search

wazuh / wazuh-agent

Wazuh agent, the Wazuh agent for endpoints.
GNU Affero General Public License v3.0
19 stars 11 forks source link

Agent centralized configuration #32

Open vikman90 opened 2 months ago

vikman90 commented 2 months ago

Parent issue:

Description

This MVP issue focuses on developing the "Agent centralized configuration command" use case. The agent will utilize the "command manager" component to receive requests from the manager. Two types of request will be set-group and update-group, which will include a group (or set of groups) which the agent belongs to. The agent will then respond with the following actions:

  1. Download the related files from the server.
  2. Read them in the order specified by the request and validate them.
  3. Once validated, either apply them to all modules or restart the agent.

Functional requirements

  1. Command Reception:
    • The agent must be able to receive update-configuration requests from the manager through the "command manager" component.
  2. File Download:
    • The agent must download the configuration files listed in the request from the server.
  3. File Reading and Validation:
    • The agent must read the configuration files in the specified order.
    • The agent must validate each configuration file to ensure it is error-free.
  4. Configuration Application:
    • If validation is successful, the agent must apply the new configuration to all relevant modules.
    • If required, the agent must be able to restart to apply the new configuration fully.

Non-functional requirements

  1. Performance: The configuration update process should be efficient and not significantly impact the agent’s performance.
  2. Reliability: The agent must reliably validate and apply configurations without causing errors or downtime.
  3. Security: The agent must securely download configuration files, ensuring they are not tampered with.
  4. Scalability: The solution should scale with the number of configuration files and the size of the agent’s environment.

Implementation restrictions

  1. Command-Based Implementation: This functionality must be implemented as a command within the agent.
  2. Configuration Format: The configuration will be in TOML format, spread across multiple files (one per agent group).
  3. Validation: The configuration must be validated before application. The agent should never accept a configuration that produces errors.

Plan

  1. Module Integration: Integrate with the existing configuration module to handle the reading and validation of TOML files.
  2. Request Format Definition: Define the format for the centralized configuration request to ensure compatibility between the manager and the agent.
  3. Server-Side Implementation: Implement the necessary server-side logic to send the update-configuration requests with the appropriate configuration files.
  4. Agent-Side Implementation: Implement the agent-side logic to:
    • Receive update-configuration requests.
    • Download the specified configuration files.
    • Read and validate the configuration files.
    • Apply the validated configuration or restart the agent as needed.
  5. Testing and Validation:
    • Thoroughly test the entire workflow to ensure reliability, security, and performance.
    • Validate that the agent correctly handles valid and invalid configurations.
    • Ensure seamless integration with the server-side implementation.

Requirement Traceability Matrix

Requirement Description Plan part DRI
Functional 1 Receive update requests 4 @wazuh/devel-agent
Functional 2 Download config files 2, 3, 4 @wazuh/devel-agent , @wazuh/devel-pyserver
Functional 3 Read and validate config 4 @wazuh/devel-agent
Functional 4 Apply the configuration 1, 4 @wazuh/devel-agent-leaders
aritosteles commented 1 month ago

Update