Fixes #16623: Publish arch-doc for http reporting/relayd in the repo #2898
Conversation
|
|
||
| ### Current issues | ||
|
|
||
| Current implementation has several issues: |
There was a problem hiding this comment.
I would use "Implementation up to Rudder 5.0" here to be sure reader won't misunderstand what implementation (since "current" doesn't mean the same thing, always)
|
|
||
| There are two specific control logs, allowing to delimitate and contextualize a run: a start and end flag (resp. `StartRun` and `EndRun`). The application starts considering a run once the `EndRun` has arrived. | ||
|
|
||
| This model has several drawback: |
|
|
||
| ### From reports to reports+logs | ||
|
|
||
| #### Current situation |
There was a problem hiding this comment.
Same than on previous case, prefer to use "Rudder 5.0 situation"
|
|
||
| ##### Agent side | ||
|
|
||
| - Use `info` as the lowest verbosity level when starting the agent (in CLI ou by cf-execd), and filter it fir CLI output to match user-requested verbosity level |
|
|
||
| - Diffs will not be complete, especially for file diffs which are not currently supported by the agent | ||
|
|
||
| - This could be a future development for 6.1 once the infrastructure is in place |
|
|
||
| - Scala which is already used in the main application. The main issue is that we want relayd to be able to run on light hardware, sometimes embedded, with low resource consumption, contrary to the root server. | ||
|
|
||
| The main problem with Rust is that we want be able to push it to the agents due to the absence of AIX in [supported platforms](https://forge.rust-lang.org/platform-support.html). |
There was a problem hiding this comment.
this sentence should be either just after the first one ("we considered ... on Rust. Nonetheless, it's a compromise: we won't be able to use Rust on all agent blabla AIX. Other considered languages were: ....")
Or at the end ("even though rust was the less bad, it still has pb, etc)
|
|
||
| ## Security model | ||
|
|
||
| ### Current situation |
|
|
||
| All inventories contain the public key (on Unix) or certificate (on Windows), and they are signed using it (signature uses a detached file with a custom format). On the node has been accepted, new inventories need to be signed with the same key to be accepted by the server. We want to leverage this security model for reporting, but with a more standard signature format (now we have a consistent tool set on all nodes, after embedding curl and openssl when needed). | ||
|
|
||
| In 6.0, we will: |
|
|
||
| ## Other resources | ||
|
|
||
| - Talk at CfgMgmtCamp 2020: [slides](https://speakerdeck.com/rudder/designing-the-future-of-agent-server-communication-in-rudder), [video](https://www.youtube.com/watch?v=l-ztfw_OIow) |
There was a problem hiding this comment.
I would put that at the begining of document
|
PR updated with a new commit |
1 similar comment
|
PR updated with a new commit |
|
This PR is not mergeable to upper versions. |
|
OK, squash merging this PR |
amousset
force-pushed
the
arch_16623/publish_arch_doc_for_http_reporting_relayd_in_the_repo
branch
from
cc04757
to
a28287b
Compare
https://issues.rudder.io/issues/16623