Run agent locally

In this section you will:

  • Trigger a policy application locally on the node using Rudder CLI

  • Read the policy enforcement state in its output

  • Check reported compliance in the Web interface

Let’s connect to our Rudder server by SSH:

vagrant ssh server
sudo -i # to get a root access

We will use the rudder command that gives access to all Rudder actions.

But first, let’s explain a bit how things work on the agent. We saw that the server generates an applicable configuration that contains the expected state of the machine.

The agent that runs on all of these machines will download the latest version of its policies, and apply them locally. To trigger this process manually, run:

rudder agent update # to update the policies rom the server
rudder agent run    # to apply these policies locally

This will display the state of all applied components, including the ones you have defined before.

Agent output

The rest of the components are called system techniques, you can ignore them for now. They are responsible for maintaining the Rudder services themselves, and hence are not editable by users.

Let’s get back to the web interface, on the dashboard (click on the Dashboard link in the left menu, or directly on the Rudder logo):

Dashboard graph

You can see that compliance information got back to the server, and is used to display the current state in the dashboard.

Node compliance

Now you can go to our node details by using the quick search filter, and searching for "node".

Go to the "Compliance reports" tab. You will see the applied policy and the current compliance regarding it. If you click on a line it will unfold until you get to the actual applied component.

Node compliance

Conclusion

We have now finished our first policy application, from definition, using a new technique or a built-in one, to the actual application on our Rudder server.

We will now dig a bit deeper on what the policy mode (we modified) is, and how to use it.