Our servers listing ( is very out-of-date. Instead of having to update it all the time, we should automatically update it based on the actual state of our system.

A good starting point for this would be writing a quick script to actually get the state of each VM and where it is.

Networking Gear, Raspberry Pi, and NUC are listed as type=server in LDAP. Should I hard code their types into the list of hosts or should I just list them as Physical Servers?

I’d handle this the same way it’s currently done, by hardcoding their types. See the current implementation:

@ziyaoz thanks for working on this, and sorry for my delay on moving progress forward.

ocfweb now has its own Puppet cert, and the necessary files are in the secrets folder. I’m able to make the necessary HTTP request with the following curl command:

curl https://puppetdb:8081/pdb/query/v4/facts/vms --tlsv1 --cacert puppet-ca.pem --cert puppet-cert.pem --key puppet-private.pem

If you contact me I can give you access to these certs.

To make these requests in ocfweb, I’d recommend using the requests library, and only running it periodically. As an example, I’d look at how we currently handle lab hours.

Let me know if you have any more questions! This is a very exciting project and now it can finally get done!

Sent you an email!

@dkessler I just got a simple prototype working in python. For the production version I imagine it’s not a good idea to add the puppet certs to git. Could I have a pointer to how to securely store and access those certs?

The files are in the Puppet private share, so based on the files will be in /etc/ocfweb in production.