Rudder addresses two main functions:
- Configuration management;
- Asset management;
The configuration management function relies on the asset management function. The purpose of the asset management function is to identify Nodes and some of their characteristics which can be useful to perform configuration management. The purpose of configuration management is to apply rules on Nodes. A rule can include the installation of a tool, the configuration of a service, the execution of a daemon, etc. To apply rules on Nodes, Rudder uses the information produced by the asset management function to identify these Nodes and evaluate some specific information about them.
Each Node is running a Rudder Agent, which is sending regularly an inventory to the Rudder Server.
Following the first inventory, Nodes are placed in a transit zone. You can then view the detail of their inventory, and accept the final Node in the Rudder database if desired. You may also reject the Node, if it is not a machine you would like to manage with Rudder.
An advanced search engine allows you to identify the required Nodes (by name, IP address, OS, versions, etc.)
You will have to create sets of Nodes, called groups. These groups are derived from search results, and can either be static or a dynamic :
- Static group
- Group of Nodes based on search criteria. The search is performed once and the resulting list of Nodes is stored. Once declared, the list of nodes will not change, except manual change.
- Dynamic group
- Group of Nodes based on search criteria. The search is replayed every time the group is queried. The list will always contain the nodes that match the criteria, even if the data nodes have changed since the group was created.
We adopted the following terms to describe the configurations in Rudder:
- Technique
- This is a configuration skeleton, adapted to a function or a particular service (e.g. DNS resolver configuration). This skeleton includes the configuration logic for this function or service, and can be set according to a list of variables (in the same example: IP addresses of DNS servers, the default search box, …)
- Directive
- This is an instance of a Technique, which allows to set values for the parameters of the latter. Each Directive can have a unique name. A Directive should be completed with a short and a long description, and a collection of parameters for the variables defined by the Technique.
- Rule
- It is the application of one or more directives to a group of nodes. It is the glue between both Asset Management and Configuration Management parts of the application.
- Applied Policy
- This is the result of the conversion of a Policy Instance into a set of CFEngine Promises for a particular Node.
As illustrated in this summary diagram, the rules are linking the functions of inventory management and configuration management.
