Run agent locally

In this section you will:

  • Trigger a policy application locally on the node using Rudder CLI

  • Read the policy enforcement state in its output

  • Check reported compliance in the Web interface

Let’s connect to our Rudder server by SSH:

vagrant ssh server
sudo -i # to get a root access

We will use the rudder command that gives access to all Rudder actions.

But first, let’s explain a bit how things work on the agent. We saw that the server generates an applicable configuration that contains the expected state of the machine.

The agent that runs on all of these machines will download the latest version of its policies, and apply them locally. To trigger this process manually, run:

rudder agent run    # to apply these policies locally

This will display the state of all applied components, including the ones you have defined before.

Agent output

The rest of the components are called system techniques, you can ignore them for now. They are responsible for maintaining the Rudder services themselves, and hence are not editable by users.

Let’s get back to the web interface, on the dashboard (click on the Dashboard link in the left menu, or directly on the Rudder logo):

Dashboard graph

You can see that compliance information got back to the server, and is used to display the current state in the dashboard.

Node compliance

Let’s look at our node compliance in details. For that, first open the node details page and navigate in the compliance tree :

  1. Nodes menu

  2. the node hostname server

  3. the Compliance tab

  4. unfold in clicking on Global configuration for all nodes in the screen lower part

You can get the details of each applied policy on the node. Blue means compliant, orange not compliant, red errors.

Node compliance

Conclusion

We have now finished our first policy application, from definition using a new technique or a built-in one to the actual application on our Rudder server.

We will now dig a bit deeper on what the policy mode is, and how to use it.


← Use a predefined policy Audit vs. Enforce →