Comments (8)
Ideally we can detect that an agent policy is associated with the space being deleted and block the space deletion until all agent policies are moved out of the space or deleted. I think the admin who has the right access to delete the space then could make a decision on what should happen to the agent policies.
+1 this seems like the best way to deal with this, but reading the prior discussion I don't think there is a way to implement this today.
The core problem is there are Elastic Agents that continue to exist outside of a deleted space that become unmanageable or in the case of Defend potentially uninstallable if the uninstall token was deleted along with the space (CC @ferullo).
from kibana.
Pinging @elastic/fleet (Team:Fleet)
from kibana.
@elastic/kibana-security is there any hook available to react on a space deletion? maybe to clean things or to prevent if there enrolled fleet-agents
We do not expose a hook today, but we can explore adding one (or something like it) if you can provide a set of detailed requirements.
For reference, the logic to delete a space is defined here:
kibana/x-pack/plugins/spaces/server/spaces_client/spaces_client.ts
Lines 187 to 196 in c89ee65
This delegates to the deleteByNamespace
function of the Saved Objects repository, which deletes saved objects belonging to the space, or "unshares" objects from the space if an object exists in multiple spaces:
https://github.com/elastic/kibana/blob/c89ee65c7034ba26006e2d426156a6de11b3505f/packages/core/saved-objects/core-saved-objects-api-server-internal/src/lib/apis/delete_by_namespace.ts#L25-L83
from kibana.
Thanks @legrego the issue for us is we are introducing space to non saved object documents, and those document will become orphans if the space is deleted.
@nimarezainia what will be the ideal behavior here? a way to block space deletion when we have active agents in that space? some migration to the default space?
from kibana.
@legrego would you know what happens to other kibana assets in a space when that space is deleted? is there a warning of any sorts?
@nchaulet I don't know if we should make a decision on user's behalf in this regard (as in moving all to default space) Ideally we can detect that an agent policy is associated with the space being deleted and block the space deletion until all agent policies are moved out of the space or deleted. I think the admin who has the right access to delete the space then could make a decision on what should happen to the agent policies. Presumably this persona has a higher level of access.
from kibana.
would you know what happens to other kibana assets in a space when that space is deleted? is there a warning of any sorts?
All saved objects within the space are deleted, or removed from the space. Any other assets are left untouched. We show a warning when deleting a space that all saved objects will be removed.
from kibana.
@legrego Looks like ideally we would need a hook in that space deletion path. Perhaps a way for other users (such as Fleet) to register their dependency on Spaces. Also the deletion to be halted if any of the registered functions indicate it shouldn't be deleted. What would you need from us on this to move forward? I'd imagine this affects almost everyone who has Space dependency.
@kpollich @nchaulet this is probably a blocker for our project. What do you think?
from kibana.
Looks like ideally we would need a hook in that space deletion path. Perhaps a way for other users (such as Fleet) to register their dependency on Spaces.
Is this solely in support of the Also the deletion...
clause below, or is there other functionality that you need this registration to support?
Also the deletion to be halted if any of the registered functions indicate it shouldn't be deleted.
Preventing space deletion is an aggressive measure and isn't something I can agree to without broader consideration (cc @rayafratkina @mwtyang @azasypkin @lukeelmers). I see benefit to warning users if Fleet indicates that other assets are impacted/degraded by the operation, but I'm not yet sold on preventing deletion.
we are introducing space to non saved object documents, and those document will become orphans if the space is deleted.
Is there a list of these non-SO assets that we can see to help guide our decision making? It would be helpful to understand:
- How these assets are created
- Who/what creates these assets
- What privileges are required to CRUD these assets
- Where these assets reside (e.g if someting is stored in a Fleet system index, Kibana system index, or is an implementation detail of ES, etc.)
from kibana.
Related Issues (20)
- [Fleet] Unhealthy fleet server in multiple space HOT 5
- Failing test: Serverless Observability Functional Tests - Common Group 6.x-pack/test_serverless/functional/test_suites/common/discover/x_pack/reporting·ts - discover Discover CSV Export Generate CSV: new search generates a report with no data HOT 1
- Failing test: Jest Tests.x-pack/plugins/cases/public/components/case_view/components - Case View Page files tab should render the utility bar for the files table HOT 2
- Error while exporting PDF with deferBelowFold (labs:dashboard:deferBelowFold) HOT 2
- Failing test: GenAI - NLP - Serverless Env - Essentials Tier.x-pack/test/security_solution_api_integration/test_suites/genai/nlp_cleanup_task/basic_license_essentials_tier/task_execution·ts - GenAI - NLP @serverless NLP Cleanup Task in Essentials Tier New Essentials Deployment Model Loading "before all" hook for "executes NLP Cleanup Task and successfully cleans up only pytorch models" HOT 3
- Ugly error message HOT 1
- Move fleet constants in a package HOT 6
- [Fleet]: Unenrolled agents count isn't updated under Agent policies tab. HOT 3
- [Security Solution] Support circular OpenAPI references by code generation HOT 4
- [Lens] Improve chart visual defaults when there are missing time intervals
- [ES|QL] Add distribution in field statistics HOT 2
- [embeddable] PresentationPanelError component throws when error.message is empty string HOT 4
- [Obs Alerting] [Discuss] Show all "observability" and "stack" rules and alerts in the Observability UI HOT 1
- Failing test: X-Pack Endpoint Integrations Functional Tests on Serverless.x-pack/test/security_solution_api_integration/test_suites/security_solution_endpoint/apps/integrations - endpoint "before all" hook in "endpoint" HOT 4
- Failing test: X-Pack Endpoint Functional Tests on Serverless.x-pack/test/security_solution_api_integration/test_suites/security_solution_endpoint/apps/endpoint - endpoint "before all" hook in "endpoint" HOT 5
- Failing test: Chrome X-Pack UI Functional Tests.x-pack/test/functional/apps/ml/anomaly_detection/forecasts·ts - machine learning anomaly detection forecasts with single metric job displays job results HOT 2
- [Synthetics] Lightweight project monitors should support URL strings containing commas HOT 1
- Failing test: Jest Tests.x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/edit_package_policy_page - edit package policy page should disable submit button on invalid form with empty package var HOT 1
- [lens] lens embeddable outputting error with empty message string HOT 1
- [APM - Services Map] page error when clicking Service Map's arrow HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kibana.