User story #12191
Expend Audit mode settings
Context: safely doing changes, safely doing changes to things that weren't yet in place, ...
Currently there are two options, on directive and node and global level, for audit mode:
There are a lot of limitations with those if you want to use Rudder for day-to-day changes in addition to compliance.
There are complex, very capable solutions to this which will be needed in the long run, but take a long time to build.
My suggestion is to bridge that time
We could have one more modes on directive level.:
Compliance if Audit Success
We could have two more modes on - I think - global level:
Compliance if newly accepted node
Audit if newly accepted node
Since there are two types of "new nodes" - one that is just getting its base install and by all means should be configured right away, and one where an existing, production system is added to Rudder and should only report.
As-is there are many risks still involved. (We install up 100 new systems per day, and the amount of systems is not determined by us, nor is the rate...)
#1 Updated by François ARMAND 10 months ago
I'm not sure I get everything for your needs, so let me ask more questions:
- 1/ Compliance (enforce?) if Audit Success
I think that here, you want to be able to switch for a node from Audit to Enforce if Audit is OK. But I miss the big picture: do you that switch to be for ever? At node or at directive level?
My guess is that you want a kind of hysteresis (or latch, since there is no switch back), where a directive is on audit mode on a given node until that directive is fully 100% OK, and from that time, it switch to Enforce. The idea would be that if the node was correctly configured, it should remain OK automatically, but we don't want autocorrection before being sure everything is ok on the node (and perhaps even checking / correcting by hand for that part).
Could you tell us more that 1/ point?
- 2/ We could have two more modes on - I think - global level: Compliance if newly accepted node ; Audit if newly accepted node
I totally agree with your 2 kind of nodes: new nodes newly provisionned that should just get stuff installed on them, and new node that are really just node newly managed in Rudder, but are actually use for services and "work" and should be modified with care.
In 4.3, we added the possibility to decide of the compliance mode newly accepted node get (enforce or audit). So you will be able to decide globally what is the default. But we don't have condition to choose one or the other (so you won't be able to tell "if that node has that property, then audit mode, else enforce").
In 4.3, we also added node lifecycle state [Set-up, default, prepare EOL, + 2 specials "disable states": node get only system policies, and no new policies are generated for that node and the node is ignore in compliance calculus. You can create group base on node state, and you can choose on which state a node is accepted. So, not exactly what you want, but on the same functionnal domain.