the node from the main server.

puppet node purge  <CERTNAME> 

To make the updated CRL available to your compilers, run the below command on them if you have any.

run puppet agent -t

Adding and Removing Agentless Nodes

 

• Nodes without a Puppet agent installed within them are known as agentless nodes. They can execute tasks and goals, however, unlike agent nodes, they are unable to keep your network in the desired state. 

• Devices that cannot have a Puppet agent installed on them include network switches and firewalls. These devices are referred to as agentless devices. By connecting devices, you can manage these network devices and use them to run tasks and Puppet activities.

Updating the Inventory with Agentless Nodes 

1. Click Nodes > Add nodes in the PE console. 
    
2. Click WinRM or SSH Connect to connect. 
    
3. Pick a mode of transportation. 
   
   
   • SSH for targets on *nix and macOS.
      
   • Targets of WinRM for Windows.
      
4. Type in the desired host names and the login details needed to access them. Also, include start and stop tags if you're using an SSH key. 

Option for Transport Setup

Option	Transport process	Definition
Accepts the request as a tty	SSH	If you want to enable text terminal access, use this.
Target port	WinRM and SSH.	The port of the connection.  The default value for SSH is 22.  Unless SSL: false is specified, the default value for WinRM is 5986; otherwise, it is 5985.
Run as a different user	SSH	This is the account profile to use for running tasks after logging in.
Timeout for connection in seconds	WinRM and SSH.	The amount of time Puppet Enterprise (PE) should wait for a reply before trying to connect.
Fixed directory	WinRM and SSH.	The location to put cached data while sending them to the target node.
Password for sudo	SSH	The passcode to use when using run-as to swap user profiles.

Raise the Inventory of Devices

1. Click Nodes to Add nodes in the PE console. 
    
2. Click OK to connect network devices. 
    
3. From the list of device transport modules you have installed in your production environment, choose the appropriate device type. 
    
4. As stated in the README for the transport module on the Forge, enter the device “certname” and other connection information. An asterisk indicates that a field is required. 
    
5. Select Add node.

Delete the Inventory of Devices and Agent-less Nodes

1. Find the node or device you wish to remove by clicking State or Nodes in the Puppet Enterprise (PE) console. Then click its name to see the Node information page. 
    
2. The Networks tab should be selected. 
    
3. Press the Disconnect button. The name of this link differs based on the type of connection, for example, Remove WinRM Connection, Remove SSH Connection, etc. 
    
4. Click Verify to cut the connection. 

Result 

PuppetDB labels a node or item as expired when you delete it from the database after the default node time-to-live period (node-ttl). When the base station time-to-live limit is reached, PuppetDB then deletes the node or device (node-purge-ttl). When a node or device is cleaned, it goes from the puppet enterprise console and its license becomes available.

How to Count Nodes?

The quantity of nodes in your inventory is known as your node count. You can only have so many active nodes before reaching your breaking limit under the terms of your Puppet Enterprise (PE) license. You must either buy a license for some more nodes or delete some nodes only from your inventory if your breaking limit is reached four times a month. 

Nodes that are Counted among the Nodes 

1. Nodes with reports kept in PuppetDB for the month. 
    
2. Even if the nodes did not have a response during the month, they must have completed Puppet runs, jobs, or plans in the arranger. 

Nodes not Counted in the Number of Nodes 

1. Nodes that the inventory program records but are not accessed by Puppet processes, jobs, or plans. 
    
2. Nodes that have been deleted but haven't produced any reports or activity in the past month. 

Reaching its Breaking Point

You reach the bursting limit when your node count exceeds the limit on your license. The bursting limit is a gap that permits you to briefly enter a new threshold without incurring additional costs while going over the number of nodes permitted by your license. Four days every month, whether they are consecutive or not, are allowed for you to exceed the bursting limit. You must purge nodes or purchase a license for additional nodes if you exceed the bursting limit five or more times in a row.

Deleting Nodes 

You can remove agent nodes, devices, and agentless nodes from the inventory. If you have useless nodes blocking up your inventory and are worried about exceeding your bursting limit.

Puppet Running on Nodes 

The main server and agent nodes carry out the following tasks during a Puppet run: 

1. Each agent node asks for a database and returns facts to the main server. 
    
2. Each agent's inventory is compiled and sent by the main server. 
    
3. By checking each resource the database lists, each agent applies it. When an agent finds a source that isn't in the ideal goal, the agent adjusts it in the appropriate ways to put it there.

Running Puppet with SSH

Puppet agent —test or puppet agent -t can be used to SSH into the target node and start a Puppet run from there.

Puppet Running from Console 

1. Go to Nodes in the console, then click the name of the node you want to use for Puppet. 
    
2. Click Run Puppet on the page with the Node details. If needed, you can set the following run options: 
   
   
   1. No-op: The Puppet run simulates changes without applying the new inventory. Nodes whose puppet has noop = true. Always operate in no-op mode, conf files. 
       
   2. Debug: Prints every message created during the run time, that can be used for problems. 
       
   3. Trace: Prints stack traces in the case of some problems.
       
   4. Evaltrace: Provides an analysis of the amount of time spent on each run-related step.

How to fix Failed Puppet Runs?

For 99% of failure runs, Puppet Enterprise (PE) generates a View Report link that you may use to view the run's events and logs. These errors could appear if a Puppet run fails. 

No changes could be made. 

Conflicting classes are a common mistake. For details, look at the run log. 

Running in no-op mode can also cause this error to appear. 

Run already in progress

It arises when you attempt to start a Puppet run on a node but one is already running on that node. This may be a planned run or a run that another user initiates.

Run request times out

If you try to start a Puppet run while the agent is unavailable, the error "Run request times out" will appear.

Reporting request has expired 

It occurs when, once the run is finished, the run report cannot be successfully stored in PuppetDB.

Frequently Asked Questions

What is the main work of Puppet nodes? 

A section of Puppet code known as a node definition also called a node statement, is only present in the inventories of matching nodes. You can do this to assign particular settings to create direct change. Include node values in the main display, which might be a single site.pp file, a directory of files, or both. 

Where is Puppet used? 

For the purposes of simplifying and centralizing version control, it is a free software application. One of the most popular tools for managing configurations for installing, setting up, and managing servers is a puppet. 

What do you mean by Puppet configuration management?

The desired result is then ensured on each platform via the Puppet setup-managed service. Infra as code (IaC) is a general strategy to construct a very hardware platform.

What is an example of RBAC?

RBAC's typical applications include the Role of a software engineer. It Has access to GitHub, GCP, and AWS. Has access to HubSpot, Google Analytics, Facebook Ads, and Google Ads in the marketing role. Has access to Xero and ADP as a financial function.

What do you mean by symmetric in RBAC? 

The auditing features added by symmetric RBAC enable the review of rights by user and role. The system is able to display each privilege a user has, both directly from given roles and indirectly from roles they have gained.

Conclusion

In this article, we have understood the Basic Concept of Managing Nodes in Puppet. We have also seen the running and removal of the agent-less node.

The following article may help to have a better understanding:

• Managing Access in Puppet.
   
• LDAP Authentication in Puppet.
   
• Accessing Console in Puppet.
   
• Advanced Concepts of RBAC API  v1 in Puppet.
   

If you face any doubt, please comment, and we will love to answer your questions.

Want expertise in Python for your next web development project? Check out our course.

Nevertheless, you may consider our paid courses to give your career an edge over others!

Do upvote our blogs if you find them helpful and engaging!

Happy Learning!