Configure a Linux Private Agent¶

Overview¶

These are the instructions on configuring a Linux Private Agent on Debian and RPM Linux distributions.

For additional information on Linux Private Agents, see these resources:

• Installing a Harmony Linux Agent (Debian or RPM)
• Restarting a Linux Private Agent
• Upgrading or Uninstalling a Linux Private Agent

For documentation on how to accomplish certain tasks with Harmony Private Agents, see Private Agent How-tos.

For documentation on overcoming challenges with Harmony Private Agents, see Private Agent Troubleshooting.

Configuring an Agent¶

Harmony Private Agents cannot be started without completing the configuration step.

NOTE: Agent credentials have not been configured.
Run the Jitterbit configuration tool /opt/jitterbit/bin/jitterbit-config

Run the script jitterbit-config and enter the required information at the prompt:

$ sudo jitterbit-config

You will need this information:

1. Your Harmony credentials (the email address and password you use to log in to the Harmony Portal).

   Caution

   If your organization and account use single sign-on (SSO), your normal SSO credentials will not work. You must use Harmony credentials to install Private Agent(s). See Installing a Private Agent in Registering and Logging In Using Harmony SSO for more information.

2. The name of the organization that you are installing the agent for.

   Note

   You must be a member of an organization role that has either Admin or Agent-Install permissions. See Organizations and the section on Managing Permissions, Roles, and Members for more information.

3. The name of the Agent Group that the agent will be assigned to.

4. The name of the agent that you are installing as.

   Note

   The script will display the list of agents that are not running.

Here is an example of running the configuration script:

jitterbit-config
Please enter your Jitterbit Harmony user name
This is the email that you used to register on the Jitterbit Harmony platform
Enter your Jitterbit Harmony user name: john.doe@example.com
You entered: john.doe@example.com
Please enter your Jitterbit Harmony password:
There is only one organization available
Do you want to use 'Example, Inc' [y/n]: y 
Select agent group:
[1] Agent Group 1
[2] Agent Group 2
Please select an agent group [1-2]: 1 
You selected: Agent Group 1
Select agent:
[1] Linux Agent 1
[2] Linux Agent 2
Please select an agent [1-2]: 2 
You selected: Linux Agent 2

Agent successfully configured
Restart your agent for the changes to take effect

As noted in the script, you must restart the Private Agent in order for the configuration to take effect. For information on restarting a Private Agent, see Restarting a Linux Private Agent.

Advanced Configuration Options¶

Using SELinux¶

The Harmony Private Agent installation process will add a SELinux configuration that allows Harmony Private Agent to be installed on SELinux kernels. However, it may interfere with the Harmony Private Agent database (PostgreSQL). If you are unable to successfully install and configure the Harmony Private Agent, you must disable SELinux.

Use this command to verify if SELinux is enabled:

$ /usr/sbin/sestatus

To disable SELinux you must edit the /etc/sysconfig/selinux file to read SELINUX=disabled and restart your system.

Configuring PostgreSQL¶

Harmony Private Agent includes a PostgreSQL database bundled with the installation. The database instance is created during the installation and is configured to run on port 46914.

The version of the existing PostgreSQL database must match that expected by the agent version:

• For 11.0 Linux Private Agents and later, an existing PostgreSQL database that is version 14.5-1 has been confirmed to work. Other 14.x PostgreSQL versions are expected to work but have not been tested.
• For 10.x Linux Private Agents that are at least 10.37, the existing PostgreSQL database must be version 9.6.x.

You can configure the Harmony Private Agent to be configured against a separate PostgreSQL database by running the configuration script with the -c option:

$ sudo /opt/jitterbit/bin/jitterbit-config -c

You will need the PostgreSQL configuration. When configuring the PostgreSQL database, an ODBC driver PostgreSQL-jitterbit is installed. We recommend using this driver and not default to the PostgreSQL driver included with the Linux distribution.

Reconfiguring Harmony Private Agent¶

You can configure an existing Harmony Private Agent to run as a different agent (such as in a different Agent Group). To do this, you must stop the services, reinitialize the Jitterbit Harmony Private Agent database, and run the configuration script again. Use these commands in this particular sequence (note that all the commands must be run as root):

$ sudo jitterbit stop
$ sudo jitterbit initdb
$ sudo jitterbit-config
$ sudo jitterbit start

Once the Harmony Private Agent is restarted, it is automatically synchronized to be able to process all operations serviced by the new Agent Group.

Adding Certificates to Private Agent Keystore¶

Harmony Private Agents use standard HTTPS to communicate securely over the internet. All Private Agents are installed with a trusted keystore containing all of the certificates that are needed to communicate securely.

A new certificate may be added by the user to the Private Agent keystore. The ability to add a new certificate is important if a Private Agent is configured to use a proxy server. Any certificates originating from the proxy server that need to be included in the Private Agent keystore may be added to allow the Private Agent to communicate securely through the proxy server.

For configuring the Harmony Private Agent to use a proxy server, see Enabling Proxy for Private Agents.

• Java KeyStore (JKS): Private Agents use the standard Java KeyStore (JKS) repository bundled with Java as the repository of all certificates. The keystore is named "cacerts" and by default is located at:

  /opt/jitterbit/jre/lib/security/cacerts
  

• Default Password: The default password for the Private Agent keystore is the default password for any JKS, which is "changeit". We recommend that you change the password using this command, replacing <new_storepass> with the new password:

  $ sudo /opt/jitterbit/jre/bin/keytool -storepasswd -new <new_storepass> -keystore /opt/jitterbit/jre/lib/security/cacerts
  

• List of Certificates: This command will list all of the certificates in the Private Agent's keystore:

  $ sudo /opt/jitterbit/jre/bin/keytool -list -keystore /opt/jitterbit/jre/lib/security/cacerts
  

• Add a New Certificate: Use this command to add a new certificate to the Private Agent's keystore, substituting for <alias> and <certfile>:

  $ sudo /opt/jitterbit/jre/bin/keytool -importcert -trustcacerts -alias <alias> -file <certfile> -keystore /opt/jitterbit/jre/lib/security/cacerts
  

• Configure a Private Agent to Not Accept All Certificates By Default: When installing a Private Agent using a proxy server, all certificates are accepted by default to speed up the installation and development processes. If you do not want to accept all certificates by default, see the instructions under Configure a Private Agent to Not Accept All Certificates By Default in Adding Certificates to Keystore for Private Agents.

Using Anti-Virus Software¶

It is possible to use an anti-virus software with a Private Agent. To do so, you must exclude the \<JITTERBIT_HOME> and PostgreSQL directories located under /opt/jitterbit/.

Next Steps¶

For additional information on Linux Private Agents, see these resources:

• Installing a Harmony Linux Agent (Debian or RPM)
• Restarting a Linux Private Agent
• Upgrading or Uninstalling a Linux Private Agent

For documentation on how to accomplish certain tasks with Harmony Private Agents, see Private Agent How-tos.

For documentation on overcoming challenges with Harmony Private Agents, see Private Agent Troubleshooting.