fleet icon indicating copy to clipboard operation
fleet copied to clipboard
verified publisher icon kolide

Include flagfile in "Add New Host" dialog

Open zwass opened this issue 9 years ago • 3 comments

Users would like help generating the flagfile that will be used with hosts. I suggested including this in the dialog and they seemed to indicate that this would be helpful.

See https://osquery.slack.com/archives/kolide/p1488235801000245

zwass avatar Feb 27 '17 23:02 zwass

I am co-opting this issue and generalizing it so a fully-fledged new feature and user story.

User Story

As a user I want a convenient, repeatable, and highly autonomous way to install osquery agents on my endpoints.

As a sales person in the Kolide organization I want users to be able to quickly enroll hosts in the product so they can quickly experience Kolide without a lot of manual effort.

Proposed solutions

I think to solve the following user stories above we should prepare the following solutions and embed them in the Kolide product.

  1. Produce OS specific packages (.pkg, .deb, .rpm that install osquery, certs, and automatically start and enroll the host)

  2. Have host enrollment be a bigger part of the setup/onboarding process

  3. Produce a screen with the following components:

    • A link to official osquery packages
    • A download zip that contains:
      • a platform appropriate flag file filled in with all of our info
      • the cert needed to connect to kolide
    • A text box that contains a copy-pastable run command assuming osqueryd is installed in $PATH and the zip is extracted.

Wireframes

(Coming soon)

terracatta avatar Mar 07 '17 17:03 terracatta

  1. would be nice but right now it requires external tooling to complete, and we can't really make those assumptions about the host that kolide is running on. I think that's a viable option for cloud, where we control the deployment environment.

  2. I like the info we have in the modal right now. We should keep it, but add the flag file as a copy/pastable option as well.

In addition, I have a local branch that I'm almost ready to PR with the zip archive download which will create a mac pkg if opened on a mac.

IMO we should do the following

  1. provide the user with copy/pastable cert, secret and flagfile
  2. add a download link with a zip which the user can use to build an enrollment package for their platform. The zip will start with a mac pkg makefile but add linux and possibly windows build commands when complete.

groob avatar Mar 07 '17 18:03 groob

@groob I think your scoped-down version of this is exactly what we should do with 1.0.3. I'll start working on wires and we will get mocks ready ASAP for you and @kyleknighted to comment on.

terracatta avatar Mar 07 '17 18:03 terracatta