Patching config.ini through Flexera Kubernetes Inventory Agent
The Flexera Kubernetes Inventory Agent delegates several functions to the FlexNet Inventory Agent installed within its container. As always throughout IT Asset Management, the FlexNet Inventory Agent uses, as its primary configuration source, the config.ini file. When outside of containers, changes made at the central application server are distributed in the config.ini file to inventory beacons, and the FlexNet Inventory Agent installed locally on inventory devices regularly requests its updated configuration from there.
However, this process does not repeat on a regular schedule for the FlexNet Inventory Agent installed within containers – the config.ini file is updated from the inventory beacon only once, at container start-up (see the processing summary at the end of this topic). As well, the configuration may need to be customized for specific Kubernetes deployments. Whereas making such changes to a file in the container might be difficult within Kubernetes, the Flexera Kubernetes Inventory Agent includes a way to patch the local config.ini within the container.
- Changes are supplied as patch files, each of which may contain one or more changes that need to be made to the config.ini file for FlexNet Inventory Agent within the container.
- The patch files are stored within a
ConfigMap
in the cluster (a resources that stores key-value pairs as data sets). When used as the data source for a mounted volume within the container, each entry becomes a file, with the key being the file's name, and the value being the file's content. (Where multiple changes are needed, they may be combined into one patch file, or be listed as individual patch files, whichever is more convenient for your processes.) - When policy updates are enabled (which is the default, unless in the YAML
file you have set
spec.monitor.downloadFromBeacon
tofalse
), the patches are automatically applied to config.ini both:- Before agent policy is downloaded (in case there are SSL configuration options required for communication with the inventory beacon); and
- After the Flexera Kubernetes Inventory Agent downloads the latest updates to config.ini from its inventory beacon, thereby ensuring that a policy update from the central application server does not negate the local patches to the config.ini file within this cluster.
To use the Flexera Kubernetes Inventory Agent to patch config.ini:
configmap
, the automated process for applying updates to
the config.ini file fits in with the overall instantiation and
operational cycle for the Flexera Kubernetes Inventory Agent like this:- The container for the Flexera Kubernetes Inventory Agent is created, and at this time it contains the unmodified config.ini pseudo-registry configuration file that was initially deployed with the FlexNet Inventory Agent.
- The
configmap
defined in the YAML file is mounted as a file system. - The binary for the Flexera Kubernetes Inventory Agent starts running within the container.
- The Flexera Kubernetes Inventory Agent creates a simple bootstrap config file that
specifies the links to/from its inventory beacon with the
MGSFT_BOOTSTRAP_DOWNLOAD
andMGSFT_BOOTSTRAP_UPLOAD
settings (learn more about these in the Gathering FlexNet Inventory reference, in the topic Agent third-party deployment: Configure the Bootstrap File for UNIX). It then runsmgsconfig -a
, which applies the 'answer file' to the configuration. - Now the Flexera Kubernetes Inventory Agent detects the mounted ConfigMap file system,
and runs
mgsconfig -i
for each file in that file system whose name ends with the.ini
suffix. This applies the patches to the config.ini file. These patches may potentially contain settings required for communication with the inventory beacon, and so are applied at this time before any attempt is made to download policy. - The Flexera Kubernetes Inventory Agent now uses the policy component from the FlexNet Inventory Agent, running
mgspolicy -t machine
to fetch the latest config.ini file that is available from its inventory beacon.Note: This update of config.ini from the inventory beacon happens only once, at this point in the container start-up. Long-running containers do not check with any inventory beacon for updates to agent policy settings (in the config.ini file) on any regular schedule. In this, they differ from the FlexNet Inventory Agent installed on a free-standing device (not in any container). - Because the downloaded device policy is unlikely to include any of the
cluster-specific patches, the Flexera Kubernetes Inventory Agent re-runs
mgsconfig -i
for all the available .ini files to restore the patches to the newly-downloaded config.ini file. - The Flexera Kubernetes Inventory Agent connects to Kubernetes and begins collecting inventory data, flushing its collected data into an .ndi file.
- Asynchronously, the FlexNet Inventory Agent may be triggered to collect software inventory from the container as well. It saves its inventory to its own .ndi file in the persistent storage you declared in the YAML file.
- The Flexera Kubernetes Inventory Agent then runs another component of the FlexNet Inventory Agent, ndupload, to transfer the .ndi file(s) to the inventory beacon (using the settings in the config.ini file).
- The two agents continue collecting inventory data for a period (by default, 24 hours), and then repeat the cycle of flushing collected data to .ndi file(s) and uploading them to the inventory beacon.
IT Asset Management (Cloud)
Current