Child pages
  • Agent Properties

This is the documentation of the release 2.2 of automaIT. The documentation of the latest stable release can be found at AUTOMAIT.

Skip to end of metadata
Go to start of metadata

The following properties may be used to configure the agent. These must be set in the config.properties file in the root directory of the agent.

Example:

config.properties
agent.remote.update.enabled=false

Product Version: 2.2.0

 

Property key

Type

Default value

Category

Description

 

action.execution.timeout

duration

5m

INTERNAL

maximum time to wait for an update action to execute

 

agent.base.dir

path

INTERNAL

absolute path to the agent installation directory

 

agent.config.file

path

INTERNAL

absolute path to the agent configuration file

 

agent.remote.update.enabled

[ true, false ]

true

STANDARD

configures if agent remote updates are enabled or not

 

compressed.file.extraction.buffer.size

byte size

1M

INTERNAL

Size of temporary buffer for extracting compressed files

 

file.io.tmp.dir

path

${java.io.tmpdir}

STANDARD

agent temporary directory used for file handling

 

http.client.connection.acquisition.timeout

duration

20s

EXPERT

maximum time to wait for client-side HTTP connection acquisition
Details: This value limits the waiting time, in case the number of currently available HTTP connections reaches zero. Any new connection request will be aborted after the time configured hereby.

 

http.client.connection.so.timeout

duration

5m

EXPERT

maximum time to wait for data read from an established HTTP connection
Details: This value limits the time to wait for data on an established HTTP connection, that is the maximum time before any data must be sent from the server side.

 

http.client.connection.stale.check

[ true, false ]

false

INTERNAL

enables or disables HTTP connection stale checking
Details: Stale checks are performed prior to sending a request in order to determine if an HTTP connection is valid. However, stale checks represent an expensive operation and thus should be enabled with respect to performance considerations.

 

http.client.connection.timeout

duration

10s

EXPERT

maximum time to wait for client-side HTTP connection to be established
Details: This value limits the waiting time, in case a new connection is being established with a remote host.

 

http.client.idle.connection.close.interval

duration

10s

INTERNAL

time to wait before checking for HTTP idle connections

 

http.client.idle.connection.timeout

duration

5m

EXPERT

time after which an idle client-side HTTP connection will be closed
Details: This value configures the maximum idle time for pooled HTTP connections, that is the time they need to remain idle (not in use) before being closed and removed from the pool.

 

http.client.max.connections

positive integer

${http.handler.threads.max}

EXPERT

maximum number of pooled HTTP client connections
Details: This value limits the number of outgoing HTTP client connections from the agent process, including both direct HTTP/HTTPS connections and tunneled HTTP-over-SSH connections to remote agents or gateways, respectively.

 

http.client.max.connections.host

positive integer

${http.client.max.connections}

EXPERT

maximum number of pooled HTTP client connection for a single target host
Details: This value limits the number of outgoing HTTP client connections from the server or agent process to a single remote agent or gateway.

 

http.client.request.max.retries

positive integer

3

INTERNAL

maximum number of retries when sending an HTTP request
Details: This configures the maximum number of retries upon I/O errors when sending a request or establishing a connection.

 

http.client.request.sent.retry.enabled

[ true, false ]

true

INTERNAL

configures if already sent HTTP request will be retried or not
Details: This is a low-cost alternative to HTTP stale connection checking, that allows HTTP requests to be resent up to the configured request retries, in case of an I/O error. Be aware, that this may cause undesired side-effects on the receiving side, since the previous request may have been received successfully, but no response could be transmitted.

 

http.handler.threads.core

positive integer

5

EXPERT

number of core threads used for handling HTTP requests
Details: The number of threads configured here is occupied directly by the NIO selector handling incoming HTTP connections, so it should be as low as possible.

 

http.handler.threads.keep.alive.time

duration

1m

EXPERT

maximum time an idle thread is kept alive before deactivating it
Details: Threads are only deactivated/dropped, if the total number of current threads is still above the configured core size.

 

http.handler.threads.max

positive integer

20

EXPERT

maximum number of threads used for handling HTTP requests

 

http.server.connection.timeout

duration

${http.client.connection.so.timeout}

EXPERT

time after which a server-side HTTP connection will be closed due to inactivity or socket timeout
Details: This value configures the maximum idle time for active server-side HTTP connections. This roughly represents the server side socket timeout. Connections will be closed due to inactivity, either because a socket timeout occurs or due to an idle period.

 

http.server.connection.type

[ http, https, both ]

https

STANDARD

connection type used to listen for incoming HTTP requests
Details: Connection type 'both' is considered for testing purposes only, since two listening ports will be spawned simultaneously, the HTTP being one less than the configured HTTPS port.

 

http.server.graceful.shutdown.time

duration

5s

EXPERT

maximum time to wait for unfinished HTTP requests during graceful shutdown

 

http.server.listen.address

IP

0.0.0.0

STANDARD

listen/bind IP address or host name used for both HTTP and HTTPS
Details: The agent binds itself to one or more local network interfaces and waits for incoming requests. By default (0.0.0.0), it listens to all addresses on the machine. However, for security reasons it may need to be told to listen on selected addresses only.

 

http.server.listen.port

positive integer (0-65535)

 

REQUIRED

TCP listening port for incoming HTTP/HTTPS connections

 

log.memory.buffer.size

positive integer

512

STANDARD

configures the maximum number of log events to be buffered in-memory

 

mbean.export.prefix

string

np

INTERNAL

configures the JMX export prefix for exposing MBeans
Details: This property should not be changed in the agent, as there is usually only one application instance per JVM.

 

permission.process.execution.timeout

duration

5s

INTERNAL

maximum time to wait for an internal process execution to manage permissions

privileged.user.name

string

root

EXPERT

the name of the system's super user
Details: This user name is used to verify that the agent is running with privileged access during startup, so that subsequent process executions won't fail when changing user contexts.

 

privileged.user.verification

[ true, false ]

true

INTERNAL

enables/disables privileged user verification during application startup
Details: This property is for internal testing only. Switching it to false may result in the agent being unable to execute processes.

 

process.capture.block.size

byte size

1K

INTERNAL

maximum buffer block size

 

process.capture.buffer.size

positive integer

1024

INTERNAL

maximum number of blocks to be buffered per process execution output stream
Details: The agent will drop any further blocks issued by the executed process, in case the server fails to collect them from the agent in time. This is most of the case, when executing erroneous processes, such as 'cat /dev/zero'.

process.execution.default.user.name

string

${user.name}

STANDARD

default user used for process execution, when none is provided by the server

 

process.execution.keep.alive.check.interval

duration

30s

INTERNAL

time interval to check whether a given process has become an orphan and terminate it.

 

process.execution.keep.alive.time

duration

5m

INTERNAL

maximum time a process will be kept before turning into an orphan

 

process.execution.threads.core

positive integer

2

EXPERT

number of logical core threads used for process execution
Details: The effective number of physical threads will be four time higher, since multiple threads are required for each process execution.

 

process.execution.threads.keep.alive.time

duration

1m

EXPERT

maximum time an idle thread is kept alive before deactivating it
Details: Threads are only deactivated/dropped, if the total number of current threads is still above the configured core size.

 

process.execution.threads.max

positive integer

10

EXPERT

maximum number of logical threads used for process execution
Details: The effective number of physical threads will be four time higher, since multiple threads are required for each process execution.

 

process.output.keep.alive.check.interval

duration

10s

INTERNAL

time interval to check whether an already finished process still has open output streams to close these.

 

process.output.keep.alive.time

duration

30s

INTERNAL

maximum time an output of a completed process will still be kept open before closing it.

program.chmod.path

path

chmod

STANDARD

(absolute) path to the 'chmod' program used for managing ownerships

program.chown.path

path

chown

STANDARD

(absolute) path to the 'chown' program used for managing permissions

program.process.kill.cmd

string

taskkill.exe /t /f /pid {0}

EXPERT

Command used to kill process trees on windows platform specified by the process id of the parent process
Details: The following replacements will be performed:
{0} will be replaced by the process id

program.script.interpreter.arguments

arguments separated by spaces

/C

EXPERT

arguments for the platform specific interpreter to use when invoking scripts

program.script.interpreter.arguments

arguments separated by spaces

 

EXPERT

arguments for the platform specific interpreter to use when invoking scripts

program.script.interpreter.path

path

${ComSpec}

EXPERT

the platform specific interpreter to use when invoking scripts to determine OS information.
Details: Tested interpreters: powershell.exe and cmd.exe

program.script.interpreter.path

path

/bin/sh

EXPERT

the platform specific interpreter to use when invoking scripts
Details: The given interpreter will be invoked with the script content as stdin.

program.su.parameters

string

 

EXPERT

additional parameters to be passed to 'su' during process execution
Details: Multiple parameters must be separated by white-spaces.

program.su.path

path

su

STANDARD

(absolute) path to the 'su' program used for process execution

 

property.validation.fail.on.warning

boolean

false

EXPERT

configures if the agent will fail during startup, if an invalid property configuration is detected

 

resource.filetransfer.keep.alive.check.interval

duration

30s

INTERNAL

time interval to check whether a given file transfer has become an orphan and terminate it.

 

resource.filetransfer.keep.alive.time

duration

5m

INTERNAL

maximum time a file transfer will be kept before turning into an orphan

 

resource.group.default

string

 

EXPERT

the group for a resource (file or directory)
Details: When left empty the group of agent process will be used

 

resource.owner.default

string

 

EXPERT

the owning user for a resource (file or directory)
Details: When left empty the user of agent process will be used

 

resource.permissions.default

string

 

EXPERT

the permissions for a resource (file or directory)
Details: When left empty the user's umask of agent process will used

 

spring.profiles.active

a valid combination of [ agent, gateway, jmx, memtest, none ]

agent,gateway,jmx

EXPERT

list of active Spring profiles
Details: This property enables/disables different configuration profiles of the agent application, e.g. it may be used to disable agent or gateway specific functionality in hardened environments.

 

ssh.client.agent.shutdown.timeout

duration

5s

INTERNAL

time to wait for the agent to shut down.
Details: The agent shutdown takes some time to be completed. This is the maximum time that the SSH client will wait for the agent to shutdown

 

ssh.client.agent.started.timeout

duration

3s

INTERNAL

time to wait to check if the remote agent startup failed immediately.
Details: The agent startup may fail because the start script does not exist or the parameters are invalid. In this case it is not necessary to wait for ${ssh.client.agent.startup.timeout}.

 

ssh.client.agent.startup.timeout

duration

60s

EXPERT

maximum time to wait for a remote agent to start via SSH tunneling
Details: This value limits the time to wait for a remote SSH agent to start, that is the maximum time that the client will wait for a response from the remotely started agent.

 

ssh.client.command

string

ssh {0}@{1} -p {2} -o BatchMode=yes -A -L {3}:{4}:{5} -R {6}:{7}:{8} {9}

STANDARD

SSH command used to establish the SSH tunnel.
Details: The tunnel forwards two ports:

  • a dynamically assigned local port will be forwarded to the remote http port.
  • the remote control port will be forwarded to a dynamically local port.
    This tunnel will be used to start the remote agent which then listens on the remote http port.
    By default agent forwarding is enabled (-A).
    The BatchMode is enabled to avoid the user interaction (querying for passwords).
    The following replacements will be performed:
    {0}: user name used to connect to the target host
    {1}: the host name of the target host
    {2}: the port of the target host
    {3}: the local http port of the tunnelled remote http port
    {4}: the remote host of the tunnelled http port
    {5}: the remote http port of the tunnelled http port
    {6}: the remote control port
    {7}: the local host of the tunnelled remote control port
    {8}: the local port of the tunnelled remote control port
    {9}: the command used to start the remote agent

 

ssh.client.idle.connection.close.interval

duration

10s

INTERNAL

time to wait before checking for SSH idle connections

 

ssh.client.loopback.address

IP

127.0.0.1

INTERNAL

loop-back IP address used for SSH tunneling

 

ssh.client.max.connections

positive integer

${http.handler.threads.max}

EXPERT

maximum number of concurrent SSH client connections
Details: This value limits the number of outgoing SSH client connections from the agent process. An SSH client connection is established on a per host basis, that is parallel HTTP connections to the same SSH target host share the same SSH connection.

 

ssh.control.channel.port

positive integer (0-65535)

INTERNAL

TCP listening port for SSH control channel
Details: This is actually a required property, when running in SSH startup mode, but will be supplied by the agent.sh startup script by default.

 

ssh.control.channel.port.check.interval

duration

${ssh.client.idle.connection.close.interval}

INTERNAL

time to wait between checks for SSH keep-alive status

 

ssh.idle.check.interval

duration

1m

INTERNAL

time to wait between checking for SSH inactivity

 

ssh.idle.check.max.shutdown

positive integer

60

STANDARD

number of consecutive idle checks before the agent is shutdown
Details: Idle checks are considered consecutive, if no web service request has been handled between any two checks, i.e. the agent was completely idle with respect to its clients.
Note: Only completed intervals with inactivity are counted. The granularity depends on the property ssh.idle.check.interval.

 

ssl.certificate.mutual.authentication

[ true, false ]

true

EXPERT

enables/disables SSL mutual authentication
Details: When set to true, this causes the agent to request a certificate from its clients. Be aware, that disabling this setting allows any client to connect to the agent, thus, potentially gaining unauthorized super user access to the underlying system.

 

ssl.client.key.password

string

987654

STANDARD

password used to access the SSL key within the key store

 

ssl.client.keystore

url

classpath:info/novatec/np/common/communication/ssl/default_keystore

STANDARD

the location of the client-side SSL key store used for authentication
Details: The configured key store is used on the client side, in case mutual authentication is enabled.

 

ssl.client.keystore.password

string

123456

STANDARD

password used to load the SSL key store

 

ssl.client.truststore

url

${ssl.client.keystore}

STANDARD

the location of the client-side SSL trust store used for authentication
Details: The configured trust store is used on the client side to verify the server SSL certificate, in case mutual authentication is enabled.

 

ssl.client.truststore.password

string

${ssl.client.keystore.password}

STANDARD

password used to load the SSL trust store

 

ssl.protocol

[ SSL, SSLv2, SSLv3, TLS, TLSv1, TLSv1.1 ]

TLS

INTERNAL

client/server-side SSL protocol version

 

ssl.server.key.password

string

${ssl.client.key.password}

STANDARD

password used to access the SSL key within the key store

 

ssl.server.keystore

url

${ssl.client.keystore}

STANDARD

the location of the server-side SSL key store used for authentication
Details: The configured key store is used on the server side to present a valid SSL certificate, in case mutual authentication is enabled.

 

ssl.server.keystore.password

string

${ssl.client.keystore.password}

STANDARD

password used to load the SSL key store

 

ssl.server.truststore

url

${ssl.server.keystore}

STANDARD

the location of the server-side SSL trust store used for authentication
Details: The configured trust store is used on the on the server side, in case mutual authentication is enabled.

 

ssl.server.truststore.password

string

${ssl.server.keystore.password}

STANDARD

password used to load the SSL trust store

 

ws.client.xml.validate.request

[ true, false ]

false

INTERNAL

configures the XML validation of client web service requests
Details: The validation of outgoing client requests is disabled by default, since MTOM binary transfers would cause exceptions otherwise. This is due to the fact, that JAXP does not properly comply to MTOM-enabled web service requests.

 

ws.client.xml.validate.response

[ true, false ]

true

INTERNAL

configures the XML validation of client web service responses
Details: This enables/disables the validation of XML responses on the client-side.

 

ws.server.base.url

path

/services

INTERNAL

web service URL context path relative to the application root
Details: This path describes the base URL for mapping WS related requests, that is any incoming HTTP request starting from this path is dispatched as a web service request.

 

ws.server.xml.validate.request

[ true, false ]

true

INTERNAL

configures the XML validation of server web service requests
Details: This enables/disables the validation of XML requests on the server-side.

 

ws.server.xml.validate.response

[ true, false ]

true

INTERNAL

configures the XML validation of server web service responses
Details: This enables/disables the validation of XML responses on the server-side.

  • No labels