You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I spent some 60 minutes trying to understand how the crowdsec on my local OPNSense instance should work with a remote agent.
Specifically, I had everything working fine on the OPNSense instance itself and then followed up by adding a new, external agent, per the instructions. I then configured the agent with new credentials and everything was working fine — I could see two entries listed by cscli machines list, with two separate IP addresses and heartbeats.
However, this was only for a few seconds, until the local (the OPNSense's own) machine reconnected to the LAPI, at which point both machines started showing the same IP address.
It took me a while to understand that the local_api_credentials.yaml is used by the local crowdsec instance, only, while the machines are actually configured in the crowdsec.db database, and that by adding a new machine I am also replacing the one previously configured in local_api_credentials.yaml.
So, at this point, I believe the docs as is are misleading, as they suggest the instructions are for adding a new machine and have no mentioning of the configuration for local setup being altered, too. In fact, I would actually say that the cscli machines add default behavior is, in fact, misleading, since it also suggests I am merely adding a new machine, while I am inherently modifying the local setup to use those newly-generated credentials.
It is additionally confusing that the Machine register section does not mention that this approach does not modify local_api_credentials.yaml and seems to only suggest that it is merely an alternative approach to the aforementioned one.
This issue was somewhat reported before here and closed with #1149, however I believe this does not solve the problem and the actual solution should be:
and/or extending the documentation to explain the purpose of the local_api_credentials.yaml and the difference between it and what the crowdsec.db database contains, as well as the difference between adding a machine directly or using a registration process.
Why is this needed?
The default cscli machines behavior is misleading and the documentation absolutely does not help in understanding it.
The text was updated successfully, but these errors were encountered:
Check Releases to make sure your agent is on the latest version.
Details
I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.
@wrobelda: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.
/kind feature
/kind enhancement
/kind bug
/kind packaging
Details
I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.
/kind enhancement
What would you like to be added?
I spent some 60 minutes trying to understand how the crowdsec on my local OPNSense instance should work with a remote agent.
Specifically, I had everything working fine on the OPNSense instance itself and then followed up by adding a new, external agent, per the instructions. I then configured the agent with new credentials and everything was working fine — I could see two entries listed by
cscli machines list
, with two separate IP addresses and heartbeats.However, this was only for a few seconds, until the local (the OPNSense's own) machine reconnected to the LAPI, at which point both machines started showing the same IP address.
It took me a while to understand that the
local_api_credentials.yaml
is used by the local crowdsec instance, only, while the machines are actually configured in thecrowdsec.db
database, and that by adding a new machine I am also replacing the one previously configured inlocal_api_credentials.yaml
.So, at this point, I believe the docs as is are misleading, as they suggest the instructions are for adding a new machine and have no mentioning of the configuration for local setup being altered, too. In fact, I would actually say that the
cscli machines add
default behavior is, in fact, misleading, since it also suggests I am merely adding a new machine, while I am inherently modifying the local setup to use those newly-generated credentials.It is additionally confusing that the
Machine register
section does not mention that this approach does not modifylocal_api_credentials.yaml
and seems to only suggest that it is merely an alternative approach to the aforementioned one.This issue was somewhat reported before here and closed with #1149, however I believe this does not solve the problem and the actual solution should be:
local_api_credentials.yaml
and the difference between it and what thecrowdsec.db
database contains, as well as the difference between adding a machine directly or using a registration process.Why is this needed?
The default
cscli machines
behavior is misleading and the documentation absolutely does not help in understanding it.The text was updated successfully, but these errors were encountered: