Red Hat Bugzilla – Bug 1070242
Tracker: Provide enterprise version and support of remote agent install feature from RHQ
Last modified: 2015-05-28 10:09:40 EDT
Provide capability to perform remote agent install on a platform though SSH connection.
Since I originally completed this RHQ feature, I can re-test it and make sure its ready for includsion in the product.
git commit to master: 9f398847849dd5b9f7f94f66719bd95663caa096
remote installation of agent is now possible from Admin>RemoteAgentInstall. You provide hostname, ssh port, and user credentials and via jsch you can install, start and stop agent as well as get the status of an installed agent (is it running?) and even try to find where an agent might be installed.
There are additional features that have been requested, so I can't close this as MODIFIED yet. The following is the original requirements:
It is expected that the remote agent operation would request credentials or use a system wide default set of credentials set by an administrator and obfuscated from all users. The credentials would be used to access the remote target system.
The user would also be prompted for the target host and optionally an alternate port number if not using the default SSH port.
The user should be asked for the destination path for where the agent is to be installed and whether an existing agent installation should be deleted if it already exists. Additionally, an optional agent-configuration.xml file or URL may be specified to provide custom configuration. Otherwise, a generated agent-configuration.xml should be used that specifies the minimum defaults along with the target JON server configuration.
The commands and payload should be secured to ensure this capability can not be used to push out other things to the agent such as a trojan.
When the process is done, the agent is started and the server should report whether the process was successful and that the agent's platform has been discovered and is available in the discovery queue.
The remote operation should also provide a function that wipes the agent installation after shutting down the relevant agent and then de-registering it and removing its platform from inventory.
These are things we still need:
1) A system wide set of credentials. We'd put these in System Settings, and obfuscate the password. This would mean the user/pass credentials have to be the same across all machines where the agents are to be installed (so, for example, someone would need to create a "rhq" user that has SSH access to all machines).
As a supplement, we could look to see if we can provide a way to support key authentication rather than providing password credentials. But I don't see that as a hard requirement here as written. It would be a "nice to have".
2) The user should be asked ,.. whether an existing agent installation should be deleted if it already exists. Right now we disallowe the install to continue if an agent exists.
3) Additionally, an optional agent-configuration.xml file or URL may be specified to provide custom configuration. We do not provide a way to override the config.xml.
It would also be nice to be able to specify custom RHQ_AGENT_ADDITIONAL_JAVA_OPTS values that we could then store in rhq-agent-env.sh so the agent will use those at startup. But this is not required and thus is a "nice to have."
4) The remote operation should also provide a function that wipes the agent installation after shutting down the relevant agent and then de-registering it and removing its platform from inventory. This would require a new button "uninstall" to be provided that does this.
Some UI ideas from UXD folks:
* All of this functionality should move to the "Agents" area of the Admin tab, instead of adding a new section to that tab.
* New should be added as an action to the bottom of the table that allows you to add a new agent to a host
* Start/Stop functionality should hang off of the table as well, enabling you to start and stop any agent in the list. Potentially we should add a status column to this list to show wether the agent is running or stopped, or we could re-use the 'Last availability report" to show it is stopped.
* New should bring you to a modal where you enter the form.
* Validation of the install shows in this modal as well, and the user can return to the table to see their new agent at any time as well.
I will attach the mock ups.
Created attachment 880754 [details]
screen mock-up #1
Created attachment 880755 [details]
screen mock-up #2
Created attachment 880756 [details]
screen mock-up #3
this has been git committed to master: 38b17119771a5788b0d0fa389770228cdefafbd8
blog with demo: http://management-platform.blogspot.com/2014/04/completed-remote-agent-install.html
Heiko Rupp <firstname.lastname@example.org> updated the status of jira JON3-30 to Resolved
Moving to ON_QA as available to test with brew build of DR01: https://brewweb.devel.redhat.com//buildinfo?buildID=373993
mfoley user <email@example.com> updated the status of jira JON3-30 to Reopened
Moving into ER05 as didn't make the ER04 cut.
Moving to VERIFIED, dev work complete and verified (in ER05 or earlier), 2 blocking BZs are doc only.
John Mazzitelli <firstname.lastname@example.org> updated the status of jira JON3-30 to Resolved