Skip to content

AUDITOR

AUDITOR version upgrade

  • change into the user auditor
  • ensure, that systemd has a login session to find export XDG_RUNTIME_DIR=/run/user/$(id -u)
  • stop the podman service unit systemctl stop --user podman-auditor.service
  • check for good measures, if the container instance is actually down podman ps
  • validate, that you are connecting to the correct DB psql -h ${DB_HOST} -p ${DB_PORT} --username=${DB_USER} --dbname=${DB_NAME}

DB table initialization and updates

  • the rust sqlx tool is not working with our remote postgres instance in K8s
  • table schema initialization and updates have to be applied manually with the vanilla psql client
  • check out the AUDITOR git repo git clone https://github.com/ALU-Schumacher/AUDITOR.git
  • the initial schema as well as updates are in the sub-folder AUDITOR/migrations/
  • apply the schema and updates sequentially to set up the DB 
    psql -h ${DB_HOST} -p ${DB_PORT} --usernam=${DB_USER} --dbname=${DB_NAME} -a -f AUDITOR/migrations/{20220322080444_create_accounting_table.sql
psql -h ${DB_HOST} -p ${DB_PORT} --usernam=${DB_USER} --dbname=${DB_NAME} -a -f AUDITOR/migrations/20240503141800_convert_meta_component_to_jsonb.sql

Updates wrt Podman Deployments

  • the Puppet podman module is not updating, i.e., scrapping and recreating a new container instance, when changes are merged in Hiera
  • i.e., for updating a AUDITOR container, the existing container has to be stopped and removed, so that puppet will recreate it properly again from the updated details in Hiera
    • as root stop and disable puppet for the moment
    • as auditor user stop the user unit systemctl stop --user podman-auditor.service (XDG_RUNTIME_DIR has top be set - have not managed to automatize it from the profiles...)
    • check if the container is stopped podman ps {-a}
    • stop the auditor container if not already stopped (the service unit has to be stopped else systemd will restart it immediately)
    • remove the container podman rm 012345abcd (you can also clean up all containers and images (see podman ps -a and podman images -a) to free space, but that's not necessary)
  • with the container instance removed
    • ensure that you have committed and merged the new settings in puppet/hiera
    • as root enable and run puppet on the correct branch to roll out the new container with the updated values
    • as auditor check with podman inspect 9876fedc if the new container is up and has the correct details exported

EGI/APEL metric exports

TODO