Skip to end of metadata
Go to start of metadata



Overview

These are the instructions on configuring a Linux Private Agent on Debian and RPM Linux distributions. 

For additional information on Linux Private Agents, see these resources: 

For documentation on how to accomplish certain tasks with Jitterbit Harmony Private Agents, see Private Agent How-tos

For documentation on overcoming challenges with Jitterbit Harmony Private Agents, see Private Agent Troubleshooting

Configuring an Agent

Jitterbit Harmony Private Agents cannot be started without completing the configuration step.

CAUTION:  Before running the configuration script, you must ensure that the corresponding Agent Group, Agent, and environment have been created using the Jitterbit Harmony Management Console. The configuration script will provide you with a list of agents you can configure against. If you have not already set these up, see the documentation on Agents > Agent Groups and Agents > Agents.

Starting the Jitterbit Harmony Private Agent without configuring will result in this error:

NOTE: Agent credentials have not been configured.
Run the Jitterbit configuration tool /opt/jitterbit/bin/jitterbit-config

Run the script jitterbit-config and enter the required information at the prompt:

$ sudo jitterbit-config

You will need this information:

  1. Your Jitterbit Harmony credentials (the email address and password you use to log in to Jitterbit Harmony Portal).

    CAUTION: If your organization and account use single sign-on (SSO), your normal SSO credentials will not work. You must use Harmony credentials to install Private Agent(s). See Installing a Private Agent in Registering and Logging In Using Jitterbit Harmony SSO for more information.
  2. The name of the organization that you are installing the agent for.

    NOTE: You must be a member of an organization role that has either Admin or Agent-Install permissions. See Organizations and the section on Managing Permissions, Roles, and Members for more information.
  3. The name of the Agent Group that the agent will be assigned to.
  4. The name of the agent that you are installing as. 

    NOTE: The script will display the list of agents that are not running.

Here is an example of running the configuration script:

jitterbit-config
Please enter your Jitterbit Harmony user name
This is the email that you used to register on the Jitterbit Harmony platform
Enter your Jitterbit Harmony user name: john.doe@example.com
You entered: john.doe@example.com
Please enter your Jitterbit Harmony password: 
There is only one organization available
Do you want to use 'Example, Inc' [y/n]: y
Select agent group:
[1] Agent Group 1
[2] Agent Group 2
Please select an agent group [1-2]: 1
You selected: Agent Group 1
Select agent:
[1] Linux Agent 1
[2] Linux Agent 2
Please select an agent [1-2]: 2
You selected: Linux Agent 2

Agent successfully configured
Restart your agent for the changes to take effect

As noted in the script, you must restart the Private Agent in order for the configuration to take effect. For information on restarting a Private Agent, see Restarting a Linux Private Agent.

Advanced Configuration Options

Using SELinux

The Jitterbit Harmony Private Agent installation process will add a SELinux configuration that allows Jitterbit Harmony Private Agent to be installed on SELinux kernels. However, it may interfere with the Jitterbit Harmony Private Agent database (PostgreSQL). If you are unable to successfully install and configure the Jitterbit Harmony Private Agent, you must disable SELinux.

Use this command to verify if SELinux is enabled:

$ /usr/sbin/sestatus

To disable SELinux you must edit the /etc/sysconfig/selinux file to read SELINUX=disabled and restart your system.

Configuring PostgreSQL

Jitterbit Harmony Private Agent includes a PostgreSQL database bundled with the installation. The database instance is created during the installation and is configured to run on port 46914.

You can configure the Jitterbit Harmony Private Agent to be configured against a separate PostgreSQL database by running the configuration script with the -c option:

$ sudo /opt/jitterbit/bin/jitterbit-config -c

You will need the PostgreSQL configuration. When configuring the PostgreSQL database, an ODBC driver PostgreSQL-jitterbit is installed. We recommend using this driver and not default to the PostgreSQL driver included with the Linux distribution.

Reconfiguring Jitterbit Harmony Private Agent

You can configure an existing Jitterbit Harmony Private Agent to run as a different agent (such as in a different Agent Group). To do this, you must stop the services, reinitialize the Jitterbit Harmony Private Agent database, and run the configuration script again. Use these commands in this particular sequence (note that all the commands must be run as root):

$ sudo jitterbit stop
$ sudo jitterbit initdb
$ sudo jitterbit-config
$ sudo jitterbit start

Once the Jitterbit Harmony Private Agent is restarted, it is automatically synchronized to be able to process all operations serviced by the new Agent Group.

Adding Certificates to Private Agent Keystore

Jitterbit Harmony Private Agents use standard HTTPS to communicate securely over the internet. All Private Agents are installed with a trusted keystore containing all of the certificates that are needed to communicate securely.

A new certificate may be added by the user to the Private Agent keystore. The ability to add a new certificate is important if a Private Agent is configured to use a proxy server. Any certificates originating from the proxy server that need to be included in the Private Agent keystore may be added to allow the Private Agent to communicate securely through the proxy server. 

For configuring the Jitterbit Harmony Private Agent to use a proxy server, see Enabling Proxy for Private Agents.

  • Java KeyStore (JKS): Private Agents use the standard Java KeyStore (JKS) repository bundled with Java as the repository of all certificates. The keystore is named "cacerts" and by default is located at: 

    /opt/jitterbit/jre/lib/security/cacerts
  • Default Password: The default password for the Private Agent keystore is the default password for any JKS, which is "changeit".  We recommend that you change the password using this command, replacing <new_storepass> with the new password:

    $ sudo /opt/jitterbit/jre/bin/keytool -storepasswd -new <new_storepass> -keystore /opt/jitterbit/jre/lib/security/cacerts
  • List of Certificates: This command will list all of the certificates in the Private Agent's keystore:

    $ sudo /opt/jitterbit/jre/bin/keytool -list -keystore /opt/jitterbit/jre/lib/security/cacerts
  • Add a New Certificate: Use this command to add a new certificate to the Private Agent's keystore, substituting for <alias> and <certfile>:

    $ sudo /opt/jitterbit/jre/bin/keytool -importcert -trustcacerts -alias <alias> -file <certfile> -keystore /opt/jitterbit/jre/lib/security/cacerts
  • Configure a Private Agent to Not Accept All Certificates By Default: When installing a Private Agent using a proxy server, all certificates are accepted by default to speed up the installation and development processes. If you do not want to accept all certificates by default, these steps are recommended before deploying an agent to production:

    1. Add the list of certificates originating from the proxy server using the command above to add a new certificate.
    2. Configure the Private Agent to validate against the list of certificates in its keystore:

      $ sudo jitterbit-utils --verify-proxy-cert

Using Anti-Virus Software

 It is possible to use an anti-virus software with a Private Agent. To do so, you must exclude the <JITTERBIT_HOME> and PostgreSQL directories located under /opt/jitterbit/

Next Steps

For additional information on Linux Private Agents, see these resources: 

For documentation on how to accomplish certain tasks with Jitterbit Harmony Private Agents, see Private Agent How-tos

For documentation on overcoming challenges with Jitterbit Harmony Private Agents, see Private Agent Troubleshooting


  • No labels