Skip to Content

Configure a Linux Jitterbit private agent

Overview

These are the instructions on configuring a Linux private agent on Debian and RPM Linux distributions.

For additional information on Linux private agents, see these resources:

For documentation on how to accomplish certain tasks with Jitterbit private agents, see Private agent how-tos.

For documentation on overcoming challenges with Jitterbit private agents, see Private agent troubleshooting.

Important

Jitterbit private agents installed on Microsoft Azure servers require a reduced agent heartbeat interval.

Configure an agent

Jitterbit private agents cannot be started without completing the configuration step.

Caution

Before running the configuration script, you must ensure that the corresponding agent group, agent, and environment have been created in the Management Console Agents page. The configuration script will provide you with a list of agents you can configure against.

Starting the Jitterbit private agent without configuring will result in this error:

NOTE: Agent credentials have not been configured.
Run the Jitterbit configuration tool /opt/jitterbit/bin/jitterbit-config

Run the script jitterbit-config and enter the required information at the prompt:

$ sudo jitterbit-config

You will need this information:

  1. Your Harmony credentials (the email address and password you use to log in to the Harmony portal).

    Caution

    If your organization and account use single sign-on (SSO), your normal SSO credentials will not work. You must use Harmony credentials to install private agent(s).

  2. The name of the organization that you are installing the agent for.

    Note

    You must be a member of a role that has either Admin or Agent-Install permissions.

  3. The name of the agent group that the agent will be assigned to.

  4. The name of the agent that you are installing as.

    Note

    The script will display the list of agents that are not running.

Here is an example of running the configuration script:

jitterbit-config
Please enter your Jitterbit Harmony user name
This is the email that you used to register on the Jitterbit Harmony platform
Enter your Jitterbit Harmony user name: john.doe@example.com
You entered: john.doe@example.com
Please enter your Jitterbit Harmony password:
There is only one organization available
Do you want to use 'Example, Inc' [y/n]: y
Select agent group:
[1] Agent Group 1
[2] Agent Group 2
Please select an agent group [1-2]: 1
You selected: Agent Group 1
Select agent:
[1] Linux Agent 1
[2] Linux Agent 2
Please select an agent [1-2]: 2
You selected: Linux Agent 2

Agent successfully configured
Restart your agent for the changes to take effect

As noted in the script, you must restart the private agent in order for the configuration to take effect. For information on restarting a private agent, see Restart a Linux private agent.

Advanced configuration options

Using SELinux

The Jitterbit private agent installation process will add a SELinux configuration that allows Jitterbit private agent to be installed on SELinux kernels. However, it may interfere with the Jitterbit private agent database (PostgreSQL). If you are unable to successfully install and configure the Jitterbit private agent, you must disable SELinux.

Use this command to verify if SELinux is enabled:

$ /usr/sbin/sestatus

To disable SELinux you must edit the /etc/sysconfig/selinux file to read SELINUX=disabled and restart your system.

Configure PostgreSQL

Jitterbit private agent includes a PostgreSQL database bundled with the installation. The database instance is created during the installation and is configured to run on port 46914.

The version of the existing PostgreSQL database must match that expected by the agent version:

  • For 11.0 Linux private agents and later, an existing PostgreSQL database that is version 14.5-1 has been confirmed to work. Other 14.x PostgreSQL versions are expected to work but have not been tested.
  • For 10.x Linux private agents that are at least 10.37, the existing PostgreSQL database must be version 9.6.x.

You can configure the Jitterbit private agent to be configured against a separate PostgreSQL database by running the configuration script with the -c option:

$ sudo /opt/jitterbit/bin/jitterbit-config -c

You will need the PostgreSQL configuration. When configuring the PostgreSQL database, an ODBC driver PostgreSQL-jitterbit is installed. We recommend using this driver and not default to the PostgreSQL driver included with the Linux distribution.

Reconfigure Jitterbit private agent

You can configure an existing Jitterbit private agent to run as a different agent (such as in a different agent group). To do this, you must stop the services, reinitialize the Jitterbit private agent database, and run the configuration script again. Use these commands in this particular sequence (note that all the commands must be run as root):

$ sudo jitterbit stop
$ sudo jitterbit initdb
$ sudo jitterbit-config
$ sudo jitterbit start

Once the Jitterbit private agent is restarted, it is automatically synchronized to be able to process all operations serviced by the new agent group.

Add certificates to private agent keystore

Jitterbit private agents use standard HTTPS to communicate securely over the internet. All private agents are installed with a trusted keystore containing all of the certificates that are needed to communicate securely.

A new certificate may be added by the user to the private agent keystore. The ability to add a new certificate is important if a private agent is configured to use a proxy server. Any certificates originating from the proxy server that need to be included in the private agent keystore may be added to allow the private agent to communicate securely through the proxy server.

For configuring the Jitterbit private agent to use a proxy server, see Enabling proxy for private agents.

  • Java KeyStore (JKS): Private agents use the standard Java KeyStore (JKS) repository bundled with Java as the repository of all certificates. The keystore is named "cacerts" and by default is located at:

    /opt/jitterbit/jre/lib/security/cacerts
    
  • Default Password: The default password for the private agent keystore is the default password for any JKS, which is "changeit". We recommend that you change the password using this command, replacing <new_storepass> with the new password:

    $ sudo /opt/jitterbit/jre/bin/keytool -storepasswd -new <new_storepass> -keystore /opt/jitterbit/jre/lib/security/cacerts
    
  • List of Certificates: This command will list all of the certificates in the private agent's keystore:

    $ sudo /opt/jitterbit/jre/bin/keytool -list -keystore /opt/jitterbit/jre/lib/security/cacerts
    
  • Add a New Certificate: Use this command to add a new certificate to the private agent's keystore, substituting for <alias> and <certfile>:

    $ sudo /opt/jitterbit/jre/bin/keytool -importcert -trustcacerts -alias <alias> -file <certfile> -keystore /opt/jitterbit/jre/lib/security/cacerts
    
  • Configure a private agent to Not Accept All Certificates By Default: When installing a private agent using a proxy server, all certificates are accepted by default to speed up the installation and development processes. If you do not want to accept all certificates by default, see the instructions under Configure a private agent to not accept all certificates by default in Adding certificates to keystore for private agents.

Use anti-virus software

It is possible to use an anti-virus software with a private agent. To do so, you must exclude the \<JITTERBIT_HOME> and PostgreSQL directories located under /opt/jitterbit/.

Next steps

For additional information on Linux private agents, see these resources:

For documentation on how to accomplish certain tasks with Jitterbit private agents, see Private agent how-tos.

For documentation on overcoming challenges with Jitterbit private agents, see Private agent troubleshooting.