Below are some of the command’s I’ve found helpful in cleaning up nodes that have been retired, deleted or part of an auto scaling group. These commands could easily be added to a script to automate the process.
This will list all the puppet agent certs signed or pending on your puppet master. The “+” denote’s the cert is signed.
sudo puppet cert list --all
+ "drew-vm-test.local" (SHA256) F8:B1.. (alt names: "DNS:drew-vm-test", "DNS:puppet")
Once you have the cert name you can perform some cleanup tasks such as…
Remove exported resources, that way they stop showing up in compiled catalogs. If you are using PuppetDB you could instead use node-ttl and node-purge-ttl.
sudo puppet node deactivate drew-vm-test.local
Remove the node’s cert from the Puppet Master.
sudo puppet cert clean drew-vm-test.local
Remove the node’s reports from the Puppet Dashboard.
sudo su - puppet-dashboard -c "/opt/puppet/bin/rake RAILS_ENV=production node:del name=drew-vm-test.local"