Allow the Agent to retrieve configuration from the Fleet API.#15027
Merged
ph merged 31 commits intoelastic:fleetfrom Dec 18, 2019
ph:agent/action-handlers
Merged
Allow the Agent to retrieve configuration from the Fleet API.#15027ph merged 31 commits intoelastic:fleetfrom ph:agent/action-handlers
ph merged 31 commits intoelastic:fleetfrom
ph:agent/action-handlers
Conversation
ph
added
in progress
Contributor
|
Pinging @elastic/ingest (Project:fleet) |
ph
changed the title
houndci-bot
reviewed
Dec 16, 2019
houndci-bot
reviewed
Dec 16, 2019
This PR add a few things
- It takes the keystore encryption implementation and create an
io.Reader and io.Writer for it, we currently work with variable lenght
blocks and we are not compatible for now with the one in libbeat.
- It implements a few storage mechanism and wrapper:
- DiskStore: Save a io.reader directly to disk, the content is saved
in a temporary file and the target is replace in an atomic
operation.
- EncryptedDiskStore: Same as Keystore but use the encrypted io.Reader
and io.Writer.
- A fleet configuration is created in _meta/agent.fleet.yml, the content
of this file is packed in the binary. When a user enroll the agent,
we do a backup of the current agent.yml and the content is replaced
with the agent.fleet.yml
- The enrollment information is saved into a "fleet.yml"
- The managed mode now read the content of the fleet.yml and creates a
Kibana API client.
- A Separates Fleet Config struct is created.
- Enroll will now ask for confirmation before replacing the user
configuration.
implement the required gateway and the action handling to allow to start, restart or stops processes based on the received configuration. Ref: #14951
Add two kind of scheduler one which is a `Stepper` schedule were the unblock is manually triggered by an out of bound call and a `Periodic` schedule which is based on the time.Ticker.
Contributor
Author
|
@michalpristas you can do a review on this. |
ph
added
review
[zube]: In Review
and removed
[zube]: In Progress
in progress
ph
changed the title
michalpristas
approved these changes
Dec 18, 2019
Contributor
michalpristas
left a comment
michalpristas
left a comment
There was a problem hiding this comment.
LGTM small comments here and there but i think once you resolve formatting issues we're close to getting this in.
| } | ||
|
|
||
| // WaitTick returns a channel to watch for ticks. | ||
| func (s *Stepper) WaitTick() <-chan time.Time { |
Contributor
There was a problem hiding this comment.
i'm thinking about the name, as this does not actually wait
Contributor
Author
There was a problem hiding this comment.
@michalpristas what if we use Tick() instead?
| "net/http" | ||
| "net/url" | ||
|
|
||
| "time" |
Contributor
There was a problem hiding this comment.
i think format will complain
Contributor
Author
There was a problem hiding this comment.
looks fine, I've ran make fmt and nothing was raised.
| log *logger.Logger | ||
| Config FleetAgentConfig | ||
| api apiClient | ||
| agentID string |
Contributor
There was a problem hiding this comment.
this will be conflicting with my PR but let's push this one first. my will be easier to solve conflicts in
| Dispatch(...action) error | ||
| } | ||
|
|
||
| type fleetGateway struct { |
Contributor
There was a problem hiding this comment.
can you add a comment with the purpose of this? so it's easier to find when i forget it in a future :D
| return nil, err | ||
| } | ||
|
|
||
| actionDispatcher.MustRegister( |
Contributor
There was a problem hiding this comment.
this is ok, i'm thinking also about having
&handlerPolicyChange{...}.Register(actionDispatcher)so handler register itself and it know which action it registers for. let's keep it like you have it for now, this is really minor thing which can be addressed sometimes in a future or not at all
| func (f *fleetGateway) execute() (*fleetapi.CheckinResponse, error) { | ||
| cmd := fleetapi.NewCheckinCmd(f.agentID, f.client) | ||
|
|
||
| req := &fleetapi.CheckinRequest{} |
Contributor
There was a problem hiding this comment.
can you add TODO to provide events?
| continue | ||
| } | ||
|
|
||
| actions := make([]action, len(resp.Actions)) |
Contributor
There was a problem hiding this comment.
why do you need to repack this?
Contributor
Author
There was a problem hiding this comment.
Because the actionDispatcher doesn't have hard dependencies on fleetapi.Action
Contributor
Author
|
@michalpristas updated with all the changes. |
Contributor
Author
|
@michalpristas I have addressed all the above, merging this to unblock agent uuid. |
leweafan
pushed a commit
to leweafan/beats
that referenced
this pull request
Apr 28, 2023
…c#15027) * Feature: Allow to persist AccessToken and other connection data on disk This PR add a few things - It takes the keystore encryption implementation and create an io.Reader and io.Writer for it, we currently work with variable lenght blocks and we are not compatible for now with the one in libbeat. - It implements a few storage mechanism and wrapper: - DiskStore: Save a io.reader directly to disk, the content is saved in a temporary file and the target is replace in an atomic operation. - EncryptedDiskStore: Same as Keystore but use the encrypted io.Reader and io.Writer. - A fleet configuration is created in _meta/agent.fleet.yml, the content of this file is packed in the binary. When a user enroll the agent, we do a backup of the current agent.yml and the content is replaced with the agent.fleet.yml - The enrollment information is saved into a "fleet.yml" - The managed mode now read the content of the fleet.yml and creates a Kibana API client. - A Separates Fleet Config struct is created. - Enroll will now ask for confirmation before replacing the user configuration. * allow to use the obfuscated store. * Allow the Agent to retrieve configuration from the Fleet API. implement the required gateway and the action handling to allow to start, restart or stops processes based on the received configuration. Ref: elastic#14951
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Correctly Fetch a configuration from the Fleet API and send everything to the operator.
This PR doesn't include errors reportings.
Ref: #14951
depends on: #15089
How to test?