Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create a sysctl host collector #1674

Closed
JGAntunes opened this issue Nov 5, 2024 · 1 comment
Closed

Create a sysctl host collector #1674

JGAntunes opened this issue Nov 5, 2024 · 1 comment
Labels
echoes/effort: M Medium effort changes by the team's standards (default) type::feature New feature or request

Comments

@JGAntunes
Copy link
Member

Describe the rationale for the suggested feature.

The current sysctl collector present in troubleshoot is a in cluster collector:

In our view a sysctl collector for the host, before a cluster is actually running is pretty valuable. Particularly for a lot of the work currently being done in embedded cluster - (e.g. replicatedhq/embedded-cluster#1449 as well as ongoing work for arp filter detection).

Describe the feature

I would suggest we do a minimal collector for now that just executes sysctl -a. Later on we could look into adding support for more parameters if needed but tbh I don't see the need to add support for things such as --filter for now given how cheap it is to just get the whole thing and later use an analyzer on top of it.

The spec I purpose would then become:

apiVersion: troubleshoot.sh/v1beta2
kind: HostPreflight
metadata:
  name: my-host-prefilight
spec:
  collectors:
    - sysctl: {}

Describe alternatives you've considered

We can currently achieve the same thing with a run collector. I would argue though that having a sysctl specific collector would be beneficial and reduce a lot of boilerplate and need for complex tests. Taking embedded cluster as an example this is the current spec I wrote to get a set of arp related properties:

(...)
    - run:
        collectorName: arp-conf
        command: sysctl
        args:
          - '-a'
          - '--pattern'
          - '^net\.ipv4\.conf\.(all|default)\.arp'
(...)
    - textAnalyze:
        checkName: ARP filtering is not enabled by default for new interfaces
        fileName: host-collectors/run-host/arp-conf.txt
        regex: 'net.ipv4.conf.default.arp_filter = 0'
        outcomes:
          - fail:
              when: 'false'
              message: "ARP filtering is enabled by default for newly created interfaces on the host. Disable it by running 'sysctl net.ipv4.conf.default.arp_filter=0'."
          - pass:
              when: 'true'
              message: "ARP filtering is not enabled by default for newly created interfaces on the host."
    - textAnalyze:
        checkName: ARP ignore is not enabled by default for new interfaces
        fileName: host-collectors/run-host/arp-conf.txt
        regex: 'net.ipv4.conf.default.arp_ignore = 0'
        outcomes:
          - fail:
              when: 'false'
              message: "ARP ignore is enabled by default for newly created interfaces on the host. Disable it by running 'sysctl net.ipv4.conf.default.arp_ignore=0'."
          - pass:
              when: 'true'
              message: "ARP ignore is not enabled by default for newly created interfaces on the host."
    - textAnalyze:
        checkName: ARP filtering is not enabled for all interfaces
        fileName: host-collectors/run-host/arp-conf.txt
        regex: 'net.ipv4.conf.all.arp_filter = 0'
        outcomes:
          - fail:
              when: 'false'
              message: "ARP filtering is enabled for all interfaces on the host. Disable it by running 'sysctl net.ipv4.conf.all.arp_filter=0'."
          - pass:
              when: 'true'
              message: "ARP filtering is not enabled for all interfaces on the host."
    - textAnalyze:
        checkName: ARP ignore is not enabled for all interfaces
        fileName: host-collectors/run-host/arp-conf.txt
        regex: 'net.ipv4.conf.all.arp_ignore = 0'
        outcomes:
          - fail:
              when: 'false'
              message: "ARP ignore is enabled for all interfaces on the host. Disable it by running 'sysctl net.ipv4.conf.all.arp_ignore=0'."
          - pass:
              when: 'true'
              message: "ARP ignore is not enabled for all interfaces interfaces on the host."

Notice the need to have 4 separate text analyzers for each of the properties I need to validate. Also, this will require us to have dedicated tests for these properties in order to validate the analyzer and collector are doing what we expect them to do VS us validating that the spec we write is what we need and letting troubleshoot do its job.

We could also argue that we can do by with an analyzer only without the collector. This would require us to always ensure the input to the analyzer is the same as what we expect, making it less user friendly and more error prone.
@JGAntunes JGAntunes changed the title Create a sysctl host preflight collector Create a sysctl host collector Nov 5, 2024
This was referenced Nov 5, 2024
Closed
Merged
@banjoh banjoh added type::feature New feature or request echoes/effort: M Medium effort changes by the team's standards (default) labels Nov 5, 2024
This was referenced Nov 6, 2024
Merged
Merged
@JGAntunes
Copy link
Member Author

Done in #1676

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
echoes/effort: M Medium effort changes by the team's standards (default) type::feature New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@banjoh @JGAntunes