Monitoring/sre.puppet.sync-netbox-hiera.timer

The systemd timer on the cumin hosts the cookbook that syncs data from Netbox data so its readable by puppet. It runs the cook book in check mode and checks if there are any uncommitted unsynced changes. This ensures that changes in Netbox are reflected in the puppet hiera data and hence in production in a timely manner and that there are no leftover changes that will show up to the next person running the sre.puppet.sync-netbox-hiera cookbook.

To see what are the pending changes that are uncommitted, run in DRY-RUN mode the sre.puppet.sync-netbox-hiera cookbook as follows (see Spicerack/Cookbooks#Run a single Cookbook for more context on how to run a cookbook):

sudo cookbook -d sre.puppet.sync-netbox-hiera "test"

It will show all the pending DNS changes not yet committed.

If you are missing context get in touch with the people/team most likely related to those changes asking in the various SRE IRC channels.

You can also look at the Netbox Change Log.

Only if you are sure that those changes can be committed, run the cookbook again without the dry-run flag

This will propagate DNS changes to production, hence care must be taken to make sure they are correct and would not cause an outage.