_images/login_button.png _images/signup_button.png



Self Hosted Agent Pools

By default, when executing a Terraform run in scalr.io, it will execute on a shared pool of resources that is maintained by Scalr. This method suffices for the majority of use cases, but sometimes there are use cases due to security, compliance, or network requirements that require the runs to be executed on a self-hosted pool of agents. The Scalr self-hosted agent pools are deployed on your infrastructure, fully encrypted, and will only need network access back to Scalr.io to report the run results. Scalr.io will never need network access back to the agent.

Configuring Agent Pools

Prerequisites:

  • Agents can be deployed on RHEL or CentOS 7 server. Support for other operating systems will be released in the future.

  • The agents must have HTTPS connections to *scalr.io and *docker.io

Agent pools can be created at the account or environment scope. If a pool is created at the account scope, all environments and workspaces within those environments will have access to use the pool. If a pool is created at the environment scope, then only the workspaces in that environment can use that pool.

To create a pool, click on the Scalr icon on the top left of your screen and select “Agent Pools”:

Account scope:

_images/account_pool.png

Environment scope:

_images/env_pool.png

Click “New Agent Pool”, which will ask you to name that pool. Once you click create, Scalr will provide instructions on how to setup the agent:

_images/agent_setup.png

The agent requires the token and url to be provided.

At this point, you can choose to assign workspaces to the agent pool or do so at the time you create a workspace:

Agent pool page:

_images/link_workspaces.png

Link in the workspace:

_images/enable_agent_workspace.png

Managing Agent Pools

Once a pool is created, you can check the status of the agent by going back to the “Agent Pool” page and selecting your pool:

_images/agent_pool_maintenance.png

The logs for the agents can be seen by running journalctl -xe -u scalr-agent on the instance that the agent is running on.

Each pool can be managed individually and only deleted if the pool is not linked to a workspace.

_images/agent_pool_maintenance2.png

Run the Agent as Root

Agents can be updated to run as root giving you the privilege to configure (i.e. add apt repositories, install software via apt-get, add rootCA certificates, etc…) the container through local-exec. To configure the agent as root, run the following commands:

sudo scalr-agent configure --user=root
sudo systemctl daemon-reload scalr-agent
sudo systemctl restart scalr-agent # if agent is already running
sudo systemctl start scalr-agent # if agent is not running

In future release, you will be able to fully customize the Docker images that are running on the agent.

Coming Soon

In a future release, Scalr will be able to restrict and enforce which environments use which pools from the account scope.