feat(agent_install): only install required packages [SMAGENT-6558]

rework the role so to only install the packages required by the selected driver (and therefore, the respective dependencies). Also, remove packages which are no longer required by the selected driver type. Notice we need to craft a list augmented with the selected version, if one is present. Most of the selection logic (namely, based on the version) resides in the 'agent' filter which is probably far from ideal but gets the job done.
sysdiglabs · Apr 9, 2024 · 6ee0707 · 6ee0707
1 parent 0df9edb
commit 6ee0707
Show file tree

Hide file tree

Showing 2 changed files with 74 additions and 10 deletions.
diff --git a/plugins/filter/agent.py b/plugins/filter/agent.py
@@ -1,4 +1,6 @@
 from ansible.utils.display import Display
+from distutils.version import LooseVersion
+
 def to_agent_driver_type(data):
     """ Return the desired Sysdig Agent driver type """
     try:
@@ -24,6 +26,56 @@ def to_agent_version(data):
         return "latest"
 
 
+def to_agent_version_pinned(data):
+    """ Returns True when the agent version to install is pinned, False otherwise
+    """
+    v = to_agent_version(data)
+    if v and v != '' and v != "latest":
+        return True
+    return False
+
+def to_agent_packages(data):
+    """ Returns the agent packages to install
+    """
+    pinned = to_agent_version_pinned(data)
+    older = False
+    all_packages = {
+        "draios-agent": False,
+        "draios-agent-slim": False,
+        "draios-agent-kmodule": False,
+        "draios-agent-legacy-ebpf": False,
+    }
+    if pinned:
+        version = to_agent_version(data)
+        minver = LooseVersion("1.0.0")
+        maxver = LooseVersion("13.1.0")
+        older = minver < LooseVersion(version) < maxver
+    if older:
+        all_packages ["draios-agent"] = True
+    else:
+        dt = to_agent_driver_type(data)
+        if dt == "universal_ebpf":
+            all_packages ["draios-agent-slim"] = True
+        elif dt == "legacy_ebpf":
+            all_packages ["draios-agent-slim"] = True
+            all_packages ["draios-agent-legacy-ebpf"] = True
+        else:
+            all_packages ["draios-agent"] = True
+            all_packages ["draios-agent-slim"] = True
+            all_packages ["draios-agent-kmodule"] = True
+
+    return all_packages
+
+def to_agent_uninstall_packages(data):
+    """ Return the list of packages to be uninstalled
+    """
+    return [ k for k, v in to_agent_packages(data).items() if v == False ]
+
+def to_agent_install_packages(data):
+    """ Return the list of packages to be uninstalled
+    """
+    return [ k for k, v in to_agent_packages(data).items() if v == True ]
+
 def to_agent_install_probe_build_dependencies(data):
     """ Return true or false depending on if the probe (legacy_ebpf|kmod) build
     dependencies should be installed
@@ -39,5 +91,8 @@ def filters(self):
         return {
             "toAgentDriverType": to_agent_driver_type,
             "toAgentVersion": to_agent_version,
+            "toAgentVersionPinned": to_agent_version_pinned,
+            "toAgentInstallPackages": to_agent_install_packages,
+            "toAgentUninstallPackages": to_agent_uninstall_packages,
             "toAgentInstallProbeBuildDependencies": to_agent_install_probe_build_dependencies
         }
diff --git a/roles/agent_install/tasks/main.yml b/roles/agent_install/tasks/main.yml
@@ -3,13 +3,26 @@
   ansible.builtin.set_fact:
     agent_install_version: "{{ configuration | sysdig.agent.toAgentVersion }}"
     agent_install_driver_type: "{{ configuration | sysdig.agent.toAgentDriverType | lower }}"
+    agent_install_pinned: "{{ configuration | sysdig.agent.toAgentVersionPinned }}"
+    agent_install_packages: "{{ configuration | sysdig.agent.toAgentInstallPackages }}"
+    agent_uninstall_packages: "{{ configuration | sysdig.agent.toAgentUninstallPackages }}"
     agent_install_probe_build_dependencies: "{{ configuration | sysdig.agent.toAgentInstallProbeBuildDependencies | bool }}"
     agent_install_deb_repository_url: "{{ configuration | sysdig.agent.toDebUrl | default('https://download.sysdig.com/stable/deb', true) }}"
     agent_install_deb_repository_gpgkey: "{{ configuration | sysdig.agent.toDebGpgKey | default('https://download.sysdig.com/DRAIOS-GPG-KEY.public', true) }}"
     agent_install_rpm_repository_url: "{{ configuration | sysdig.agent.toRpmUrl | default('https://download.sysdig.com/stable/rpm/$basearch', true) }}"
     agent_install_rpm_repository_gpgkey: "{{ configuration | sysdig.agent.toRpmGpgKey | default('https://download.sysdig.com/DRAIOS-GPG-KEY.public', true) }}"
     agent_install_local_forwarder_enabled: "{{ configuration | sysdig.agent.toLocalForwarderEnabled | bool }}"
 
+
+- name: Build versions suffix
+  ansible.builtin.set_fact:
+    agent_install_version_suffix: "{% if agent_install_pinned %}{% if ansible_pkg_mgr == 'apt' %}={{ agent_install_version }}{% else %}-{{ agent_install_version }}{% endif %}{% endif %}"
+
+- name: Build install package list
+  ansible.builtin.set_fact:
+    agent_install_package_list: "{{ agent_install_package_list | default([]) + [item + agent_install_version_suffix] }}"
+  with_items: "{{ agent_install_packages }}"
+
 - name: Install Sysdig Agent
   block:
     - name: Validate Environment
@@ -22,20 +35,16 @@
     - name: Configure Sysdig Agent Repository
       ansible.builtin.include_tasks: "agent/configure-{{ 'rpm' if ansible_pkg_mgr in ['dnf', 'yum'] else 'deb' }}-repository.yml"
 
-    - name: Install Sysdig Agent (latest)
+    - name: Uninstall Unneeded Sysdig Agent Packages
       ansible.builtin.package:
-        name: draios-agent
-        state: latest
-      when: (not agent_install_version) or
-            (agent_install_version and (agent_install_version == 'latest' or agent_install_version == ""))
+        name: "{{ agent_uninstall_packages }}"
+        state: absent
+      ignore_errors: true
 
-    - name: Install Sysdig Agent (pinned)
+    - name: Install Sysdig Agent "{{ agent_install_package_list }} "
       ansible.builtin.package:
-        name: "draios-agent{% if agent_install_version != 'latest' %}{% if ansible_pkg_mgr == 'apt' %}={% else %}-{% endif %}{{ agent_install_version }}{% endif %}"
+        name: "{{ agent_install_package_list }}"
         state: present
-      when:
-        - agent_install_version
-        - agent_install_version != 'latest'
 
     - name: Create dragent.yaml file
       ansible.builtin.template: