[Fleet] delete unenrolled agents task#195544
Conversation
juliaElastic
added
release_note:feature
| export const VERSION = '1.0.0'; | ||
| const TITLE = 'Fleet Delete Unenrolled Agents Task'; | ||
| const SCOPE = ['fleet']; | ||
| const INTERVAL = '1h'; |
There was a problem hiding this comment.
Added 1h interval, it should be efficient to delete all unenrolled agents with deleteByQuery, no need to load them in memory.
There was a problem hiding this comment.
There is a caveat with enabling both preconfig and UI setting, it can happen that the preconfigured value gets out of sync when changed from the UI.
We could disable changing from UI when preconfigured if this is an issue.
… src/core/server/integration_tests/ci_checks'
botelastic
bot
added
the
Team:Fleet
|
Pinging @elastic/fleet (Team:Fleet) |
…t --include-path /api/status --include-path /api/alerting/rule/ --include-path /api/alerting/rules --include-path /api/actions --include-path /api/security/role --include-path /api/spaces --include-path /api/fleet --update'
| logger.debug('Setting up Space settings'); | ||
| await ensureSpaceSettings(appContextService.getConfig()?.spaceSettings ?? []); | ||
|
|
||
| logger.debug('Setting up delete unenrolled agents setting'); |
There was a problem hiding this comment.
I tried to enable it then disable it via the kibana config and it stay enabled, it is expected? in my opinion if that settings is managed via the kibana config it should probably be the only source of truth
xpack.fleet.enableDeleteUnenrolledAgents: false
There was a problem hiding this comment.
Good catch, it was a bug, it is fixed now.
There was a problem hiding this comment.
I agree that it's clearer to have one single source of truth. Are we ok to keep this setting in preconfiguration only, and remove from the UI @kpollich @nimarezainia ?
There was a problem hiding this comment.
I think, similar to most of the configuration we should allow to configure it both from UI or kibana config, but if it's configured in preconfiguration this should become the only way to configure it (until it's removed from the config)
There was a problem hiding this comment.
In that case I have to introduce an is_preconfigured flag to know if the delete flag was preconfigured.
| this.logger.debug(`[DeleteUnenrolledAgentsTask] Fetching unenrolled agents`); | ||
|
|
||
| const response = await esClient.deleteByQuery({ | ||
| index: AGENTS_INDEX, |
There was a problem hiding this comment.
should the abortcontroller be passed into this request so the request is cancelled if aborted?
There was a problem hiding this comment.
thanks for raising, fixed
| }, | ||
| ], | ||
| }, | ||
| 3: { |
There was a problem hiding this comment.
question: @juliaElastic this SO type (GLOBAL_SETTINGS_SAVED_OBJECT_TYPE) isn't registered as encrypted saved object, right?
There was a problem hiding this comment.
Right, it's not an encrypted SO.
juliaElastic
force-pushed
the
cleanup-unenrolled
branch
from
1af548d to
6fe1fc2
Compare
azasypkin
left a comment
azasypkin
left a comment
There was a problem hiding this comment.
LGTM, since the added migration is for the ingest_manager_settings SO type, which isn’t an encrypted saved object.
nchaulet
left a comment
nchaulet
left a comment
There was a problem hiding this comment.
Tested locally and it worked as expected, LGTM 🚀
jloleysens
left a comment
jloleysens
left a comment
There was a problem hiding this comment.
API and mappings changes LGTM
juliaElastic
force-pushed
the
cleanup-unenrolled
branch
from
80c15e0 to
8c25642
Compare
ymao1
left a comment
ymao1
left a comment
There was a problem hiding this comment.
Response Ops changes LGTM. Reviewed for new recurring task type that runs every hour with a timeout of 1 minute and respects cancellation signals.
…t --include-path /api/status --include-path /api/alerting/rule/ --include-path /api/alerting/rules --include-path /api/actions --include-path /api/security/role --include-path /api/spaces --include-path /api/fleet --update'
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]Module Count
Async chunks
Page load bundle
History
|
|
Starting backport for target branches: 8.x |
💔 All backports failed
Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
Closes elastic#189506 Testing steps: - enable deleting unenrolled agents by adding `xpack.fleet.enableDeleteUnenrolledAgents: true` to `kibana.dev.yml` or turn it on on the UI - add some unenroll agents with the helper script ``` cd x-pack/plugins/fleet node scripts/create_agents/index.js --status unenrolled --count 10 info Creating 10 agents with statuses: info unenrolled: 10 info Batch complete, created 10 agent docs, took 0, errors: false info All batches complete. Created 10 agents in total. Goodbye! ``` - restart kibana or wait for the task to run and verify that the unenrolled agents were deleted ``` [2024-10-08T16:14:45.152+02:00][DEBUG][plugins.fleet.fleet:delete-unenrolled-agents-task:0.0.5] [DeleteUnenrolledAgentsTask] Executed deletion of 10 unenrolled agents [2024-10-08T16:14:45.153+02:00][INFO ][plugins.fleet.fleet:delete-unenrolled-agents-task:0.0.5] [DeleteUnenrolledAgentsTask] runTask ended: success ``` Added to UI settings: <img width="1057" alt="image" src="https://github.com/user-attachments/assets/2c9279f9-86a8-4630-a6cd-5aaa42e05fe7"> If the flag is preconfigured, disabled update on the UI with a tooltip: <img width="1009" alt="image" src="https://github.com/user-attachments/assets/45041020-6447-4295-995e-6848f0238f88"> The update is also prevented from the API: <img width="2522" alt="image" src="https://github.com/user-attachments/assets/cfbc8e21-e062-4e7f-9d08-9767fa387752"> Once the preconfiguration is removed, the UI update is allowed again. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Backport #195544 to 8.x --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
sophiec20
added
release_note:enhancement
and removed
release_note:feature
8 participants
Summary
Closes #189506
Testing steps:
xpack.fleet.enableDeleteUnenrolledAgents: truetokibana.dev.ymlor turn it on on the UIAdded to UI settings:
If the flag is preconfigured, disabled update on the UI with a tooltip:
The update is also prevented from the API:
Once the preconfiguration is removed, the UI update is allowed again.
Checklist