Hi, I want to bake a new agent for my azure severs with a log watch rule in it for vm backups.
My question is what happens to those servers that might already have a baked agent for example sql ones? Will the rule get baked into those agents also just?
I’m using automatic updates so I presume the new agent will get pushed out automatically also and I wont need to manually update?
Hi Marc,
in the bakery rules you apply the rules to your host based on conditions.
So if you only apply the logwatch rule to your azure hosts via explicit hostnames, tags, folders or labels, only these servers will get a package with logwatch included.
The bakery rules define, how your packages are build and this is evaluated, when you run “bake and sign agents”.
Yes I understand that, but if for example there is a sql server that also currently has its own baked credentials rule that this new one gets applied to. Will this new rule be added to that baked agent for that server also?
I other words if I add a new log watch rule to a bunch of servers regardless, it will keep the original rules and automatically push this new one out correct?
Hi Marc,
in every bake process all (plugin) rules are evaluated during the build of the agent packages.
If you create a new additional rule for your hosts, all rules (new and old) will be applied according to the configured conditions in the next bake and sign.
In the Agent Bakery you can see, what rulesets and configuration has been applied to particular hosts.
tldr
If you assign a new rule, all rules are applied and new packages will be build during bake and sign