JBoss Community Archive (Read Only)


Ideas on remotely installing agents over SSH

These are notes on how to implement remotely installing agents over SSH. See https://bugzilla.redhat.com/show_bug.cgi?id=1070242 for the BZ.

Right now we can push agents remotely over SSH - we use jsch to push the agent distro to the remote box, and run the agent installer. There are still things missing though.

For one, we need to put the "New", "Start", and "Stop" buttons on the agent table, not a separate Remote Agent Install page.

Install Directory Needed to Start and Stop

The "Start" and "Stop" will start and stop the agents selected. The problem with this is that the server doesn't know where agents are installed.

I think we need to add the feature to pass up the install directory as part of the registration request of the agent. The agent's row in RHQ_AGENT should have a new column "install_dir" that gets filled in if the agent supplies it. From here, the UI's start and stop commands will then be able to connect to the remote agent box and use that install dir to find the bin/rhq-agent-wrapper.sh script to stop/start it.

This will assume the SSH IP endpoint is the same ip/hostname associated with the agent (RHQ_AGENT's host column).

Having the install dir here will also allow us to uninstall the agent if the user wants that to happen (there is already a DELETE button, we could ask the user if they want to uninstall it as well since we now will know where that agent is installed).

Password credentials or key?

Right now we only support username/password credentials to connect over SSH. It would be nice to be able to supply key certificates to connect. The problem there is where do we store the keys and how do we tell the server which agent wants to authorize which key. Still need to think this through.

How to link an agent with its install data

I suspect there will be a need to link a new agent with additional data. Perhaps instead of adding columns to RHQ_AGENT, we create a new table RHQ_AGENT_INSTALL with columns like "install dir" and perhaps "certificate" and "agent name". But how to seed this table with an agent when the agent isn't registered yet?

Here's the workflow that illustrates the problem and possible solution:

1) User enters hostname, SSH port, SSH credentials, install directory
2) User clicks "install agent"
3) At this point, we have the install data but no agent is registered and we don't know its agent name. We can seed RHQ_AGENT_INSTALL with data we know (hostname, ssh port, install dir, etc) and link it with some hash code X.
4) The server then pushes the agent, runs the installer, and starts the agent with some special one-time sysprop with the hash code X - say, it passes in "-Drhq.install-id=X" where X is the unique code the server linked this agent's install information in the RHQ_AGENT_INSTALL table. Don't start the propery name with "rhq.agent" because I believe this will make the agent store that sysprop in its java preferences backing store and we don't want that - this is just a one time thing that we don't want or need persisted. Just needed that first time the agent is run.
5) The agent sends up a registraton request and with it it includes the install ID (if it was given one).
6) If the agent registration request received by the server includes an install ID, it will use that ID to find the row in RHQ_AGENT_INSTALL and fill it in with the rest (it will now have the agent name, so it can fill that in - at this point, RHQ_AGENT_INSTALL is now linked with RHQ_AGENT so we have that information too).

JBoss.org Content Archive (Read Only), exported from JBoss Community Documentation Editor at 2020-03-11 12:49:35 UTC, last content change 2014-04-01 18:48:22 UTC.