Hello !
I would like to use the Configuration synchronization plugin, on my SPS cluster :
- One SPS Central Management & Search master
- Two SPS with both roles : Managed host & Search minion
I need to not synch the targets IP of all my protocols connexions (SSH, RDP...) because I need both SPS Managed host with differents connexions IP to use them in "active / active cluster" so they both can host sessions
I've already read the doc :
the main.py file on the plugin is :
import json def iterate(tree): for key in tree["@order"]: yield tree[key] def iterate_items(tree): for key in tree["@order"]: yield key, tree[key] def get_name_id_map(config, policies_path): name_id_map = {} for policy_id, policy in iterate_items(config['policies'][policies_path]): name_id_map[policy['name']] = policy_id return name_id_map def replace_policies(config, node_specific_replacements, policies_path, policy_path): name_id_map = get_name_id_map(config, policies_path) policy_name_replacement = node_specific_replacements[policies_path] policy_id_replacement = {name_id_map[key]: name_id_map[value] for key, value in policy_name_replacement.items()} for protocol in ['ssh', 'rdp', 'vnc', 'telnet', 'ica', 'http']: for connection in iterate(config[protocol]['connections']): if connection['policies'][policy_path] in policy_id_replacement: connection['policies'][policy_path] = policy_id_replacement[connection['policies'][policy_path]] def merge(local_config, merged_config, *, node_id, plugin_config, **kwargs): node_specific_replacements = json.loads(plugin_config)[node_id] replace_policies(merged_config, node_specific_replacements, 'backup_policies', 'backup_policy') replace_policies(merged_config, node_specific_replacements, 'archive_cleanup_policies', 'archive_cleanup_policy') return merged_config
I don't understand how to modify it to keep my targets IP unsynch to manage them from the managed hosts only..
It's specify to add this on the main.py file :
$ cat main.py def merge(local_config: dict, merged_config: dict, node_id: str, plugin_config: str, **kwargs): merged_config['rdp']['connections'][<id-of-the-connection-policy>]['network']['targets'][0] = "10.30.255.8/24" return merged_config
But this in not clear if I need to do this on the file for example ?? :
import json def iterate(tree): for key in tree["@order"]: yield tree[key] def iterate_items(tree): for key in tree["@order"]: yield key, tree[key] def get_name_id_map(config, policies_path): name_id_map = {} for policy_id, policy in iterate_items(config['policies'][policies_path]): name_id_map[policy['name']] = policy_id return name_id_map def replace_policies(config, node_specific_replacements, policies_path, policy_path): name_id_map = get_name_id_map(config, policies_path) policy_name_replacement = node_specific_replacements[policies_path] policy_id_replacement = {name_id_map[key]: name_id_map[value] for key, value in policy_name_replacement.items()} for protocol in ['ssh', 'rdp', 'vnc', 'telnet', 'ica', 'http']: for connection in iterate(config[protocol]['connections']): if connection['policies'][policy_path] in policy_id_replacement: connection['policies'][policy_path] = policy_id_replacement[connection['policies'][policy_path]] def merge(local_config, merged_config, *, node_id, plugin_config, **kwargs): node_specific_replacements = json.loads(plugin_config)[node_id] replace_policies(merged_config, node_specific_replacements, 'backup_policies', 'backup_policy') replace_policies(merged_config, node_specific_replacements, 'archive_cleanup_policies', 'archive_cleanup_policy') return merged_config def merge(local_config: dict, merged_config: dict, node_id: str, plugin_config: str, **kwargs): node_specific_replacements = json.loads(plugin_config)[node_id] replace_policies(merged_config, node_specific_replacements, 'backup_policies', 'backup_policy') replace_policies(merged_config, node_specific_replacements, 'archive_cleanup_policies', 'archive_cleanup_policy') merged_config['rdp']['connections'][<id-of-the-connection-policy>]['network']['targets'][0] = "10.30.255.8/24" return merged_config
Then, how can we specify the node ID if we need to unsynch two rules ? one on the first managed host, one on the second ?
Do someone use this plugin to do something like I would like to ?
Thank for your help