Project

General

Profile

User story #11631

Implement disable-flag for policy server policy copy for nodes

Added by Janos Mattyasovszky over 2 years ago. Updated over 1 year ago.

Status:
Released
Priority:
N/A
Category:
System techniques
Target version:
Suggestion strength:
User visibility:
Infrequent - complex configurations | third party integrations
Effort required:

Description

If someone implements a customized rsync-based copy for propagating the node-policy between policy server (root->relays), the following part would require a flag-file to disable this by the agent run like in #11257:

diff --git a/techniques/system/distributePolicy/1.0/propagatePromises.st b/techniques/system/distributePolicy/1.0/propagatePromises.st
index 83df92c..13edc62 100644
--- a/techniques/system/distributePolicy/1.0/propagatePromises.st
+++ b/techniques/system/distributePolicy/1.0/propagatePromises.st
@@ -45,6 +45,9 @@ bundle agent propagatePromises
     root_server::
       "rudder_tools_updated_exists" expression => fileexists("${g.rudder_tools_updated_origin}");

+    !root_server::
+      "disable_promises" expression => fileexists("/opt/rudder/etc/no_propagate_promises");
+
     any::
       "pass3" expression => "pass2";
       "pass2" expression => "pass1";
@@ -76,7 +79,7 @@ bundle agent propagatePromises
         comment      => "Enforce the ncf configuration file",
         classes      => classes_generic("configure_ncf_config");

-    (policy_server|role_rudder_relay_promises_only).!root_server::
+    (policy_server|role_rudder_relay_promises_only).!(root_server|disable_promises)::

       "${client_data}"  #that's a loop on each files in client_inputs
         copy_from    => remote("${server_info.cfserved}","${server_data}"),
@@ -84,6 +87,8 @@ bundle agent propagatePromises
         comment => "Fetching the promises to propagate",
         classes => if_else("promises_propagated", "could_not_propagate_promise");

+    (policy_server|role_rudder_relay_promises_only).!root_server::
+
       "${g.rudder_var}/shared-files/" 
         copy_from    => remote("${server_info.cfserved}","${g.rudder_var}/shared-files/${g.uuid}/shared-files"),
         depth_search => recurse_visible("inf"),
@@ -170,8 +175,12 @@ bundle agent propagatePromises
     # Success if files are updated or not changed (kept or repaired).
     # root server have only tools to be updated and others have tools,
     # promises, masterfiles folder to be updated.
-    pass3.(((root_server.propagate_tools_ok)|(!root_server.propagate_tools_ok.(promises_propagated|empty_promises_to_propagate).(shared_files_propagated|sharedfiles_not_existent).masterfiles_propagated.ncf_local_promises_propagated.ncf_common_promises_propagated.nodeslist_copied)).!(propagate_tools_error|promises_to_propagate_not_copied|sharedfiles_not_copied|could_not_propagate_masterfiles|could_not_propagate_ncf_local_promise|could_not_propagate_ncf_common_promise|could_not_copy_nodeslist))::
+    pass3.(((root_server.propagate_tools_ok)|(!root_server.propagate_tools_ok.(promises_propagated|empty_promises_to_propagate|disable_promises).(shared_files_propagated|sharedfiles_not_existent).masterfiles_propagated.ncf_local_promises_propagated.ncf_common_promises_propagated.nodeslist_copied)).!(propagate_tools_error|promises_to_propagate_not_copied|sharedfiles_not_copied|could_not_propagate_masterfiles|could_not_propagate_ncf_local_promise|could_not_propagate_ncf_common_promise|could_not_copy_nodeslist))::
       "any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Propagate promises", "None", "All files have been propagated");
+
+    pass3.disable_promises::
+      "any" usebundle => rudder_common_report("DistributePolicy", "log_info", "&TRACKINGKEY&", "Propagate promises", "None", "Node promises propagation disabled by flag file");
+
     pass3.promises_to_propagate_not_copied::
       "any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate policy");

Subtasks

User story #12106: Implement general parameters for policy server policy copy for nodesReleasedNicolas CHARLESActions
User story #12129: Adapt style of Relay synchronization method to match 4.2 styleReleasedVincent MEMBRÉActions
Bug #12148: On Settings page, in branch 4.2, current value for Synchronization method from Relay servers is not selectedReleasedVincent MEMBRÉActions
Bug #12150: Cannot save relay synch method form twiceReleasedFrançois ARMANDActions

Related issues

Related to Rudder - Bug #12142: Missing report for "Synchronize file" on a relay when shared-files folder is emptyNewNicolas CHARLESActions
#1

Updated by Janos Mattyasovszky over 2 years ago

  • Description updated (diff)
#2

Updated by Florian Heigl about 2 years ago

We just had a short discussion about this.
I'd recommend a setting instead of a switch, so that multiple transfer modes are supported.
As above there'd just be "default" or "nothing we know about", I'd like to be able to see it's "rsync".

Not really something we need in the UI though, since it's an uncommon case.

#3

Updated by Janos Mattyasovszky about 2 years ago

Hi

I am OK with a multi-state option, that defaults to "use cfengine" as long there is a state that "do nothing and report that I am not syncing it".

J

#4

Updated by Benoît PECCATTE about 2 years ago

  • Target version set to Ideas (not version specific)
#5

Updated by François ARMAND about 2 years ago

  • Target version changed from Ideas (not version specific) to 4.1.10
#6

Updated by Benoît PECCATTE about 2 years ago

  • Status changed from New to In progress
  • Assignee set to Benoît PECCATTE
#7

Updated by Benoît PECCATTE about 2 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Benoît PECCATTE to Alexis MOUSSET
  • Pull Request set to https://github.com/Normation/rudder-techniques/pull/1248
#8

Updated by Alexis MOUSSET about 2 years ago

  • Status changed from Pending technical review to In progress

I'm taking over this issue!

#9

Updated by Nicolas CHARLES about 2 years ago

  • Assignee changed from Alexis MOUSSET to Nicolas CHARLES

I'm taking over this issue!

#10

Updated by Nicolas CHARLES about 2 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Nicolas CHARLES to Alexis MOUSSET
  • Pull Request changed from https://github.com/Normation/rudder-techniques/pull/1248 to https://github.com/Normation/rudder-techniques/pull/1256
#11

Updated by Benoît PECCATTE about 2 years ago

  • Status changed from Pending technical review to Pending release
#12

Updated by Vincent MEMBRÉ almost 2 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 4.1.10 and 4.2.4 which were released today.

#13

Updated by François ARMAND over 1 year ago

  • Related to Bug #12142: Missing report for "Synchronize file" on a relay when shared-files folder is empty added

Also available in: Atom PDF