Agent Deployment Guide
Automated deployment strategies and best practices for scaling SysManage agent deployment across your infrastructure.
Deployment Overview
SysManage agents can be deployed using various automation tools and strategies depending on your infrastructure size and management preferences.
🔧 Configuration Management
Deploy agents using infrastructure automation tools
- Ansible playbooks
- Puppet manifests
- Chef cookbooks
- SaltStack states
📦 Package Managers
Use system package managers for standardized deployment
- APT repositories (Debian/Ubuntu)
- YUM/DNF repositories (RHEL/CentOS/Fedora)
- Chocolatey (Windows)
- Homebrew (macOS)
🐳 Containerized Deployment
Deploy agents as containers for modern infrastructure
- Docker containers
- Kubernetes DaemonSets
- Docker Swarm services
- Podman deployments
Ansible Deployment
Ansible is the recommended tool for automated agent deployment. Here's a sample playbook:
Basic Ansible Playbook
---
- name: Deploy SysManage Agent
hosts: all
become: yes
vars:
sysmanage_server: "sysmanage.example.com"
sysmanage_port: 8443
agent_version: "latest"
tasks:
- name: Download SysManage agent
get_url:
url: "https://releases.sysmanage.org/{{ agent_version }}/sysmanage-agent-{{ ansible_system | lower }}-{{ ansible_architecture }}"
dest: "/tmp/sysmanage-agent"
mode: '0755'
- name: Install agent
command: /tmp/sysmanage-agent install --server {{ sysmanage_server }} --port {{ sysmanage_port }}
creates: /etc/sysmanage-agent/config.toml
- name: Start and enable agent service
systemd:
name: sysmanage-agent
state: started
enabled: yesAdvanced Playbook with Certificate Management
---
- name: Deploy SysManage Agent with mTLS
hosts: all
become: yes
vars:
sysmanage_server: "sysmanage.example.com"
ca_cert_path: "/etc/sysmanage/ca.crt"
tasks:
- name: Create sysmanage directories
file:
path: "{{ item }}"
state: directory
mode: '0755'
loop:
- /etc/sysmanage
- /var/log/sysmanage-agent
- name: Copy CA certificate
copy:
src: "{{ ca_cert_path }}"
dest: /etc/sysmanage/ca.crt
mode: '0644'
- name: Generate agent certificate request
command: sysmanage-agent cert-request --output /tmp/agent.csr
creates: /tmp/agent.csr
- name: Install and configure agent
template:
src: agent-config.toml.j2
dest: /etc/sysmanage-agent/config.toml
mode: '0600'Kubernetes Deployment
Deploy agents as a DaemonSet to ensure one agent per node:
DaemonSet Configuration
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: sysmanage-agent
namespace: sysmanage
spec:
selector:
matchLabels:
app: sysmanage-agent
template:
metadata:
labels:
app: sysmanage-agent
spec:
hostNetwork: true
hostPID: true
hostIPC: true
containers:
- name: sysmanage-agent
image: sysmanage/agent:latest
securityContext:
privileged: true
env:
- name: SYSMANAGE_SERVER
value: "sysmanage-server.sysmanage.svc.cluster.local"
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- name: host-root
mountPath: /host
readOnly: true
- name: agent-config
mountPath: /etc/sysmanage-agent
volumes:
- name: host-root
hostPath:
path: /
- name: agent-config
configMap:
name: sysmanage-agent-configDocker Deployment
Run agents as Docker containers with proper host access:
Docker Run Command
docker run -d \
--name sysmanage-agent \
--restart unless-stopped \
--privileged \
--network host \
--pid host \
--ipc host \
-v /:/host:ro \
-v /var/run/docker.sock:/var/run/docker.sock \
-e SYSMANAGE_SERVER=sysmanage.example.com \
-e SYSMANAGE_PORT=8443 \
sysmanage/agent:latestDocker Compose
version: '3.8'
services:
sysmanage-agent:
image: sysmanage/agent:latest
container_name: sysmanage-agent
restart: unless-stopped
privileged: true
network_mode: host
pid: host
ipc: host
volumes:
- /:/host:ro
- /var/run/docker.sock:/var/run/docker.sock
- ./agent-config:/etc/sysmanage-agent
environment:
- SYSMANAGE_SERVER=sysmanage.example.com
- SYSMANAGE_PORT=8443
- LOG_LEVEL=infoMass Deployment Strategies
Phased Rollout
- Deploy to test environment first
- Gradual rollout by groups
- Monitor each phase before proceeding
- Rollback plan for issues
Blue-Green Deployment
- Maintain two identical environments
- Deploy to inactive environment
- Switch traffic after validation
- Quick rollback capability
Canary Deployment
- Deploy to small subset first
- Monitor metrics and performance
- Gradually increase deployment size
- Automated rollback on failures
Deployment Checklist
Pre-deployment
- Server connectivity verified
- Certificates prepared and distributed
- Network firewall rules configured
- Agent configuration templates ready
- Backup and rollback plan documented
During Deployment
- Monitor deployment progress
- Verify agent connectivity
- Check service status on each host
- Validate certificate authentication
- Test basic agent functionality
Post-deployment
- Confirm all agents are reporting
- Verify metric collection
- Test command execution
- Update monitoring dashboards
- Document deployment configuration
Deployment Troubleshooting
Agent Not Connecting
- Check network connectivity to server
- Verify server hostname and port
- Check certificate validity
- Review firewall rules
- Examine agent logs
Certificate Issues
- Verify CA certificate installation
- Check certificate expiration
- Validate certificate chain
- Ensure proper permissions
- Test manual certificate validation
Service Startup Failures
- Check system service logs
- Verify configuration file syntax
- Ensure proper file permissions
- Check available system resources
- Validate dependencies