Project

General

Profile

Actions

User story #11631

closed

Implement disable-flag for policy server policy copy for nodes

Added by Janos Mattyasovszky about 7 years ago. Updated over 6 years ago.

Status:
Released
Priority:
N/A
Category:
System techniques
Target version:
UX impact:
Suggestion strength:
User visibility:
Infrequent - complex configurations | third party integrations
Effort required:
Name check:
Fix check:
Regression:

Description

If someone implements a customized rsync-based copy for propagating the node-policy between policy server (root->relays), the following part would require a flag-file to disable this by the agent run like in #11257:

diff --git a/techniques/system/distributePolicy/1.0/propagatePromises.st b/techniques/system/distributePolicy/1.0/propagatePromises.st
index 83df92c..13edc62 100644
--- a/techniques/system/distributePolicy/1.0/propagatePromises.st
+++ b/techniques/system/distributePolicy/1.0/propagatePromises.st
@@ -45,6 +45,9 @@ bundle agent propagatePromises
     root_server::
       "rudder_tools_updated_exists" expression => fileexists("${g.rudder_tools_updated_origin}");

+    !root_server::
+      "disable_promises" expression => fileexists("/opt/rudder/etc/no_propagate_promises");
+
     any::
       "pass3" expression => "pass2";
       "pass2" expression => "pass1";
@@ -76,7 +79,7 @@ bundle agent propagatePromises
         comment      => "Enforce the ncf configuration file",
         classes      => classes_generic("configure_ncf_config");

-    (policy_server|role_rudder_relay_promises_only).!root_server::
+    (policy_server|role_rudder_relay_promises_only).!(root_server|disable_promises)::

       "${client_data}"  #that's a loop on each files in client_inputs
         copy_from    => remote("${server_info.cfserved}","${server_data}"),
@@ -84,6 +87,8 @@ bundle agent propagatePromises
         comment => "Fetching the promises to propagate",
         classes => if_else("promises_propagated", "could_not_propagate_promise");

+    (policy_server|role_rudder_relay_promises_only).!root_server::
+
       "${g.rudder_var}/shared-files/" 
         copy_from    => remote("${server_info.cfserved}","${g.rudder_var}/shared-files/${g.uuid}/shared-files"),
         depth_search => recurse_visible("inf"),
@@ -170,8 +175,12 @@ bundle agent propagatePromises
     # Success if files are updated or not changed (kept or repaired).
     # root server have only tools to be updated and others have tools,
     # promises, masterfiles folder to be updated.
-    pass3.(((root_server.propagate_tools_ok)|(!root_server.propagate_tools_ok.(promises_propagated|empty_promises_to_propagate).(shared_files_propagated|sharedfiles_not_existent).masterfiles_propagated.ncf_local_promises_propagated.ncf_common_promises_propagated.nodeslist_copied)).!(propagate_tools_error|promises_to_propagate_not_copied|sharedfiles_not_copied|could_not_propagate_masterfiles|could_not_propagate_ncf_local_promise|could_not_propagate_ncf_common_promise|could_not_copy_nodeslist))::
+    pass3.(((root_server.propagate_tools_ok)|(!root_server.propagate_tools_ok.(promises_propagated|empty_promises_to_propagate|disable_promises).(shared_files_propagated|sharedfiles_not_existent).masterfiles_propagated.ncf_local_promises_propagated.ncf_common_promises_propagated.nodeslist_copied)).!(propagate_tools_error|promises_to_propagate_not_copied|sharedfiles_not_copied|could_not_propagate_masterfiles|could_not_propagate_ncf_local_promise|could_not_propagate_ncf_common_promise|could_not_copy_nodeslist))::
       "any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Propagate promises", "None", "All files have been propagated");
+
+    pass3.disable_promises::
+      "any" usebundle => rudder_common_report("DistributePolicy", "log_info", "&TRACKINGKEY&", "Propagate promises", "None", "Node promises propagation disabled by flag file");
+
     pass3.promises_to_propagate_not_copied::
       "any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate policy");

Subtasks 4 (0 open4 closed)

User story #12106: Implement general parameters for policy server policy copy for nodesReleasedNicolas CHARLESActions
User story #12129: Adapt style of Relay synchronization method to match 4.2 styleReleasedVincent MEMBRÉActions
Bug #12148: On Settings page, in branch 4.2, current value for Synchronization method from Relay servers is not selectedReleasedVincent MEMBRÉActions
Bug #12150: Cannot save relay synch method form twiceReleasedFrançois ARMANDActions

Related issues 1 (0 open1 closed)

Related to Rudder - Bug #12142: Missing report for "Synchronize file" on a relay when shared-files folder is emptyResolvedNicolas CHARLESActions
Actions #1

Updated by Janos Mattyasovszky about 7 years ago

  • Description updated (diff)
Actions #2

Updated by Florian Heigl about 7 years ago

We just had a short discussion about this.
I'd recommend a setting instead of a switch, so that multiple transfer modes are supported.
As above there'd just be "default" or "nothing we know about", I'd like to be able to see it's "rsync".

Not really something we need in the UI though, since it's an uncommon case.

Actions #3

Updated by Janos Mattyasovszky almost 7 years ago

Hi

I am OK with a multi-state option, that defaults to "use cfengine" as long there is a state that "do nothing and report that I am not syncing it".

J

Actions #4

Updated by Benoît PECCATTE almost 7 years ago

  • Target version set to Ideas (not version specific)
Actions #5

Updated by François ARMAND almost 7 years ago

  • Target version changed from Ideas (not version specific) to 4.1.10
Actions #6

Updated by Benoît PECCATTE almost 7 years ago

  • Status changed from New to In progress
  • Assignee set to Benoît PECCATTE
Actions #7

Updated by Benoît PECCATTE almost 7 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Benoît PECCATTE to Alexis Mousset
  • Pull Request set to https://github.com/Normation/rudder-techniques/pull/1248
Actions #8

Updated by Alexis Mousset almost 7 years ago

  • Status changed from Pending technical review to In progress

I'm taking over this issue!

Actions #9

Updated by Nicolas CHARLES almost 7 years ago

  • Assignee changed from Alexis Mousset to Nicolas CHARLES

I'm taking over this issue!

Actions #10

Updated by Nicolas CHARLES almost 7 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Nicolas CHARLES to Alexis Mousset
  • Pull Request changed from https://github.com/Normation/rudder-techniques/pull/1248 to https://github.com/Normation/rudder-techniques/pull/1256
Actions #11

Updated by Benoît PECCATTE almost 7 years ago

  • Status changed from Pending technical review to Pending release
Actions #12

Updated by Vincent MEMBRÉ almost 7 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 4.1.10 and 4.2.4 which were released today.

Actions #13

Updated by François ARMAND over 6 years ago

  • Related to Bug #12142: Missing report for "Synchronize file" on a relay when shared-files folder is empty added
Actions

Also available in: Atom PDF