Agent actions token support #23452
Agent actions token support #23452
Conversation
botelastic
bot
added
needs_team
|
Pinging @elastic/ingest-management (Team:Ingest Management) |
botelastic
bot
removed
the
needs_team
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
💚 Flaky test reportTests succeeded. Expand to view the summary
Test stats 🧪
|
|
Pinging @elastic/agent (Team:Agent) |
| @@ -43,11 +44,16 @@ func AgentConfigFile() string { | |||
| return filepath.Join(paths.Config(), defaultAgentConfigFile) | |||
| } | |||
|
|
|||
| // AgentActionStoreFile is the file that will contains the action that can be replayed after restart. | |||
| // AgentActionStoreFile is the file that contains the action that can be replayed after restart. | |||
There was a problem hiding this comment.
Being that we already have an action_store.yml why not place the action token inside of this file? Why the need to seperate it into its own file?
There was a problem hiding this comment.
can change. was not sure what's the right/established pattern.
There was a problem hiding this comment.
is there any case where the action_store.yml could get completely overwritten, thus loosing the marker?
There was a problem hiding this comment.
i think that would be the correct place
It should only be overwritten on a re-enroll, which is what should happen in the token case. The code paths already handle that, so its the best place for it.
| } | ||
|
|
||
| type ackTokenSerializer struct { | ||
| AckToken string `yaml:"ack_token"` |
There was a problem hiding this comment.
Maybe worth to make the mutex directly part of this struct? Then you could use atsCached.Lock() which would make the code likely more readable.
| @@ -22,6 +22,7 @@ const checkingPath = "/api/fleet/agents/%s/checkin" | |||
| // CheckinRequest consists of multiple events reported to fleet ui. | |||
| type CheckinRequest struct { | |||
| Status string `json:"status"` | |||
| AckToken string `json:"ack_token"` | |||
There was a problem hiding this comment.
Should we omit if empty? otherwise we probably need to add the property to Kibana
|
Discussed with @blakerouse, going to consolidate the |
aleksmaus
force-pushed
the
feature/agent_actions
branch
from
4321259 to
b857a49
Compare
* Agent actions token support * Make check happy * Consolidate action store and the ack token store into state.yml store * Make state storage thread safe
What does this PR do?
Implements the actions token exchange.
This includes the stub for the agent actions that just logs the action received (DEBUG log level).
The actions will need need to be wired in further to properly pass them to the apps/beats and receive the result back. @blakerouse let me know if you are going to handle that or if I should dig further.
The flow of the action token exchange is the following.
Screenshot of the app/beat action logged from the stub:
@blakerouse let me know if there is a better place for that, since I'm just getting familiar with the agent code.
action_seq_noThis way the fleet server tracks the latest action received by the agent.
If the ack_token is not present in the check in payload the value that is stored with the agent record is used.
Why is it important?
This is needed to support the new Fleet Server agent actions handling on the agent side. Without this change the new action document in the .fleet-actions will cause the agent to go into a loop of check-ins and receiving the same action over and over, since there will be no indication that the agent action was received.
@blakerouse One question about the persisted ack_token on the agent side. We probably should remove the file every time the agent enrolls, since it creates the new agent record for the fleet. Thoughts?