Page History
...
- A Secondary Director Agent instance specifies this setting to indicate that this instance starts as a standby node (Backup). When this setting is not in place, both instances of a Director Agent Cluster will start as standalone instances.
- This setting is relevant for initial operation only. It is independent of which Director Agent instance later on will be the active one and which instance will be the standby one.
- This setting has to be added by the user before starting a Secondary Director Agent instance.
js7 | journal | cluster | |||
---|---|---|---|---|---|
node | |||||
Primary | <url> | ||||
Backup | <url> | ||||
is-backup | <yes>|<no> |
- This setting is used for Director Agent instances in cluster mode only, it is not used for standalone Director Agent instances.
- The registration of Primary and Secondary Director Agent instances is performed by the JOC Cockpit during initial operation.
- Therefore the only setting required for cluster operation is:
js7.journal.cluster.node.is-backup=yes
: For a Secondary Director Agent instance this setting specifies that during initial operation the given instance will be the inactive standby node.
- Additional settings can be applied. However, we recommend that the JOC Cockpit is used instead.
nodes
Primary, Backup
: For a Primary Director Agent instance this setting specifies the URLs of thePrimary
andBackup
(Secondary) instance. The URL includes specification of the http/https protocol, the hostname and port.
- Therefore the only setting required for cluster operation is:
...
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
# Security configuration js7 { auth { # User accounts for https connections users { # Controller ID for connections by primary/secondary Controller instance Controller { distinguished-names=[ "DNQ=SOS CA, CN=controller-2-0-primary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE", "DNQ=SOS CA, CN=controller-2-0-secondary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE" ] } } } configuration { # Locations of certificates and public keys used for signature verification trusted-signature-keys { PGP=${js7.config-directory}"/private/trusted-pgp-keys" X509=${js7.config-directory}"/private/trusted-x509-keys" } } job { # Enable script execution from signed workflows execution { signed-script-injection-allowed = yes } } web { # Locations of keystore and truststore files for HTTPS connections https { keystore { # Default: ${js7.config-directory}"/private/https-keystore.p12" file=${js7.config-directory}"/private/https-keystore.p12" key-password="jobscheduler" store-password="jobscheduler" # alias= } truststores=[ { # Default: ${js7.config-directory}"/private/https-truststore.p12" file=${js7.config-directory}"/private/https-truststore.p12" store-password="jobscheduler" # alias= } ] } } } |
...
Code Block | ||||
---|---|---|---|---|
| ||||
js7 { auth { # User accounts for https connections users { # DirectorAgent AgentCluster ID for connections by primary/secondary Director Agent instance Directoragent-cluster { distinguished-names=[ "DNQ=SOS CA, CN=director-2-0-primary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE", "DNQ=SOS CA, CN=director-2-0-secondary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE" ] } } } } |
...
- This setting applies to the use of a Subagent with a Director Agent in an JS7 - Agent Cluster.
- Similar to a Controller that orchestrates Standalone Agents the Director Agent orchestrates Subagents.
- Subagents do not know of a Controller, they know of a Director Agent.
- Note that the
Director
agent-cluster
element name is an example that has to be replaced by the Director Agent Cluster ID which is specified with the same value during installation of the Agent Cluster. This is not the Primary and /Secondary Director Directory Agent instancesID. - This setting specifies the distinguished name names indicated with the Director Agent instance's Client Authentication certificatecertificates. The certificate acts as a replacement for a password.
- The Agent configuration specifies the distinguished names of any Director Agent instances that access the current Director Agent instance or Subagent instance by use of a Client Authentication certificate.
- Note that the common name (CN) setting in the distinguished name has to match the fully qualified domain name (FQDN) of a Director Agent instance's host.
...
Code Block | ||||
---|---|---|---|---|
| ||||
js7 { auth { # User accounts for https connections users { # DirectorAgent AgentCluster ID for connections by primary/secondary Director Agent instance Directoragent-cluster { password="plain:secret" } } } } |
...
Code Block | ||||
---|---|---|---|---|
| ||||
js7 { web { # keystore and truststore location for https connections https { client-keystore { # Default: ${js7.config-directory}"/private/https-client-keystore.p12" file=${js7.config-directory}"/private/https-client-keystore.p12" key-password="jobscheduler" store-password="jobscheduler" } keystore { # Default: ${js7.config-directory}"/private/https-keystore.p12" file=${js7.config-directory}"/private/https-keystore.p12" key-password="jobscheduler" store-password="jobscheduler" # alias= } truststores=[ { # Default: ${js7.config-directory}"/private/https-truststore.p12" file=${js7.config-directory}"/private/https-truststore.p12" store-password="jobscheduler" # alias= } ] } } } |
...
Overview
Content Tools