Page History
...
Code Block | ||||
---|---|---|---|---|
| ||||
Usage: js7_install_agent.sh [Options] [Switches]
Installation Options:
--home=<directory> | required: directory to which the Agent will be installed
--data=<directory> | optional: directory for Agent data files, default: <home>/var_4445
--config=<directory> | optional: directory from which the Agent reads configuration files, default: <data>/config
--logs=<directory> | optional: directory to which the Agent writes log files, default: <data>/logs
--work=<directory> | optional: working directory of the Agent, default: <data>
--user=<account> | optional: user account for Agent daemon, default: $USER
--home-owner=<account[:group]> | optional: account and optionally group owning the home directory, requires root or sudo permissions
--data-owner=<account[:group]> | optional: account and optionally group owning the data directory, requires root or sudo permissions
--release=<release-number> | optional: release number such as 2.5.0 for download if --tarball is not used
--tarball=<tar-gz-archive> | optional: the path to a .tar.gz archive that holds the Agent installation or patch tarball,
| if not specified the Agent tarball will be downloaded from the SOS web site
--patch=<issue-key> | optional: identifies a patch for an existing Agent installation
--jar=<jar-file> | optional: the path to a .jar file that holds the patch
--license-key=<key-file> | optional: specifies the path to a license key file to be installed
--license-bin=<binary-file> | optional: specifies the path to the js7-license.jar binary file for licensed code to be installed
| if not specified the file will be downloaded from the SOS web site
--http-port=<port> | optional: specifies the http port the Agent will be operated for, default: 4445
port can be prefixed by network interface, e.g. localhost:4445
--https-port=<port> | optional: specifies the https port the Agent will be operated for
port can be prefixed by network interface, e.g. batch.example.com:4445
--pid-file-dir=<directory> | optional: directory to which the Agent writes its PID file, default: <data>/logs
--pid-file-name=<file-name> | optional: file name used by the Agent to write its PID file, default: agent.pid
--instance-script=<file> | optional: path to the Instance Start Script that will be copied to the Agent, default <home>/bin/<instance-script>
--backup-dir=<directory> | optional: backup directory for existing Agent home directory
--log-dir=<directory> | optional: log directory for log output of this script
--exec-start=<command> | optional: command to start the Agent, e.g. 'StartService'
--exec-stop=<command> | optional: command to stop the Agent, e.g. 'StopService'
--return-values=<file> | optional: path to a file that holds return values such as the path to a log file
Configuration Options:
--deploy-dir=<dir>[,<dir>] | optional: deployment directory from which configuration files are copied to the Agent
--agent-conf=<file> | optional: path to a configuration file that will be copied to <config>/agent.conf
--private-conf=<file> | optional: path to a configuration file that will be copied to <config>/private/private.conf
--controller-id=<identifier> | optional: Controller ID, default: controller
--controller-primary-cert=<file> | optional: path to Primary/Standalone Controller certificate file
--controller-secondary-cert=<file> | optional: path to Secondary Controller certificate file
--agent-cluster-id=<identifier> | optional: Agent Cluster ID, default: agent
--director-primary-cert=<file> | optional: path to Primary/Standalone Director Agent certificate file
--director-secondary-cert=<file> | optional: path to Secondary Director Agent certificate file
--keystore=<file> | optional: path to a PKCS12 keystore file that will be copied to <config>/private/
--keystore-password=<password> | optional: password for access to keystore
--keystore-alias=<alias> | optional: alias name for keystore entry
--client-keystore=<file> | optional: path to a PKCS12 client keystore file that will be copied to <config>/private/
--client-keystore-password=<pass> | optional: password for access to the client keystore
--client-keystore-alias=<alias> | optional: alias name for client keystore entry
--truststore=<file> | optional: path to a PKCS12 truststore file that will be copied to <config>/private/
--truststore-password=<password> | optional: password for access to truststore
--java-home=<directory> | optional: Java Home directory for use with the Instance Start Script
--java-options=<options> | optional: Java Options for use with the Instance Start Script
--service-dir=<directory> | optional: systemd service directory, default: /usr/lib/systemd/system
--service-file=<file> | optional: path to a systemd service file that will be copied to <home>/bin/
--service-name=<identifier> | optional: name of the systemd service to be created, default js7_agent_<http-port>
Switches:
-h | --help | displays usage
--force-sudo | forces use of sudo for operations on directories
--active | makes Director Agent instance the default active node in an Agent Cluster
--standby | makes Director Agent instance the default standby node in an Agent Cluster
--no-yade | excludes YADE from Agent installation
--no-install | skips Agent installation, performs configuration updates only
--use-install | uses existing Agent installation, populates data directory and creates service
--uninstall | uninstalls Agent and removes <home> and <data> directories
--uninstall_home | uninstalls Agent and removes <home> directory only
--uninstall_data | uninstalls Agent and removes <data> directory only
--show-logs | shows log output of the script
--make-dirs | creates the specified directories if they do not exist
--make-service | creates the systemd service for the Agent
--move-libs | moves an existing Agent's lib directory instead of removing the directory
--remove-journal | removes an existing Agent's state directory that holds the journal files
--restart | stops a running Agent and starts the Agent after installation
--abort | aborts a running Agent if used with the --restart switch
--kill | kills a running Agent if used with the --restart switch |
...
Code Block | ||||
---|---|---|---|---|
| ||||
curl 'https://download.sos-berlin.com/JobScheduler.2.6/js7_agent_unix.2.6.0.tar.gz' \
-o /tmp/js7_agent_unix.2.6.0.tar.gz
curl 'https://download.sos-berlin.com/JobScheduler.2.6/js7-license.jar' \
-o /tmp/js7-license.jar
./js7_install_agent.sh \
--tarball=/tmp/js7_agent_unix.2.6.0.tar.gz \
--home=/opt/sos-berlin.com/js7/agent \
--data=/var/sos-berlin.com/js7/agent_4445 \
--controller-id=controller \
--agent-cluster-id=agent \
--http-port=localhost:4445 \
--https-port=batch.example.com:4445 \
--license-key=/home/sos/agent-deployment/example.pem \
--license-bin=/tmp/js7-license.jar \
--private-conf=/home/sos/agent-deployment/private.conf-template-agent \
--controller-primary-cert=/home/sos/agent-deployment/centostest-primary.crt \
--controller-secondary-cert=/home/sos/agent-deployment/centostest-secondary.crt \
--director-primary-cert=/home/sos/agent-deployment/centostest-primary.crt \
--director-secondary-cert=/home/sos/agent-deployment/centostest-secondary.crt \
--keystore=/home/sos/agent-deployment/https-keystore.p12 \
--keystore-password="jobscheduler" \
--truststore=/home/sos/agent-deployment/https-truststore.p12 \
--truststore-password="jobscheduler" \
--make-dirs
# downloads the release tarball from the SOS Web Site using curl
# downloads the binary file for licensed code to enable cluster operations
# extracts the release tarball to the Agent's home directory
# specifies the Controller ID of the Controller to which the Agent is dedicated
# specifies the Agent Cluster ID
# specifies HTTP port 4445 on the localhost network interface and the same HTTPS port on the server network interface
# specifies the paths to the Primary and Secondary Controller's server certificates if a Controller Cluster is used
# for a Standalone Controller the --controller-secondary-cert option is omitted
# deploys the Agent private configuration file which holds references to keystore and truststore
# deploys keystore and truststore files
# stops and starts the Agent's systemd service |
...
Code Block | ||||
---|---|---|---|---|
| ||||
curl 'https://download.sos-berlin.com/JobScheduler.2.6/js7_agent_unix.2.6.0.tar.gz' \
-o /tmp/js7_agent_unix.2.6.0.tar.gz
curl 'https://download.sos-berlin.com/JobScheduler.2.6/js7-license.jar' \
-o /tmp/js7-license.jar
./js7_install_agent.sh \
--tarball=/tmp/js7_agent_unix.2.6.0.tar.gz \
--home=/opt/sos-berlin.com/js7/agent \
--data=/var/sos-berlin.com/js7/agent_4445 \
--controller-id=controller \
--agent-cluster-id=agent \
--http-port=localhost:4445 \
--https-port=batch.example.com:4445 \
--license-key=/home/sos/agent-deployment/example.pem \
--license-bin=/tmp/js7-license.jar \
--private-conf=/home/sos/agent-deployment/private.conf-template-agent \
--controller-primary-cert=/home/sos/agent-deployment/centostest-primary.crt \
--controller-secondary-cert=/home/sos/agent-deployment/centostest-secondary.crt \
--director-primary-cert=/home/sos/agent-deployment/centostest-primary.crt \
--director-secondary-cert=/home/sos/agent-deployment/centostest-secondary.crt \
--keystore=/home/sos/agent-deployment/https-keystore.p12 \
--keystore-password="jobscheduler" \
--truststore=/home/sos/agent-deployment/https-truststore.p12 \
--truststore-password="jobscheduler" \
--standby \
--make-dirs
# parameterization is the same as from the previous example for a Primary Director Agent
# the one exception being use of the --standby switch |
...
<config>/private/private.conf
Replacements are performed for the following placeholders by respective option values:
Placeholder Option Value {{controller-id}}
--controller-id
{{controller-primary-distinguished-name}}
--controller-primary-cert
{{controller-secondary-distinguished-name}}
--controller-secondary-cert
{{agent-cluster-id}}
--agent-cluster-id
{{director-primary-distinguished-name}}
--director-primary-cert
{{director-secondary-distinguished-name}}
--director-secondary-cert
{{keystore-file}}
--keystore
{{keystore-password}}
--keystore-password
{{keystore-alias}}
--keystore-alias
{{client-keystore-file}}
--client-keystore
{{client-keystore-password}}
--client-keystore-password
{{client-keystore-alias}}
--client-keystore-alias
{{truststore-file}}
--truststore
{{truststore-password}}
--truststore-password
Find a template for a
private.conf
file using placeholders for HTTPS mutual authentication:Code Block language yml title private.conf template file with placeholders collapse true js7 { auth { users { # Controller ID for connections by primary/secondary Controller instance {{controller-id}} { distinguished-names=[ "{{controller-primary-distinguished-name}}", "{{controller-secondary-distinguished-name}}" ] } # Agent Cluster ID for connections by primary/secondary Director Agent instancesinstance {{agent-cluster-id}} { distinguishedpermissions = [ AgentDirector ] distinguished-names=[ "{{director-primary-distinguished-name}}", "{{director-secondary-distinguished-name}}" ] } } } configuration { # Locations of certificates and public keys used for signature verification trusted-signature-keys { # PGP=${js7.config-directory}"/private/trusted-pgp-keys" X509=${js7.config-directory}"/private/trusted-x509-keys" } } job { # Enable script execution from signed workflows^M execution { signed-script-injection-allowed=yes } } web { # Locations of keystore and truststore files for HTTPS connections https { keystore { # Default: ${js7.config-directory}"/private/https-keystore.p12" file=${js7.config-directory}"/private/{{keystore-file}}" key-password="{{keystore-password}}" store-password="{{keystore-password}}" # alias="{{keystore-alias}}" } client-keystore { # Default: ${js7.config-directory}"/private/https-client-keystore.p12" file=${js7.config-directory}"/private/{{client-keystore-file}}" key-password="{{client-keystore-password}}" store-password="{{client-keystore-password}}" # alias="{{client-keystore-alias}}" } truststores=[ { # Default: ${js7.config-directory}"/private//https-truststore.p12" file=${js7.config-directory}"/private/{{truststore-file}}" store-password="{{truststore-password}}" } ] } } }
...
Overview
Content Tools