The agent is managed by the server and executes commands on its host operating system. An agent can be started in three different modes regarding the connectability:
- SSH (not supported on Windows Platforms)
HTTP is an unsecured protocol and should therefore only be used in exceptional cases.
automaIT comes up with predefined SSL certificates for server-agent-communication to provide a quick start up. However, this predefined configuration is quite insecure and not recommended for production use. Please refer to SSL certificates in the Configuration section on how to set up a well secured server-agent-communication.
The agent should run on every Unix operating system fulfilling the software prerequisites.
Apart from a few exceptions the agent must be started as superuser (
The agent will switch the user with
su if the server requests a command to be executed under a different user. When using
sudo please keep in mind that
/etc/sudoers may override environment variables or set a specific
The agent should run on every Windows Server environment.
The agent must be started with administration rights if the agent should perform privileged actions (e.g. program installations or access restricted directories in Windows).
This can either be achieved by configuring the agent as a Windows service or by adding it as a new task to the Windows task scheduler (with activating the flag for running with highest privileges).
The following Java Runtime Environment (JRE) implementations (64bit or 32bit) starting at version 7 are supported.
Oracle Java 64-bit, Version 7.x or 8.x
| supported (recommended)|
OpenJDK Java 64-bit, Version 7.x or 8.x
IBM Java 64-bit, Version 7.x or 8.x
If the agent start aborts with "Unsupported major.minor version 51.0" then a Java 6 is mistakenly found in PATH. Please check your PATH variable so that the
bin directory of Java 7 resp. Java 8 is found first.
Installing the agent is very simple. Its not much more than expanding the archive
Do not edit any files of the agent (including
agent.cmd) unless you are advised to do so. Files may be overwritten by the next automatic agent update.
You may only edit the configuration files
For simplicity HTTPS is the preconfigured connection method. Find further details on how to customize the SSL connections in SSL certificates.
The agent is delivered as compressed file in zip format.
This can be unzipped using the unzip command. To use unzip it may be required to install this first.
mkdir -p /opt/automait/agent
chmod -R 0700 /opt/automait/agent
The agent is delivered as zipped archive file. This may be unzipped directly in the Windows explorer or by using an external application like 7-Zip or WinZip.
7z.exe x np-release-<VERSION>\np-agent.zip
Running process unattached to a terminal
On Linux and Unix the agent runs commands without the possibility for the user to provide input via keyboard, thus the process is not allowed to be attached to a terminal. To ensure this constraint the agent needs to be started via the
setsid command. To make it a background task,
nohup can be used.
The agent is started as root via the
/opt/automait/agent/agent.sh script. It is a permanently running process.
setsid nohup /opt/automait/agent/agent.sh
The agent is started via the
C:\automait\agent\agent.cmd command file. It is a permanently running process.
Usage of JAVA_HOME environment variable
The agent.cmd startup file evaluates the environment variable JAVA_HOME to find the path to the configured java installation. Please note that this path must not be quoted as this is already done by the startup script.
Task Scheduler startup
The Agent is started via a preconfigured Windows task.
The following describes the setup process:
- Open up the "Windows Task Scheduler" and click on "Create Task..."
- Enter a "Name".
- In the "Security options" change the user or group if necessary. This configured user or group will be used to run the task.
- Also select the "Run whether user is logged on or not" option and activate the "Run with highest privileges" checkbox.
- On the "Triggers" tab add a new trigger with the "At startup" option in the "Begin the task" dropdown.
- On the "Actions" tab add a new action with type "Start a programm" and select the start script (
C:\automait\agent\agent.cmd) in the "Settings" area.
- On the "Settings" tab deselect the option "Stop task if it runs longer than:".
- Restart your system. The agent should be successfully started at Windows startup.
To connect to the agent from automaIT server, the remote systems firewall has to be disabled or configured for remote connections on port 9999.
IPTables based firewalls can be configured with the following commands:
iptables -I INPUT -p tcp --dport 9999 --syn -j ACCEPT
service iptables save
Using SuSEfirewall2 the configuration has to be done through Yast or by creating the file
## Name: automaIT agent
## Description: Open port 9999 to connect to automaIT agent from automaIT servers
# space separated list of allowed TCP ports
# space separated list of allowed UDP ports
# space separated list of allowed RPC ports
# space separated list of allowed IP protocols
# space separated list of allowed UDP broadcast ports
and adding automait-agent to the variables
Last but not least the firewall has to be restarted to make the changes productive:
sudo rcSuSEfiewall2 restart
To configure the Windows Firewall for incoming TCP traffic on port 9999 the following command line can be used instead of configuring through the firewall UI.
netsh advfirewall firewall add rule name="automaIT Agent" dir=in action=allow protocol=TCP localport=9999
To delete above rule and therefore close port 9999 use:
netsh advfirewall firewall delete rule name="automaIT Agent"
Automatic Agent Update
If a new automaIT release includes an updated agent version then all hosts will be put into the uninitialized state on the first startup. The next host initialization will then update the agent automatically.
The automatic agent update makes it very easy to update agents: they must not be installed manually on each release update.
How the automated agent update works
The automatic agent update is possible because the server deployment includes the agent software package and uses the update interface of the agent to update the agent and restart it.
Editing agent files
Do not edit files other than
logback.xml! Otherwise, the agent update might fail.