1. No category

How to use the
Proxy Server?
Peter Grundler
Senior Consultant
Connectivity – Previous Situation
• Automation Engine Server in secure network area
• Agents in DMZ or different network areas
• Agents connect to the CP
• Security policies prevent incoming connections
• CP Router connect to the DB
The Goal
• Reverse connectivity
• Expand connectivity concept (CP router)
• Full protocol compatibility
• Works with all Automation Engine Versions
• No loss of throughput and speed
• Failover and load balancing
• Security
Conventional Automation Engine Network
Agent Network
Automation Engine Network
System with CP Router
Agent Network
Automation Engine Network
Proxy: cpSelection = 0
Agent Network
Automation Engine Network
Proxy: cpSelection = 1
Agent Network
Automation Engine Network
Proxy: Port Configuration
java -cp proxy.jar com.uc4.proxy.Server
-keyStore=keystore.jks
-keyStorePwd=passwd
-servicePort=4321
AGHost
PSHost
PCHost
port 2217
port 4321
(routingPort)
(serverProxy)
Agent
cp=PSHost:2217
java -jar proxy.jar
Proxy Server
CPHost
port 2220
Proxy Client
[GLOBAL]
serverProxy=PSHost:4321
routingPort=2217
[CP_LIST]
cp1=CPHost:2220
CP
[PORTS]
cp1=2220
Proxy – Characteristics
• 1 Proxy Server 1 Proxy Client
• Proxy Server / Client: One JAR
• TLS (SSL)
• No loss in throughput
• CP selection tranparent:
•
Agents/CallAPIs/GUIs always perform CP selection
•
cpSelection controlls CP selction of Proxy Client
• Proxies can only be used beween
•
•
CP Agent
•
CP GUI
•
CP CallAPI
GUI and CallAPI require cpSelection=0
Proxy – Hints
• Install in different Directories (logging) or use INI-parameter
serverLogging
• Can be started via Service Manager
• Not visible in system overview – communication is transparent
• Proxy Server opens routingPort only once Proxy Client has found
valid CP
• cpSelection = 0 … Proxies act as elongated arms of the CPs
• Combine Proxies with netArea CP setting
Proxy - Parameters
• cpSelection … turn on / switch off CP selection (AE side)
• cpName … name of the router, if cpSelection is on
• serverProxy … service port
• routingPort … listen port of the Server Proxy, accepts Agents
• logging / serverLogging … log file paths
• cpResponseTime … response time of a CP on connect
• connect … reconnect time
• keepAliveTime, tcp_noDelay, soKeepAlive … heartbeat
• sendBufferSize / receiveBufferSize … tcp/ip buffers
• connectDelayMS … delay between connects to one CP
• maxConnectionCount … max number of connection to proxy
• keyStore / keyStorePwd … TLS (SSL)
• [OTHER_SP_LIST] … list of alternative server proxies
• [CP_LIST] … list of alternative CPs, if cpSelection is on
Proxy – INI Example
[GLOBAL]
sendBufferSize=8192
cpSelection=1
receiveBufferSize=8192
cpName=PROXY_01
connectDelayMS=10
serverProxy=HOSTSP01:4321
maxConnectionCount=10000
routingPort=2217
traceLevel=0
checkMemoryConsumption=10
language=(D,E)
[SSL]
logging=../TEMP/PROXY_LOG_##.TXT
keyStore=keystore.jks
serverLogging=../TEMP/SPROXY_LOG_##.TXT
keyStorePwd=passwd
logCount=10
logMaxDays=1
[OTHER_SP_LIST]
logMaxSize=9000
sp1=HOSTSP02:2217
sp2=HOSTSP03:2217
[TCP/IP]
cpResponseTime=10
connect=60
keepAliveTime=60
tcp_noDelay=1
soKeepAlive=1
[CP_LIST]
cp1=HOSTUC4SRV01:2216
cp2=10.0.0.100:2217
cp3=10.0.0.100:2218
13
Closing Slide
Thank You