enable check-noquattor by default

[stdweird]

Fix is trivial, but we need agreement. @ned21 @jouvin @jrha please vote :smile:

[ned21]

Where do I vote / what am I voting for?

[stdweird]

@ned21 to enable check-noquattor by default (so ncm-ncd doesn't do anything when /etc/noquattor is set, like ccm-fetch). you can vote by sayiing you don't mind :smile:

[ned21]

That would prevent us from being able to validate that the host config matches the current profile and that no one has made unauthorised changes outside of Quattor. The current default works very well.

[stdweird]

you can still run ncm-ncd when this is set, but you have to pass --force-quattor, like ccm-fetch. we just like the idea the /etc/noquattor disables both ccm and ncm-ncd. out of curiosity, if you run it for validation purposes, do you run it with --noaction?

[jrha]

I don't mind, this is what our users keep expecting /etc/noquattor to do anyway.

[ned21]

We use it both with --noaction (for reporting) and without (to just fix things). If this can be a config option controlled by /etc/ncm-ncd.conf then I don't know if the default is a big deal if the majority prefer a different behaviour to at present.

[jrha]

As an experiment I just asked two random people in the office what /etc/noquattor did, they were both surprised to learn that it currently only disables ccm, which is interesting because they have known this in the past, which tells me that the current behaviour is counter-intuitive enough that the default should be to also disable ncm-ncd.

[stdweird]

@ned21 you can set check-quattor = 0 in the ncm-ncd.conf file so nothing changes on your systems; and you can either pass --check-quattor 1 on the commandline or do a --force-quattor like with ccm-fetch. it would be nice to know what other MS people think happens when noquattor is set :smile:
@jrha i agree. /etc/noquattor should mean no quattor. we have had check-quattor = 1 for a long while now in our config file, so you could already set it. but i added quattor on nodes deployed with xcat this week, and without touching the ncm-ncd.conf i was lucky that spma failed, otherwise i would have wiped half the nodes OS (in particular, wiping the wrong rpms on nodes with uefi is not amusing)