Agent Pools: Difference between revisions
Chris.Hansen (talk | contribs) (Created page with "An Agent Pool in Foji is a service that facilitates secure communication between the Foji cloud and resources on a customer's network. It utilizes secure websockets, a web protocol that encrypts data transmission and provides a bi-directional communication channel. This encrypted tunnel safeguards sensitive information exchanged between Foji and the customer's environment. Here's a breakdown of how Agent Pools function: * '''Secure Websockets:''' Data transferred betwe...") |
Chris.Hansen (talk | contribs) No edit summary |
||
Line 19: | Line 19: | ||
# Configure the '''Allowed Hosts''' to which the agents in this pool will provide access. The agents in this pool will only be allowed to access the explicitly defined host/port combinations. | # Configure the '''Allowed Hosts''' to which the agents in this pool will provide access. The agents in this pool will only be allowed to access the explicitly defined host/port combinations. | ||
# Click the '''Create''' button | # Click the '''Create''' button | ||
== Network Configuration == | |||
The Foji agent does not require any special network configuration or firewall port rules. The only requirement is that the agent have access to the Foji cloud via the internet. It will need to be able to access port 443 (https) on your Foji instance and any Allowed Hosts on your network to which it will provide access. No other specific networking rules or permissions will be required. | |||
== Agent Installation == | == Agent Installation == |
Revision as of 15:05, 11 March 2024
An Agent Pool in Foji is a service that facilitates secure communication between the Foji cloud and resources on a customer's network. It utilizes secure websockets, a web protocol that encrypts data transmission and provides a bi-directional communication channel. This encrypted tunnel safeguards sensitive information exchanged between Foji and the customer's environment.
Here's a breakdown of how Agent Pools function:
- Secure Websockets: Data transferred between Foji and the customer network travels through an encrypted tunnel, ensuring confidentiality and data integrity.
- Bi-directional Communication: The secure tunnel allows for both sending commands from Foji to the customer's network and receiving data back.
- Flexibility: Agent Pools can be configured to target specific hosts and ports on a customer's network, enabling communication with various devices and applications.
This guide will walk you through the step-by-step process of configuring an Agent Pool in Foji to establish a secure communication channel between the Foji cloud and your network. We'll cover prerequisites, specifying target hosts and ports, and managing your Agent Pool for optimal functionality.
By the end of this guide, you'll be equipped to leverage Agent Pools for secure communication within your Foji cloud environment.
Create an Agent Pool
- Log into your Foji account
- Access Agent Pools under Integrations in the Settings application
- Click the New Agent Pool button
- Enter a Name for the Agent Pool to describe which network or hosts it will access
- Configure the Allowed Hosts to which the agents in this pool will provide access. The agents in this pool will only be allowed to access the explicitly defined host/port combinations.
- Click the Create button
Network Configuration
The Foji agent does not require any special network configuration or firewall port rules. The only requirement is that the agent have access to the Foji cloud via the internet. It will need to be able to access port 443 (https) on your Foji instance and any Allowed Hosts on your network to which it will provide access. No other specific networking rules or permissions will be required.
Agent Installation
Once the agent pool has been created, one or more agents will need to be deployed within your network to support the secure tunnel. The agent is designed to operate in a highly available pool with multiple instances. This helps ensure that communication is not interrupted if a single agent stops or is restarted. The Foji agent may be installed and run on Linux (via docker containers) or Windows. Please follow the instructions for your selected operating system.
Linux
The Foji agent may be run on linux operating systems using docker containers. The containers may be run directly on a docker runtime or managed using a kubernetes cluster.
Docker
- Access the Agent Pool configuration in the Settings application
- Copy the Docker command in the Linux section
- Run the command on your against your docker server
This command is very basic and should probably be adjusted to meet your specific hosting requirements. The Foji agent container is completely stateless and does not require any persistent data volumes to operate. The significant requirement is that the 3 environment variables are defined.
Kubernetes
- Access the Agent Pool configuration in the Settings application
- Download the Kubernetes yaml file under the Linux section
- Apply the file to your kubernetes cluster
This Kubernetes yaml file contains a Secret and a Deployment. The secret defines the necessary secured environment variables for the agent. The deployment is configured to run 1 instance of the agent. You may wish to modify these objects to meet any hosting requirements or needs specific to your Kubernetes cluster.
Windows
The Foji agent may be run on Windows computers, both a 32 bit and 64 bit version is available.
Windows x64 (64 bit)
- Access the Agent Pool configuration in the Settings application
- Follow the instructions under the Windows (64 Bit) section
Windows x86 (32 bit)
- Access the Agent Pool configuration in the Settings application
- Follow the instructions under the Windows (32 Bit) section
Updating Allowed Hosts
Agent Pools are designed to provide access to multiple Allowed Hosts. These hosts may be added or removed at anytime.
- Access the Agent Pool configuration in the Settings application
- Configure the Allowed Hosts as desired
- Click the Save button
Allowed hosts may be added/removed to an agent pool without the need to redeploy any agents. The updated configuration will automatically be read by all agents and does not require any further action.