Scroll to navigation



puppet-device - Manage remote network devices


Retrieves all configurations from the puppet master and apply them to the remote devices configured in /etc/puppetlabs/puppet/device.conf.

Currently must be run out periodically, using cron or something similar.


puppet device [-d|--debug] [--detailed-exitcodes] [--deviceconfig file] [-h|--help] [-l|--logdest syslog|file|console] [-v|--verbose] [-w|--waitforcert seconds] [-t|--target device] [-V|--version]


Once the client has a signed certificate for a given remote device, it will retrieve its configuration and apply it.


One need a /etc/puppetlabs/puppet/device.conf file with the following content:

[remote.device.fqdn] type type url url

where: * type: the current device type (the only value at this time is cisco) * url: an url allowing to connect to the device

Supported url must conforms to: scheme://user:password@hostname/?query

with: * scheme: either ssh or telnet * user: username, can be omitted depending on the switch/router configuration * password: the connection password * query: this is device specific. Cisco devices supports an enable parameter whose value would be the enable password.


Note that any setting that´s valid in the configuration file is also a valid long argument. For example, ´server´ is a valid configuration parameter, so you can specify ´--server servername´ as an argument.
Enable full debugging.
Provide transaction information via exit codes. If this is enabled, an exit code of ´1´ means at least one device had a compile failure, an exit code of ´2´ means at least one device had resource changes, and an exit code of ´4´ means at least one device had resource failures. Exit codes of ´3´, ´5´, ´6´, or ´7´ means that a bitwise combination of the preceding exit codes happened.
Path to the device config file for puppet device. Default: $confdir/device.conf
Print this help message
Where to send log messages. Choose between ´syslog´ (the POSIX syslog service), ´console´, or the path to a log file. If debugging or verbosity is enabled, this defaults to ´console´. Otherwise, it defaults to ´syslog´.
A path ending with ´.json´ will receive structured output in JSON format. The log file will not have an ending ´]´ automatically written to it due to the appending nature of logging. It must be appended manually to make the content valid JSON.
Target a specific device/certificate in the device.conf. Doing so will perform a device run against only that device/certificate.
Turn on verbose reporting.
This option only matters for daemons that do not yet have certificates and it is enabled by default, with a value of 120 (seconds). This causes +puppet agent+ to connect to the server every 2 minutes and ask it to sign a certificate request. This is useful for the initial setup of a puppet client. You can turn off waiting for certificates by specifying a time of 0.


  $ puppet device --server


Brice Figureau


Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
June 2017 Puppet Labs, LLC