@@ -86,28 +86,28 @@ def summary
8686
8787 def help
8888 <<~HELP
89-
89+
9090 puppet-agent(8) -- #{ summary }
9191 ========
92-
92+
9393 SYNOPSIS
9494 --------
9595 Retrieves the client configuration from the Puppet master and applies it to
9696 the local host.
97-
97+
9898 This service may be run as a daemon, run periodically using cron (or something
9999 similar), or run interactively for testing purposes.
100-
101-
100+
101+
102102 USAGE
103103 -----
104104 puppet agent [--certname <NAME>] [-D|--daemonize|--no-daemonize]
105105 [-d|--debug] [--detailed-exitcodes] [--digest <DIGEST>] [--disable [MESSAGE]] [--enable]
106106 [--fingerprint] [-h|--help] [-l|--logdest syslog|eventlog|<ABS FILEPATH>|console]
107107 [--serverport <PORT>] [--noop] [-o|--onetime] [--sourceaddress <IP_ADDRESS>] [-t|--test]
108108 [-v|--verbose] [-V|--version] [-w|--waitforcert <SECONDS>]
109-
110-
109+
110+
111111 DESCRIPTION
112112 -----------
113113 This is the main puppet client. Its job is to retrieve the local
@@ -118,33 +118,33 @@ def help
118118 authority as part of the puppet server (which is the default). The
119119 client will connect and request a signed certificate, and will continue
120120 connecting until it receives one.
121-
121+
122122 Once the client has a signed certificate, it will retrieve its
123123 configuration and apply it.
124-
125-
124+
125+
126126 USAGE NOTES
127127 -----------
128128 'puppet agent' does its best to find a compromise between interactive
129129 use and daemon use. If you run it with no arguments and no configuration, it
130130 goes into the background, attempts to get a signed certificate, and retrieves
131131 and applies its configuration every 30 minutes.
132-
132+
133133 Some flags are meant specifically for interactive use --- in particular,
134134 'test', 'tags' and 'fingerprint' are useful.
135-
135+
136136 '--test' runs once in the foreground with verbose logging, then exits.
137- It also exits if it can't get a valid catalog. `--test` includes the
138- '--detailed-exitcodes' option by default and exits with one of the following
137+ It also exits if it can't get a valid catalog. `--test` includes the
138+ '--detailed-exitcodes' option by default and exits with one of the following
139139 exit codes:
140-
141- * 0: The run succeeded with no changes or failures; the system was already in
140+
141+ * 0: The run succeeded with no changes or failures; the system was already in
142142 the desired state.
143143 * 1: The run failed, or wasn't attempted due to another run already in progress.
144144 * 2: The run succeeded, and some resources were changed.
145145 * 4: The run succeeded, and some resources failed.
146146 * 6: The run succeeded, and included both changes and failures.
147-
147+
148148 '--tags' allows you to specify what portions of a configuration you want
149149 to apply. Puppet elements are tagged with all of the class or definition
150150 names that contain them, and you can use the 'tags' flag to specify one
@@ -155,7 +155,7 @@ def help
155155 class, and call puppet with '--tags ntpd', which would only apply that
156156 small portion of the configuration during your testing, rather than
157157 applying the whole thing.
158-
158+
159159 '--fingerprint' is a one-time flag. In this mode 'puppet agent' runs
160160 once and displays on the console (and in the log) the current certificate
161161 (or certificate request) fingerprint. Providing the '--digest' option
@@ -164,168 +164,168 @@ def help
164164 the master, the certificate request the master received is the same as
165165 the one the client sent (to prevent against man-in-the-middle attacks
166166 when signing certificates).
167-
167+
168168 '--skip_tags' is a flag used to filter resources. If this is set, then
169169 only resources not tagged with the specified tags will be applied.
170170 Values must be comma-separated.
171-
172-
171+
172+
173173 OPTIONS
174174 -------
175-
175+
176176 Note that any Puppet setting that's valid in the configuration file is also a
177177 valid long argument. For example, 'server' is a valid setting, so you can
178- specify '--server <servername>' as an argument. Boolean settings accept a '--no-'
179- prefix to turn off a behavior, translating into '--setting' and '--no-setting'
178+ specify '--server <servername>' as an argument. Boolean settings accept a '--no-'
179+ prefix to turn off a behavior, translating into '--setting' and '--no-setting'
180180 pairs, such as `--daemonize` and `--no-daemonize`.
181-
181+
182182 See the configuration file documentation at
183183 https://puppet.com/docs/puppet/latest/configuration.html for the
184184 full list of acceptable settings. A commented list of all settings can also be
185185 generated by running puppet agent with '--genconfig'.
186-
186+
187187 * --certname:
188188 Set the certname (unique ID) of the client. The master reads this
189189 unique identifying string, which is usually set to the node's
190190 fully-qualified domain name, to determine which configurations the
191191 node will receive. Use this option to debug setup problems or
192192 implement unusual node identification schemes.
193193 (This is a Puppet setting, and can go in puppet.conf.)
194-
194+
195195 * --daemonize:
196196 Send the process into the background. This is the default.
197197 (This is a Puppet setting, and can go in puppet.conf. Note the special 'no-'
198198 prefix for boolean settings on the command line.)
199-
199+
200200 * --no-daemonize:
201201 Do not send the process into the background.
202202 (This is a Puppet setting, and can go in puppet.conf. Note the special 'no-'
203203 prefix for boolean settings on the command line.)
204-
204+
205205 * --debug:
206206 Enable full debugging.
207-
207+
208208 * --detailed-exitcodes:
209209 Provide extra information about the run via exit codes; works only if '--test'
210210 or '--onetime' is also specified. If enabled, 'puppet agent' uses the
211211 following exit codes:
212-
212+
213213 0: The run succeeded with no changes or failures; the system was already in
214214 the desired state.
215-
215+
216216 1: The run failed, or wasn't attempted due to another run already in progress.
217-
217+
218218 2: The run succeeded, and some resources were changed.
219-
219+
220220 4: The run succeeded, and some resources failed.
221-
221+
222222 6: The run succeeded, and included both changes and failures.
223-
223+
224224 * --digest:
225225 Change the certificate fingerprinting digest algorithm. The default is
226226 SHA256. Valid values depends on the version of OpenSSL installed, but
227227 will likely contain MD5, MD2, SHA1 and SHA256.
228-
228+
229229 * --disable:
230230 Disable working on the local system. This puts a lock file in place,
231231 causing 'puppet agent' not to work on the system until the lock file
232232 is removed. This is useful if you are testing a configuration and do
233233 not want the central configuration to override the local state until
234234 everything is tested and committed.
235-
235+
236236 Disable can also take an optional message that will be reported by the
237237 'puppet agent' at the next disabled run.
238-
238+
239239 'puppet agent' uses the same lock file while it is running, so no more
240240 than one 'puppet agent' process is working at a time.
241-
241+
242242 'puppet agent' exits after executing this.
243-
243+
244244 * --enable:
245245 Enable working on the local system. This removes any lock file,
246246 causing 'puppet agent' to start managing the local system again
247247 However, it continues to use its normal scheduling, so it might
248248 not start for another half hour.
249-
249+
250250 'puppet agent' exits after executing this.
251-
251+
252252 * --evaltrace:
253253 Logs each resource as it is being evaluated. This allows you to interactively
254254 see exactly what is being done. (This is a Puppet setting, and can go in
255255 puppet.conf. Note the special 'no-' prefix for boolean settings on the command line.)
256-
256+
257257 * --fingerprint:
258258 Display the current certificate or certificate signing request
259259 fingerprint and then exit. Use the '--digest' option to change the
260260 digest algorithm used.
261-
261+
262262 * --help:
263263 Print this help message
264-
264+
265265 * --job-id:
266266 Attach the specified job id to the catalog request and the report used for
267267 this agent run. This option only works when '--onetime' is used. When using
268268 Puppet Enterprise this flag should not be used as the orchestrator sets the
269269 job-id for you and it must be unique.
270-
270+
271271 * --logdest:
272272 Where to send log messages. Choose between 'syslog' (the POSIX syslog
273273 service), 'eventlog' (the Windows Event Log), 'console', or the path to a log
274274 file. If debugging or verbosity is enabled, this defaults to 'console'.
275275 Otherwise, it defaults to 'syslog' on POSIX systems and 'eventlog' on Windows.
276- Multiple destinations can be set using a comma separated list
276+ Multiple destinations can be set using a comma separated list
277277 (eg: `/path/file1,console,/path/file2`)"
278-
278+
279279 A path ending with '.json' will receive structured output in JSON format. The
280280 log file will not have an ending ']' automatically written to it due to the
281281 appending nature of logging. It must be appended manually to make the content
282282 valid JSON.
283-
283+
284284 A path ending with '.jsonl' will receive structured output in JSON Lines
285285 format.
286-
286+
287287 * --masterport:
288288 The port on which to contact the Puppet Server.
289289 (This is a Puppet setting, and can go in puppet.conf.
290290 Deprecated in favor of the 'serverport' setting.)
291-
291+
292292 * --noop:
293293 Use 'noop' mode where the daemon runs in a no-op or dry-run mode. This
294294 is useful for seeing what changes Puppet would make without actually
295295 executing the changes.
296296 (This is a Puppet setting, and can go in puppet.conf. Note the special 'no-'
297297 prefix for boolean settings on the command line.)
298-
298+
299299 * --onetime:
300300 Run the configuration once. Runs a single (normally daemonized) Puppet
301301 run. Useful for interactively running puppet agent when used in
302302 conjunction with the --no-daemonize option.
303303 (This is a Puppet setting, and can go in puppet.conf. Note the special 'no-'
304304 prefix for boolean settings on the command line.)
305-
305+
306306 * --serverport:
307307 The port on which to contact the Puppet Server.
308308 (This is a Puppet setting, and can go in puppet.conf.)
309-
309+
310310 * --sourceaddress:
311311 Set the source IP address for transactions. This defaults to automatically selected.
312312 (This is a Puppet setting, and can go in puppet.conf.)
313-
313+
314314 * --test:
315315 Enable the most common options used for testing. These are 'onetime',
316316 'verbose', 'no-daemonize', 'no-usecacheonfailure', 'detailed-exitcodes',
317317 'no-splay', and 'show_diff'.
318-
318+
319319 * --trace
320320 Prints stack traces on some errors. (This is a Puppet setting, and can go in
321321 puppet.conf. Note the special 'no-' prefix for boolean settings on the command line.)
322-
322+
323323 * --verbose:
324324 Turn on verbose reporting.
325-
325+
326326 * --version:
327327 Print the puppet version number and exit.
328-
328+
329329 * --waitforcert:
330330 This option only matters for daemons that do not yet have certificates
331331 and it is enabled by default, with a value of 120 (seconds). This
@@ -334,22 +334,22 @@ def help
334334 of a puppet client. You can turn off waiting for certificates by
335335 specifying a time of 0.
336336 (This is a Puppet setting, and can go in puppet.conf.)
337-
337+
338338 * --write_catalog_summary
339339 After compiling the catalog saves the resource list and classes list to the node
340340 in the state directory named classes.txt and resources.txt
341341 (This is a Puppet setting, and can go in puppet.conf.)
342-
342+
343343 EXAMPLE
344344 -------
345345 $ puppet agent --server puppet.domain.com
346-
347-
346+
347+
348348 DIAGNOSTICS
349349 -----------
350-
350+
351351 Puppet agent accepts the following signals:
352-
352+
353353 * SIGHUP:
354354 Restart the puppet agent daemon.
355355 * SIGINT and SIGTERM:
@@ -358,16 +358,16 @@ def help
358358 Immediately retrieve and apply configurations from the puppet master.
359359 * SIGUSR2:
360360 Close file descriptors for log files and reopen them. Used with logrotate.
361-
361+
362362 AUTHOR
363363 ------
364364 Luke Kanies
365-
366-
365+
366+
367367 COPYRIGHT
368368 ---------
369369 Copyright (c) 2011 Puppet Inc., LLC Licensed under the Apache 2.0 License
370-
370+
371371 HELP
372372 end
373373
0 commit comments