Zero System Config

[svaroqui]

Description of what we have today

We have dynamic config activated by monitor-save-config for hierachical track of api setting changes This is per cluster and stored in the cluster datadir

• immutable.toml ( command line + config.toml (default + cluster section ) cluster.toml (cluster section )
• overwrite.toml ( any setting tha is chanded by api that overwrite immutable
• bench.toml (the new setting not in overwrite but union immutable)

What it bring

• Encryption for all secret
• Save any config change per cluster and export to git for backup and cloud18 usage
• Preserve settings that are force by the system admin via etc
• A manual merge command to install overwrite in any etc conf

Our packages need to be modified

• Create a repman user and run the process as repman user
• Change /var/lib/replication-manager permission to repman user
• Keep other directory permission to root user
• Give a minimal empty config.toml all parameters description in comment

The code

• On start will always create a ./home/./.replication-manager like the embedded binary do
• Auto generate the encryption key in that directory
• We will add default.toml in the repman datadir that will store extra global scope parameter not in immutable.toml
• Cluster save will auto merge ./home/./.replication-manager/cluster.d/.toml the datadir//cluster.toml and datadir//overwrite.toml and copy the datadir/default.toml into ./home/./.replication-manager/config.toml
• On start we double read the files in /etc and in ./home/.replication-manager

Why

• Activate monitor save config by default
• Introduce a dynamic setting for global scope settings we lack today
• When no change in /etc we have an independent config strore on disk that enable non administrator user to persist changes
• The datadir directory can be rm without loosing config or depend on an external git repo