Fixes #7050: Add a rudder server disable command #21
Conversation
|
I'm pretty sure that stopping the agent during disable should be the default, I (at least) would expect if I "disable the agent" that it it turned off completely afterwards :) (POLA and all) Maybe you should reverse the logic and change the switch to "do not turn the agent off" ? |
|
If so it should not be named disable but stop |
|
I don't think that these 2 different services should be mixed together. I see plenty of valid reasons to want to stop just the policy distribution (ie, "server stop" or maybe "server policy stop" since we have several servers in effet), such as "I want to continue enforcing current configs but not roll out any changes right now". In such a case, it would be desirable to have rudder-agent continue to run (just not get any policy updates). The process to be managed is actually cf-serverd, not just rudder-agent. The init script for rudder-agent runs both cf-serverd and cf-execd (which in turn runs rudder-agent). So, IMHO, POLA would indicate that this command only stop cf-serverd, not cf-execd or rudder-agent. |
|
But if we only stop cf-served rudder agent will rerun it as soon as it runs. |
|
We could use a flag file on the FS that our policy checks before restarting cf-serverd? A bit like disable-rudder-agent, but disable-rudder-policy-server or similar? |
|
couldn't we just merge the command and add an option later to only stop the server ? |
| echo "Agent not stopped !" 1>&2 | ||
| fi | ||
| else | ||
| echo "rudder-agent has been enabled but not started, wait for next cron run" |
There was a problem hiding this comment.
s/enabled/disabled/ + s/started/stopped/ + remove the bit about a cron run
There was a problem hiding this comment.
I propose to add "run rudder agent disable -s to stop the agent" too
|
I'm fine with the "rudder agent disable" command as is (minus the backwards warning message I commented on above), but I'm really not comfortable having a "rudder server disable" that only disables one small part of the server, and even then, as Matthieu says, won't ever actually stop it by default. |
|
Disabling only the promise distribution is a real use case we met. We want the server to continue running, but we don't trust what's in tit to be used by the agents. May be we can add a mandatory parameter --cfengine which we'll expand later with others like --webapp, --apache ... and a --all |
|
That sounds better. Not "--cfengine" though, how about "--policy-server"? |
peckpeck
force-pushed
the
ust_7050/add_a_rudder_server_disable_command
branch
from
63c9e46
to
e308f37
Compare
|
PR updated |
|
We agreed on naming the command "rudder server disable-policy-distribution" and adding a "flag file" /opt/rudder/etc/disable-policy-distribution so that the agent doesn't start cf-serverd again. |
|
Replaced by #62 |
https://www.rudder-project.org/redmine/issues/7050