Server and agent communication configuration

This topic describes the communication between Deployment Automation server and agents.

Agent-server communication overview

Servers and agents communicate either directly or through an agent relay. If an agent relay is used, the agent connects to the server through the agent relay, and the agent relay manages the requests to the server.

If your agents are dispersed across geographic locations or must communicate through firewalls, you need to configure the agents to connect to the server through agent relays. Also use agent relays to manage network traffic in implementations where you have many agents, even if they are on the same network and don't have to go through firewalls.

When a JMS connection is established between the server and the agent, regardless of whether an agent relay is used, the connection remains open as long as the entities involved are online. The server provides HTTP endpoints that the agents trigger to perform service operations.

Here are the most common HTTP operations, which agents initiate by default:

  • Download plugins
  • Check plugin versions
  • Upload log steps
  • Download files
  • Upload files

You can configure agent-server communication in several ways:

  • Agent-to-Server: To configure your agents to communicate directly with the server, when installing the agents, point the agents to the server.

  • Agent-initiated with Agent Relay: To configure your agents and servers for agent-initiated HTTP communication through agent relays, do the following:

    • When installing and configuring the agent relays, enter Y when prompted for whether to connect to the server. This is the default setting. When a process is running, the agent relay will connect to the server.
    • When installing the agents, point the agents to the agent relay instead of directly to the server.
  • Server-initiated with Agent Relay: To configure your agents and servers for server-initiated HTTP communication, do the following:

    • When installing and configuring the agent relays, enter n when prompted for whether to connect to the server. When a process is running, the server will connect to the agent relay.
    • When installing the agents, point the agents to the agent relay instead of directly to the server.

      Note: You can configure agents to authenticate using PKI certificates for greater security. See Configure PKI Certificate authentication.

The next sections describe the types of communication through agent relays.

Back to top

Agent-initiated HTTP communication through agent relays

You can configure agents and agent relays so that all HTTP communication between the agent and server is initiated by the agents.

The following diagram displays agent-initiated HTTP communication using agent relays:

image

Tip: The agent relay installation option that controls this is Connect the agent relay to a central server. For this scenario, set it to Y.

Back to top

Server-initiated HTTP communication through agent relays

You can configure agents and agent relays so that the server initiates the upload of HTTP requests over a designated size. This enables the server to control the traffic across the network and make sure that the volume of incoming requests from many agents does not overload the network. The agent still initiates the HTTP request as part of the process being executed, and a certain amount of information is passed through to the server on every request. However, the agent relay suspends any HTTP requests that are too large to pass through directly and enables the server to process them when it is ready.

Note:  

  • This type of communication is sometimes referred to as unidirectional communication, and the agent relay is referred to as passive, because the server is initiating and regulating the HTTP communication.
  • Only the inbound JMS port needs to be opened and the server initiates all communications over the JMS tunnel.

The following diagram displays server-initiated HTTP communication using agent relays:

image

  1. Agents send concurrent requests through HTTP. Requests 1a, 1b and 1c are processed concurrently, but the diagram displays only the processing of request 1a.
  2. Every request coming to an agent relay from an agent will be put on hold before the response from the server is provided. All the requests coming from agents will be queued on an agent relay. The agent relay processes the requests and assigns an internal ID to each of them.
  3. The server periodically polls the agent relay, and detects that the agent relay has an incoming request. The agent relay sends the request ID information to the server using JMS.
  4. When the server receives the request ID, it sends an HTTP request to get the request body from the agent relay.

    Depending on the size of the initial request, this step may be omitted. For small requests, the body can be transferred using JMS during the previous step.

  5. After the server receives the body of the request, it processes it as needed.
  6. After processing the request, the server sends the response to the agent relay.
  7. The agent relay returns the response to the agent from the agent relay using HTTP.

Tip: The agent relay installation option that controls this is Connect the agent relay to a central server. For this scenarios, set it to n.

Back to top

See also: