by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Matthew Frost
    @mattronix
    E-Mail Alerting based on compliance by group or rule (Department Reports for companies with multiple operations teams and a central SEcurity Team)
    Adding Rules to Nodes without a Group
    Rudder Chatbot
    @rudderbot
    itacos Hi, a way to undo or invert a directive (when it's possible), without having to create a directive which undo the first one
    itacos for temporary actions
    itacos Multi tenancy
    necarnot
    @necarnot
    Hi, How can I create a group to segregate LXC containers?
    I tried to use the search features, but I find no relevant fields in the dropdowns.
    Alexis Mousset
    @amousset
    I'm not sure this information is part of the inventory. As a workaround you can use inventory extension to add it.
    necarnot
    @necarnot
    @amousset OK, I'm looking at it. Thx.
    Alexis Mousset
    @amousset
    We have exemples in our repos, and we welcome contributions to this repo.
    Vincent Membré
    @VinceMacBuche
    Thanks @mattronix and itacos! I'll add them to our pre-roadmap to discuss about it!

    Adding Rules to Nodes without a Group

    I think that's already possible using the Rest API, We have the backend and the target to do that, but we don't display it ( may need some little work to do this)

    About the technique builder, you would like to see a more visual representation of the technique ? so you better understand the flow of the technique ?
    About authentication, that could be added to auth-backends, I think
    Vincent Membré
    @VinceMacBuche
    We already have a 'notify' plugin https://github.com/Normation/rudder-plugins/tree/master/notify that allows to send a mail when there is a 'non compliance' I don't remember how much it can be configured, but it may fullfills your need, nevertheless I think it would be an interesting addition
    Vincent Membré
    @VinceMacBuche

    itacos Hi, a way to undo or invert a directive (when it's possible), without having to create a directive which undo the first one

    Interesting, quite afraid of the quantity of work though !! I think we could also provide a way to restore old files (the agent keeps an hsitory of modified ine /var/rudder/modified-files)

    Rudder Chatbot
    @rudderbot
    itacos yes it can be done from modified-files if we are sure that the old file was a backup of a specific directive action
    Matthew Frost
    @mattronix
    itacos Hi, a way to undo or invert a directive (when it's possible), without having to create a directive which undo the first one (This is something we miss too!) :)
    Rudder Chatbot
    @rudderbot
    itacos @VinceMacBuche : A little button "Copy as curl" on the search page to copy the search criteria as a curl request
    itacos in order to use with the API
    itacos and/or "copy as payload" to use it in python or curl too
    itacos when you deal with json properties and jsonpath escaping all the specials characters is a nightmare for me
    Rudder Chatbot
    @rudderbot
    itacos Statistics on node registration how many new/deleted nodes on a time period
    itacos Server metrics for monitoring and metrology
    Alexis Mousset
    @amousset
    About server metrics, which format/protocol/etc would you prefer?
    Rudder Chatbot
    @rudderbot
    itacos json or influxdb line protocol over http
    itacos http/https
    itacos i will ask that point
    Alexis Mousset
    @amousset
    Would a prometheus endpoint work too?
    Francois Armand
    @fanf
    Statistics on node registration how many new/deleted nodes on a time period <- this is registered in 6.1 and a plugin will expose stats/graph
    Rudder Chatbot
    @rudderbot
    itacos cool :)
    itacos No prometheus here at the moment
    Romain Brucker
    @romainrbr

    Hi guys, we have a db growing and growing (even though we are vacuuming from time to time), any idea if thats normal ?
    here are our current tablesizes

     public             | ruddersysevents                          | 45 GB      | 48836206592
     repack             | log_16388                                | 12 GB      | 12549922816
     public             | composite_node_execution_idx             | 11 GB      | 11571240960
     public             | ruleid_idx                               | 9264 MB    |  9713623040
     public             | keyvalue_idx                             | 7334 MB    |  7690051584

    We currently have around ~500 nodes,
    with the current cleaner conf :

    rudder.batch.reportscleaner.archive.TTL=3
    rudder.batch.reportscleaner.delete.TTL=10
    rudder.batch.reportscleaner.compliancelevels.delete.TTL=3
    rudder.batch.reportscleaner.frequency=daily
    Rudder Chatbot
    @rudderbot
    darkfaded rudderbot: @Vince my main gripe over the last year is that I need to maintain Rudder and Ansible to cover Alpine/FreeBSD and that I know too much to think that porting the policies will be fun.
    darkfaded rudderbot: @Vince but I think that's more a 7.x topic and I recently had a little revelation about how to reduce the effort for cleaning up the existing techs
    darkfaded rudderbot: @Vince otherwise the 6.x experience has been pretty smooth
    darkfaded rudderbot: @Vince i'd prefer if the turnover from bug report to fix improves till the median is 1 month, from the current wait 3 years after triage and then there's a special day coming. that the fix is finished within less than a day
    Jyoti D
    @jyotid1815_gitlab
    Hello, how will I compare changes done on node machines with its previous state?
    Nicolas Charles
    @ncharles
    @romainrbr rule of thumb for ruddersysevents is between 500 and 900kb/node/day/directive. If you have around 40-50 directives, it's kind of expected, but it ought to be stable over time
    Note that vacuum doesn't reclaim space, but prevent it from growing more - it flags removed row as usable space.
    But if you find that your disk space is growing, even though you don't add nodes or directives, the automated maintenance every night might be failing
    there are logs regarding the maintenance in /var/log/rudder/core - and this maintenance (cleaning, vacuuming) need unfortunately some extra space on disk
    tim-oak
    @tim-oak
    hi all,
    not sure if it has mentioned anyone already,
    but "all of a sudden" ;-/ (probably since last upgrade to 6.0.6)
    lines in the "technique editor" get wrapped, when not in editing mode ...
    that looks quite wrong ;-)
    Alexis Mousset
    @amousset
    Hi @tim-oak, which lines?
    tim-oak
    @tim-oak
    Well for instance in a file promise the line from the destination path.
    when I click the pen to edit the line all is nice and "normal", when I click again to "close" the editing the line get's wrapped ...
    looks funny, can I send you a small screenshot?
    tim-oak
    @tim-oak
    well send it to your normation.com address
    Matthew Frost
    @mattronix
    command_execution_apt_get_update_repaired||command_execution_apt_get_update_kept||command_execution_once_rpm__Uvh_https___repo_zabbix_com_zabbix_4_0_rhel_6_x86_64_zabbix_release_4_0_2_el6_noarch_rpm_repaired||command_execution_once_rpm__Uvh_https___repo_zabbix_com_zabbix_4_0_rhel_6_x86_64_zabbix_release_4_0_2_el6_noarch_rpm_kept||command_execution_once_rpm__Uvh_https___repo_zabbix_com_zabbix_4_2_rhel_7_x86_64_zabbix_release_4_2_2_el7_noarch_rpm_repaired||command_execution_once_rpm__Uvh_https___repo_zabbix_com_zabbix_4_2_rhel_7_x86_64_zabbix_release_4_2_2_el7_noarch_rpm_kept|command_execution_once_rpm__Uvh_https___repo_zabbix_com_zabbix_4_2_rhel_7_x86_64_zabbix_release_4_2_2_el7_noarch_rpm_kept|command_execution_once_rpm__Uvh_https___repo_zabbix_com_zabbix_4_2_rhel_7_x86_64_zabbix_release_4_2_2_el7_noarch_rpm_repaired
    is there a nicer way to write that?
    Alexis Mousset
    @amousset
    @tim-oak seems it was fixed yesterday https://issues.rudder.io/issues/17392
    Nicolas Charles
    @ncharles
    @mattronix if you need _kept and _repaired, you can replace it with _ok. So it could be: command_execution_apt_get_update_ok|command_execution_once_rpm__Uvh_https___repo_zabbix_com_zabbix_4_0_rhel_6_x86_64_zabbix_release_4_0_2_el6_noarch_rpm_ok
    but it seems to me you are trying to install packages using command, rather than packages methods. Is there any reason for that?