This message was deleted.
# puppet
s
This message was deleted.
h
It is not how Puppet is intended to work, but could be made to work if there is a good reason for it. You can send facts from a node to the puppet server. They end up in PuppetDB. You tjhe query PDB for those facts and make decisions for the catalogs for nodes X and Y.
Puppet is about defining the desired state of your infrastructure rather then imperatively “running scripts”.
Something secret/sensitive like passwords are best handled with something like Vault. Puppet looks up secrets in Vault (with server credentials) and makes decisions based on values. Alternatively delegates the lookup to the agents that should make use if those values - in this later preferred scenario, the password is only readable by the agents that are supposed to be able to read them.
a
@helindbe thank you very much du you know another program, / tool which can handle my use case ?
y
I’d say any webhook server should be able to do this (accept some http request and run a predefined command e.g.)
a
hey @Yury Bushmelev same thought thanks 🙂
h
To paraphrase, you want to trigger a run of a script on predefined nodes (X, Y, or more) initialized by a http post to a predefined location. This sounds like a task for NATS (or other queuing system). A webhook only gives you the first step, running a script, it would then need to remotely tell X and Y to run “their script”, how would you do that? (Lots of questions after that: all cloud? Are the http request over internet, what are the nodes, what is already on them? Puppet?) If already on Puppet, a webhook and Bolt to run on the nodes could work. For large scale look at Choria, which is built on NATS).
c
Yeah, that's more of a fit for Bolt or Choria. The PE Orchestrator also provides a HTTP API that dispatches Bolt task scripts.
a
yes i agree a combination of bolt and puppet/puppetdb could work to distribute. because tbh i do not want to trigger the http on each node. but what also a way of doing for me would be: generate script with variabels via http (eg fill a script with variables, not generating, just filling), and use puppet and environments for distribution
h
I would store the input from the http request somewhere (a file for example). Then the compilation would read the file, produce the script file contents of a file resource, sent to agent and then executed by another resource.
a
smart approach, i will go for it ! 🙂