The situation:

In every larger environment when you debug or you would like to update something, good if you disable automatic changes (configuration management tool(s)). Now I will explain one solution, how can you disable all puppet-agent on (affected) hosts.

Script usage:

script to disable puppet agent on described hosts. Script also print out, if puppet agent was disabled previously (no overwrite it. Default behavior if you set twice disable message, first-one will be vaild). The script was tested & worked on CentOS 6.6 & on CentOS 6.7.

Example:

./disable_puppet_agent.sh pmikaczo 5 "disable due rollout disable message with spaces" /etc/hosts result.txt

• ./disable_puppet_agent.sh –> Name of the script
• pmikaczo –> User who will SSH into the target server (this user must to be have an account on the target-server & must to have root rights (can be root with sudo command)
• 5 –> Timeout value in SEC. If the next-one host is not reachable, the script skip it after elapsed declared timeout value.
• “disable due rollout disable message with spaces” –> The comment what the script will be left as “Disable Message”.
• /etc/hosts –> Source of target servers. Input’s format:

test-system01
test-system02
192.168.1.34
...

If you would like to use “/etc/hosts” as source, please modify the script:

FROM:

timeout $TIMEOUT sshpass -p $password ssh -oStrictHostKeyChecking=no -T -l $USER $line SSH

TO:

timeout $TIMEOUT sshpass -p $password ssh -oStrictHostKeyChecking=no -T -l $USER $(echo $line | awk '{print $1}') SSH

• result.txt –> The script’s output (where it could be SSH in, where was disabled puppet agent,…) filename.

Script:

Check it in here. If you would like to improve it, just do & push it to GIT.