Reputation: 3055
puppet cert list all using api/python?
I need to get the list of all puppet nodes (basically output of puppet cert list --all). What is the best way to do the same using python (without using exec or similar things on the command itself) in puppet 2.6.18
puppet 2.7.0 onwards has HTTP API to achieve the same.
http://docs.puppetlabs.com/guides/rest_api.html#certificate-request
GET /{environment}/certificate_statuses/no_key
puppetdb also one api but am not sure if the env am working with has puppetdb. (checking on that).
Is there anything like ansible.runner for puppet? Any other thoughts?
Upvotes: 2
Views: 1771
Answers (1)
Reputation: 46
You first need to configure access to the REST API in auth.conf. Then you can use the built-in urllib2 or external requests library to query the API with the appropriate SSL client certificate for authentication.
If you don't want to deal with SSL client certificates, you can use allow_ip in auth.conf. I'd only do that if you're not interested in the more sensitive areas of the API (like requesting a catalog).
I wrote a Python wrapper around the Puppet REST API and posted it on GitHub: pypuppet.
For example,
>>> import puppet
>>> p = puppet.Puppet()
>>> print p.certificates()
See the README and example auth.conf for more info. Let me know how it works out for you.
Upvotes: 3
Related Questions
- How to list and read all installed certificates (SSL) using Python ::Windows
- Puppet : Did not receive certificate
- How to reuse puppet SSL certificates
- Puppet how is a certname determined?
- How to read all certificates on a server using Python
- Puppet Windows Agent Certificate
- Running puppet cert list doesn't show certificate I'm looking for
- python 2.7.5 requests and certificate verify failed
- Puppet showing cert in list, but cannot 'find' it
- How do I make Puppet serve the proper certificate?