Project

General

Profile

« Previous | Next » 

Revision db1ad675

Added by Benoît PECCATTE about 6 years ago

Fixes #11631: Implement disable-flag for policy server policy copy for nodes

View differences:

techniques/system/distributePolicy/1.0/metadata.xml
<NAME>SUB_NODES_ID</NAME>
<NAME>SUB_NODES_KEYHASH</NAME>
<NAME>SUB_NODES_SERVER</NAME>
<NAME>RELAY_SYNC_METHOD</NAME>
<NAME>RELAY_SYNC_PROMISES</NAME>
<NAME>RELAY_SYNC_SHAREDFILES</NAME>
</SYSTEMVARS>
<SECTIONS>
<!-- The following sections are for reporting only -->
<SECTION name="Propagate promises" component="true"/>
<SECTION name="Synchronize policies" component="true"/>
<SECTION name="Synchronize files" component="true"/>
<SECTION name="Synchronize resources" component="true"/>
<SECTION name="Send inventories to Rudder server" component="true"/>
<SECTION name="Configure ncf" component="true"/>
</SECTIONS>
techniques/system/distributePolicy/1.0/propagatePromises.st
root_server::
"rudder_tools_updated_exists" expression => fileexists("${g.rudder_tools_updated_origin}");
!root_server::
# configure the Relay synchronization method
"sync_method_disabled" expression => strcmp("&RELAY_SYNC_METHOD&", "disable");
"sync_method_rsync" expression => strcmp("&RELAY_SYNC_METHOD&", "rsync");
"sync_promises" expression => strcmp("&RELAY_SYNC_PROMISES&", "true");
"sync_sharedfiles" expression => strcmp("&RELAY_SYNC_SHAREDFILES&", "true");
"disable_classic_promises" expression => "sync_method_rsync|sync_method_disabled";
"disable_classic_sharedfiles" expression => "sync_method_rsync|sync_method_disabled";
"rsync_promises" expression => "sync_promises.sync_method_rsync";
"rsync_sharedfiles" expression => "sync_sharedfiles.sync_method_rsync";
any::
"pass3" expression => "pass2";
"pass2" expression => "pass1";
"pass1" expression => "any";
# Detect if relay-server protocols works ok (update is ok), but nothing to update (no node behind the relay)
# Class definition for no propagate promises transfer, but correct promises transfer -> folder for promises for relay is empty on the server, or folder inexistent
pass3::
"update_successful" expression => "root_server|((rudder_ncf_hash_update_ok|(rudder_ncf_hash_update_repaired.rudder_ncf_common_updated_ok.rudder_ncf_local_updated_ok)).(rudder_promises_generated_tmp_file_kept|(rudder_promises_generated_tmp_file_repaired.config_ok)).!(rudder_promises_generated_tmp_file_error|rudder_tools_updated_error|rudder_tools_update_error|rudder_ncf_common_update_error|rudder_ncf_local_update_error|no_update|rudder_ncf_hash_update_error))";
"empty_promises_to_propagate" expression => "update_successful.!promises_propagated";
"promises_to_propagate_not_copied" expression => "!update_successful.!promises_propagated";
"sharedfiles_not_existent" expression => "update_successful.!shared_files_propagated"; # If shared-files doesn't exist, error class is defined, if it is empty, no class is defined
"sharedfiles_not_copied" expression => "!update_successful.could_not_propagate_shared_files";
......
comment => "Enforce the ncf configuration file",
classes => classes_generic("configure_ncf_config");
(policy_server|role_rudder_relay_promises_only).!root_server::
(policy_server|role_rudder_relay_promises_only).!root_server.!disable_classic_promises::
"${client_data}" #that's a loop on each files in client_inputs
copy_from => remote("${server_info.cfserved}","${server_data}"),
depth_search => recurse_visible("inf"),
comment => "Fetching the promises to propagate",
classes => if_else("promises_propagated", "could_not_propagate_promise");
classes => if_else("promises_propagated", "could_not_propagate_promises");
(policy_server|role_rudder_relay_promises_only).!root_server.!disable_classic_sharedfiles::
"&SHARED_FILES_FOLDER&"
copy_from => remote("${server_info.cfserved}","&SHARED_FILES_FOLDER&"),
depth_search => recurse_visible("inf"),
comment => "Fetching the files shared for the promises execution",
classes => if_else("files_propagated", "could_not_propagate_files");
(policy_server|role_rudder_relay_promises_only).!root_server::
"${g.rudder_var}/shared-files/"
copy_from => remote("${server_info.cfserved}","${g.rudder_var}/shared-files/${g.uuid}/shared-files"),
depth_search => recurse_visible("inf"),
......
comment => "Fetching the ncf common to propagate",
classes => if_else("ncf_common_promises_propagated", "could_not_propagate_ncf_common_promise");
"&SHARED_FILES_FOLDER&"
copy_from => remote("${server_info.cfserved}","&SHARED_FILES_FOLDER&"),
depth_search => recurse_visible("inf"),
comment => "Fetching the files shared for the promises execution",
classes => if_else("files_propagated", "could_not_propagate_files");
"${g.rudder_tools}"
copy_from => remote_unsecured("${server_info.cfserved}","${g.rudder_tools}"),
......
!root_server::
"any" usebundle => rudder_common_report("DistributePolicy", "result_na", "&TRACKINGKEY&", "Configure ncf", "None", "Configuration of configuration library is not necessary on non root servers");
# Success if files are updated or not changed (kept or repaired).
# root server have only tools to be updated and others have tools,
# promises, masterfiles folder to be updated.
pass3.(((root_server.propagate_tools_ok)|(!root_server.propagate_tools_ok.(promises_propagated|empty_promises_to_propagate).(shared_files_propagated|sharedfiles_not_existent).masterfiles_propagated.ncf_local_promises_propagated.ncf_common_promises_propagated.nodeslist_copied)).!(propagate_tools_error|promises_to_propagate_not_copied|sharedfiles_not_copied|could_not_propagate_masterfiles|could_not_propagate_ncf_local_promise|could_not_propagate_ncf_common_promise|could_not_copy_nodeslist))::
"any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Propagate promises", "None", "All files have been propagated");
pass3.promises_to_propagate_not_copied::
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate policy");
# Success if resources are updated or not changed (kept or repaired).
# root server have only tools and nodelist to be updated
# relays have tools, ncf, masterfiles nodelist and shared_files folder to be updated.
pass3.root_server.propagate_tools_ok.nodeslist_copied.!(propagate_tools_error|could_not_copy_nodeslist)::
"any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Synchronize resources", "None", "All resources have been updated");
pass3.!root_server.propagate_tools_ok.(shared_files_propagated|sharedfiles_not_existent).masterfiles_propagated.ncf_local_promises_propagated.ncf_common_promises_propagated.nodeslist_copied).!(propagate_tools_error|sharedfiles_not_copied|could_not_propagate_masterfiles|could_not_propagate_ncf_local_promise|could_not_propagate_ncf_common_promise|could_not_copy_nodeslist))::
"any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Synchronize resources", "None", "All resources have been synchronized");
pass3.sharedfiles_not_copied::
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate shared files");
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Synchronize resources", "None", "Cannot synchronize shared files");
pass3.root_server::
"any" usebundle => rudder_common_report("DistributePolicy", "result_na", "&TRACKINGKEY&", "Synchronize policies", "None", "Rudder server does not need to synchronize its policies");
pass3.(sync_method_disabled|(!sync_promises.sync_method_rsync))::
"any" usebundle => rudder_common_report("DistributePolicy", "result_na", "&TRACKINGKEY&", "Synchronize policies", "None", "Policies need to be synchronized by an external system");
pass3.could_not_propagate_promises.((!sync_method_rsync.!update_successful)|sync_method_rsync)::
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Synchronize policies", "None", "Cannot synchronize policies");
pass3.promises_propagated.sync_method_rsync::
"any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Synchronize policies", "None", "Policies synchronized using rsync");
pass3.(promises_propagated|(could_not_propagate_promises.update_successful)).!sync_method_rsync::
"any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Synchronize policies", "None", "Policies synchronized using classic method");
pass3.root_server::
"any" usebundle => rudder_common_report("DistributePolicy", "result_na", "&TRACKINGKEY&", "Synchronize files", "None", "Rudder server does not need to synchronize its shared files");
pass3.(sync_method_disabled|(!sync_sharedfiles.sync_method_rsync))::
"any" usebundle => rudder_common_report("DistributePolicy", "result_na", "&TRACKINGKEY&", "Synchronize files", "None", "Shared files need to be synchronized by an external system");
pass3.could_not_propagate_files::
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate shared files");
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Synchronize files", "None", "Cannot propagate shared files");
pass3.files_propagated.sync_method_rsync::
"any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Synchronize files", "None", "Shared files synchronized using rsync");
pass3.(files_propagated|(could_not_propagate_files.update_successful)).!sync_method_rsync::
"any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Synchronize files", "None", "Shared files synchronized using classic method");
pass3.propagate_tools_error::
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate tools");
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Synchronize resources", "None", "Cannot propagate tools");
pass3.could_not_propagate_ncf_local_promise::
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate local configuration library");
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Synchronize resources", "None", "Cannot propagate local configuration library");
pass3.could_not_propagate_ncf_common_promise::
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate common configuration library");
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Synchronize resources", "None", "Cannot propagate common configuration library");
pass3.could_not_propagate_masterfiles::
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate masterfiles");
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Synchronize resources", "None", "Cannot propagate masterfiles");
pass3.could_not_copy_license::
"any" usebundle => rudder_common_report("DistributePolicy", "log_warn", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot copy local license");
"any" usebundle => rudder_common_report("DistributePolicy", "log_warn", "&TRACKINGKEY&", "Synchronize resources", "None", "Cannot copy local license");
pass3.could_not_copy_nodeslist::
"any" usebundle => rudder_common_report("DistributePolicy", "log_warn", "&TRACKINGKEY&", "Propagate nodeslist", "None", "Cannot copy local nodes list");
"any" usebundle => rudder_common_report("DistributePolicy", "log_warn", "&TRACKINGKEY&", "Synchronize resources", "None", "Cannot copy local nodes list");
commands:
policy_server.!root_server.rsync_promises::
"/usr/bin/rsync --archive --checksum --compress --sparse --delete ${server_info.cfserved}:${server_data}/ ${client_data}"
classes => if_else("promises_propagated", "could_not_propagate_promises");
policy_server.!root_server.rsync_sharedfiles::
"/usr/bin/rsync --archive --checksum --compress --sparse --delete ${server_info.cfserved}:&SHARED_FILES_FOLDER&/ &SHARED_FILES_FOLDER&/"
classes => if_else("files_propagated", "could_not_propagate_files");
}

Also available in: Unified diff