Skip to main content

Runners

Playbook runners offer the flexibility to designate where actions are executed. By default, actions run on the main instance, but a set of agents can also be provided and one of them will be chosen at random. This enables a playbook action to access environment specific information such as kubernetes secrets, connection details, environment variables, without having to share those to the main instance.

Runners can be set at the playbook or action level.

Runs On

delete-namespace.yaml
apiVersion: mission-control.flanksource.com/v1
kind: Playbook
metadata:
name: delete-namespace
spec:
runsOn:
- local # Main instance
- aws # agent 1
- azure # agent 2
description: Deletes namespace from all the agents and the host
configs:
- type: Kubernetes::Namespace
actions:
- name: Delete the namespace on the host
exec:
script: kubectl delete namespace {{.config.name}}
- name: Delete the namespace on the AWS agent
runsOn:
- 'aws'
exec:
script: kubectl delete namespace {{.config.name}}
- name: Delete the namespace on the Azure agent
runsOn:
- 'azure'
exec:
script: kubectl delete namespace {{.config.name}}
- name: Send notification
if: 'success()'
notification:
connection: connection://slack/flanksource
title: Namespace {{.config.name}} deleted successfully

Running playbooks on the agent that created a config item

apiVersion: mission-control.flanksource.com/v1
kind: Playbook
metadata:
name: delete-namespace
spec:
configs:
types:
- Kubernetes::Pod
runsOn:
- '{{- if .agent }}{{.agent.id}}{{ else }}local{{ end }}'

Templates On

Actions are templated by the host before it's sent to the runner for execution. This setup permits the runner to execute actions that are templated with resources exclusively available on the host, such as config items or components, checks, ... etc.

However, this configuration also inhibits the runner from templating actions with its own resources. To enable templating on the agent, you can set templatesOn: agent.

heartbeat.yaml
apiVersion: mission-control.flanksource.com/v1
kind: Playbook
metadata:
name: heartbeat
spec:
parameters:
- name: check_id
type: config
properties:
filter: heartbeat
description: Call a heartbeat endpoint
actions:
- name: send heartbeat from the agent
runsOn:
- 'aws'
templatesOn: 'agent'
exec:
# environment variables from cluster the agent is running on
env:
- name: HEARTBEAT_TOKEN
valueFrom:
secretKeyRef:
name: canary-checker-heartbeat
key: token
script: |
curl -H "Authorization: $HEARTBEAT_TOKEN" https://httpbin.demo.aws.flanksource.com/bearer