Page History
...
- A Secondary Director Agent instance specifies this setting to indicate that this instance starts as a standby node (Backup). When this setting is not in place, both instances of a Director Agent Cluster will start as standalone instances.
- This setting is relevant for initial operation only. It is independent of which Director Agent instance later on will be the active one and which instance will be the standby one.
- This setting has to be added by the user before starting a Secondary Director Agent instance.
js7 | journal | cluster | |||
|---|---|---|---|---|---|
node | |||||
Primary | <url> | ||||
Backup | <url> | ||||
is-backup | <yes>|<no> |
- This setting is used for Director Agent instances in cluster mode only, it is not used for standalone Director Agent instances.
- The registration of Primary and Secondary Director Agent instances is performed by the JOC Cockpit during initial operation.
- Therefore the only setting required for cluster operation is:
js7.journal.cluster.node.is-backup=yes: For a Secondary Director Agent instance this setting specifies that during initial operation the given instance will be the inactive standby node.
- Additional settings can be applied. However, we recommend that the JOC Cockpit is used instead.
nodesPrimary, Backup: For a Primary Director Agent instance this setting specifies the URLs of thePrimaryandBackup(Secondary) instance. The URL includes specification of the http/https protocol, the hostname and port.
- Therefore the only setting required for cluster operation is:
...
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
# Security configuration
js7 {
auth {
# User accounts for https connections
users {
# Controller ID for connections by primary/secondary Controller instance
Controller {
distinguished-names=[
"DNQ=SOS CA, CN=controller-2-0-primary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE",
"DNQ=SOS CA, CN=controller-2-0-secondary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE"
]
}
}
}
configuration {
# Locations of certificates and public keys used for signature verification
trusted-signature-keys {
PGP=${js7.config-directory}"/private/trusted-pgp-keys"
X509=${js7.config-directory}"/private/trusted-x509-keys"
}
}
job {
# Enable script execution from signed workflows
execution {
signed-script-injection-allowed = yes
}
}
web {
# Locations of keystore and truststore files for HTTPS connections
https {
keystore {
# Default: ${js7.config-directory}"/private/https-keystore.p12"
file=${js7.config-directory}"/private/https-keystore.p12"
key-password="jobscheduler"
store-password="jobscheduler"
# alias=
}
truststores=[
{
# Default: ${js7.config-directory}"/private/https-truststore.p12"
file=${js7.config-directory}"/private/https-truststore.p12"
store-password="jobscheduler"
# alias=
}
]
}
}
}
|
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
js7 {
auth {
# User accounts for https connections
users {
# DirectorAgent AgentCluster ID for connections by primary/secondary Director Agent instance
Directoragent-cluster {
distinguished-names=[
"DNQ=SOS CA, CN=director-2-0-primary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE",
"DNQ=SOS CA, CN=director-2-0-secondary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE"
]
}
}
}
} |
...
- This setting applies to the use of a Subagent with a Director Agent in an JS7 - Agent Cluster.
- Similar to a Controller that orchestrates Standalone Agents the Director Agent orchestrates Subagents.
- Subagents do not know of a Controller, they know of a Director Agent.
- Note that the
Directoragent-clusterelement name is an example that has to be replaced by the Director Agent Cluster ID which is specified with the same value during installation of the Agent Cluster. This is not the Primary and /Secondary Director Directory Agent instancesID. - This setting specifies the distinguished name names indicated with the Director Agent instance's Client Authentication certificatecertificates. The certificate acts as a replacement for a password.
- The Agent configuration specifies the distinguished names of any Director Agent instances that access the current Director Agent instance or Subagent instance by use of a Client Authentication certificate.
- Note that the common name (CN) setting in the distinguished name has to match the fully qualified domain name (FQDN) of a Director Agent instance's host.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
js7 {
auth {
# User accounts for https connections
users {
# DirectorAgent AgentCluster ID for connections by primary/secondary Director Agent instance
Directoragent-cluster {
password="plain:secret"
}
}
}
} |
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
js7 {
web {
# keystore and truststore location for https connections
https {
client-keystore {
# Default: ${js7.config-directory}"/private/https-client-keystore.p12"
file=${js7.config-directory}"/private/https-client-keystore.p12"
key-password="jobscheduler"
store-password="jobscheduler"
}
keystore {
# Default: ${js7.config-directory}"/private/https-keystore.p12"
file=${js7.config-directory}"/private/https-keystore.p12"
key-password="jobscheduler"
store-password="jobscheduler"
# alias=
}
truststores=[
{
# Default: ${js7.config-directory}"/private/https-truststore.p12"
file=${js7.config-directory}"/private/https-truststore.p12"
store-password="jobscheduler"
# alias=
}
]
}
}
} |
...
Overview
Content Tools