Central Management - Feature request to make Chocolatey Agent service more resilient to network issues

[Mark-Powerco]

Checklist

• [X] I have verified this is the correct repository for opening this issue.
• [X] I have verified no other issues exist related to my request.

Is Your Feature Request Related To A Problem? Please describe.

I would like to request the ability to configure the number and frequency of retries the Chocolatey Agent service performs when attempting to connect to the Chocolatey Management Service. This is most apparent during service startup, and also periodically every 30 minutes (by default) when the agent "calls home".

We rely on a VPN-like tunnelling solution to facilitate connectivity between our client devices running Chocolatey Agent and the server running the Chocolatey Management Service. For whatever reason, if the tunnel is not available, the Chocolatey Agent service performs a finite number of cycles before completely giving up on further connection attempts. In this case the chocolatey-agent service is still running, yet the agent will not attempt any further connection attempts unless the service (or Windows) is restarted.

From simulation (using 127.0.0.1 in a hosts file) I can see that the agent makes 3 attempts over the course of 60 seconds to connect to the Chocolatey Management Service URL. The agent repeats this cycle 3 times in total:

2024-06-25 16:26:37,212 9 [INFO ] - Attempting installation of Server Certificate from https://server.domain.local:24020/ChocolateyManagementService 2024-06-25 16:26:39,320 9 [WARN ] - This is try 1/3. Retrying after 20000 milliseconds. Error converted to warning: Unable to connect to the remote server 2024-06-25 16:26:59,329 9 [WARN ] - This is try 2/3. Retrying after 30000 milliseconds. Error converted to warning: Unable to connect to the remote server 2024-06-25 16:27:29,341 9 [ERROR] - Maximum tries of 3 reached. Throwing error. 2024-06-25 16:27:29,347 9 [WARN ] - Certificate Import has been attempted 1/3 times. 2024-06-25 16:27:29,349 9 [ERROR] - Unable to locate CCM Server Certificate. There are a number of reasons that this can occur. Please ensure that the current value for the centralManagementServiceUrl is correct, including the port number that the CCM Service was configured to use. This can be verified using the choco config command. For more information, please see https://chocolatey.org/docs/features-chocolatey-central-management. 2024-06-25 16:27:29,350 9 [ERROR] - Unable to connect to the remote server 2024-06-25 16:27:29,352 9 [ERROR] - No connection could be made because the target machine actively refused it 127.0.0.1:24020

After the 3rd and final cycle, the agent effectively shuts down and no further connections will be attempted (manual investigation/intervention is required).

2024-06-25 16:30:17,000 9 [ERROR] - Unable to connect to the remote server 2024-06-25 16:30:17,001 9 [ERROR] - No connection could be made because the target machine actively refused it 127.0.0.1:24020 2024-06-25 16:30:17,002 9 [FATAL] - Certificate Import - Has reached the maximum number of allowed attempts, manual investigation/intervention is required. 2024-06-25 16:30:17,005 9 [WARN ] - chocolatey-agent had an error on XXXXXXXXXXXXX (with user ChocolateyLocalAdmin): System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it 127.0.0.1:24020

Looking at the documentation, it does not appear as though there is any way to control the frequency and numeracy of these connection attempts to make the agent a little more resilient to network-related issues. I would prefer to be able to spread these connection attempts over a wider period, hopefully avoiding reaching the point where the agent completely shuts down. If there were some way to define these values as a package attribute, this would be most welcome.

Our relevant package versions:

• chocolatey 2.3.0
• chocolatey.extension 6.2.0
• chocolatey-agent 2.1.3

Describe The Solution. Why is it needed?

The most plausible solution would be to allow for additional parameters on the chocolatey-agent package which allows for customised frequency and numeracy of the connection attempts made by the agent to the Chocolatey Management Service URL.

Another possible solution could involve a 'choco config' command (similar to 'centralManagementServiceUrl') which the Chocolatey Agent service will consume to define the frequency/numeracy of the connection attempts.

Alternatively, another possible solution could involve the configuration of prepared values in the 'chocolatey-agent.exe.config' file which has an affect on the connection attempts made by the Chocolatey Agent service. This is similar in most respects to the 'appsettings.json' file used by Chocolatey Central Management Database and Website packages.

Additional Context

No response

Related Issues

No response

[pauby]

The feels like a duplicate of #224 and #127?

[Mark-Powerco]

Yes, I would say it is a duplicate (my bad), however this issue is logged as a feature request. If should be taking a different path to request features, then please direct me accordingly. Thanks.

[pauby]

Both feature requests and bugs should be reported here, using the different options when raising an issue.

As this is a duplicate, I'll go ahead and close this.

[gep13]

Duplicate of #224