NetXMS Support Forum

Till now we have all agent configs locally on each node. For better management I want to transfer them to a server based approach. In Admin guide I see two possibilities:

• Agent Policies
• Agent Configuration Files on Server (Agent Config manager)

Now my questions:

• what are the advantages and disadvantages of both functions?
• Which is the better way for the future?

Hi!

Agent configs on server requires that agent can connect to server - this could be problematic in some environments. On the other hand, agent will receive full config and can be started without config at all.

Agent policies cannot be used to bootstrap agent - you still need local master config with at least master server address set. But they can be used over existing agent connection, via proxy, etc.

We plan to keep both options for foreseeable future. If new agent deployment is not happen very often, I probably would recommend agent policies. They are somewhat easier to manage, and we plan to improve them.

Best regards,
Victor

It is possible to have initial config in Agent Configuration Files on Server. Agent Config file received from server is saved as agent config. And next time agent may be started without requesting config. And all non initial(for me it is all except master server) can be applied through policies.

Thanks for the explanations.

Agent Configuration File on Server:
But I saw in my tests, agent downloads config from server at each agent startup (not like Tatjana wrote) and overwrites local Master Config file completely. That would overwrite all changed local config files on other nodes! I also saw it is also possible with forced encryption and authentication on the node object (so the download of for example "shared secret" is unencryted?)
What is allowed in filter script? I tried object $node but got error (is not object). I also tried example from AdminGuide, but it doesn't work. I didn't found anything in documentation.

Agent Policies:
Is it also possible for SubAgent Config Sections?
In my tests I saw if there is something configured in policy which was also configured in Master Config File, Master Config File has priority. Is that correct?
For what is the tab 'policy' in Policies? The title is there 'Description', is it the same as 'Comments'?
Is it possible to use comments in the XML?
Is it correct, you need to restart agent manually after reinstall changed agent policy ?

Sorry I changed my last reply too much :-) So it's completly different.
Is anybody able to answer my open questions about agent config delivery?

Hi.

I didn't meant that config is updated just once. I just wanted to describe a possibility to get initial config(that is required in case if you will decide to use Agent Policies). If on agent start you added parameter -M <addr> agent will try first to get config from server and in case of fail it will start with the old one.

Documentation updated:
https://www.netxms.org/documentation/adminguide/agent-management.html#agent-configuration-files-on-server

About questions:
* Is it also possible for SubAgent Config Sections?
Yes. It will look like this:
<config>
   <agent>
      <MasterServers>127.0.0.1</MasterServers>
      <SubAgent>netsvc.nsm</SubAgent>
      <SubAgent>dbquery.nsm</SubAgent>
      <SubAgent>filemgr.nsm</SubAgent>
   </agent>
   <DBQUERY>
      <Database>id=myDB;driver=mysql.ddr;server=127.0.0.1;login=netxms;password=xxxxx;dbname=netxms</Database>
      <Query>dbquery1:myDB:60:SELECT name FROM images</Query>
      <ConfigurableQuery>dbquery2:myDB:Comment in param :SELECT name FROM images WHERE name like ?</ConfigurableQuery>
      <ConfigurableQuery>byID:myDB:Comment in param :SELECT name FROM users WHERE id=?</ConfigurableQuery>

   </DBQUERY>      
   <filemgr>
      <RootFolder>/</RootFolder>
   </filemgr>
</config>

* Is it correct, you need to restart agent manually after reinstall changed agent policy ?
Yes.

Sorry I have no answers on other your questions. They can be answered by Victor.

Some additional clarifications:

All configs delivered by policies are merged on agent startup. That means that each policy can bring it's own piece of total configuration, and those can be from same sections. For example, you have PING subagent loaded, and if two policies will have Target parameter in *PING section, agent will have two ping targets.
It is not mandatory to use XML format for configs delivered via policies, key=value format can be used as well.
It is possible to use comments in XML (with standard XML syntax <-- comment here -->).
"Description" tab is a left-over from old versions where there was no common comment field for objects. It should be removed.

Best regards,
Victor

Ok, thanks for the input. Now it's more clear to me. I recap, as I have understood:

Agent Configuration Files on Server:

• Assignment is Rule based (In filter script only variables $1 - $5 are possible (changed in admin guide))
• Config download from server is each time the agent starts (if option '-M servername')
• When config is found on server, local config is overwritten, if not existing local policy is used
• At minimum the server connection parameters must be in Master config

Agent Policies:

• Not possible for bootstrap agent
• Also possible via proxy
• Assignment is only direct to nodes, not rule based
• Can be in XML or 'key = value' format
• Settings from different policies will be merged at agent startup
• SubAgent config sections also possible
• changed policies must be reinstalled on nodes (in console) and need agent restart

For me the only open question is the priority, when there are conflicting settings in Master config and in one or more agent policies.

It should look like this:

Agent Configuration Files on Server:

• Assignment is Rule based (In filter script only variables $1 - $5 are possible (changed in admin guide))
• Config download from server is each time the agent starts (if option '-M servername')
• When config is found on server, local Master config is overwritten, if not existing Master config is used
• Works with Master config
• Do not required initial config(can be started without config), but in this case agent will fail if nothing will be returned from server

Agent Policies:

• Not possible for bootstrap agent
• Also possible via proxy
• Assignment is only direct to nodes, not rule based
• Can be in XML or 'key = value' format
• Settings from different policies will be merged at agent startup
• SubAgent config sections also possible
• changed policies must be reinstalled on nodes (in console) and need agent restart
• At minimum the server connection parameters must be in Master config
• Works with Additional configuration files(policies)
• If policy and master config have same parameter that can be set only once like(MasterServers or LogFile), then policy will overwrite master config configuration
• If policy and master config have same parameter that can be set multiple times like(Target for PING subagent or Query for DBQUERY), then policy will merge lists of configs

I'll find appropriate section in documentation and will add this information.

Ok, now 'everything' is clear, I will migrate from local config files to a mix of server-config and agent policies.

Thank you Tatjana. So the documentation will become better and better. But the way is still long :-)

thanks
Dani