System requirements and performance considerations
The HCL Launch server runs on Windows™ and UNIX™ systems. Following some guidelines can improve the performance of the server and agents.
The following new installation and upgrade requirements are applicable starting from version 7.0.2:
- New Java 11 compatibility.
- If installing Java 11, ensure database driver is compatible.
- Java 6, 7, and 8 are deprecated and no longer supported.
- HCL Launch agents version 7.0.2 onwards uses Groovy v2.4.15.
For topologies, see Systems and topology overview.
The server must have network access to the following ports:
- The server must be able to accept connections from agents and agent relays. By default, agent relays and JMS agents connect on port 7918, and WebSocket agents on port 7919.
- Users and agents that do not use a relay must be able to initiate connections to the server through HTTP or HTTPS. The default ports are 8080 for HTTP and 8443 for HTTPS.
- Installing agents remotely on Linux™ or UNIX™ systems requires the server to initiate connections to the SSH port of the agent computer. The default port for SSH is 22.
- Remote discovery of agents requires the server to initiate connections to port 22 for Linux™ agents and port 135 for Windows™ agents. See Discovering agents automatically.
- The server might require access to other ports if you connect to external systems, such as an SMTP server for notifications or to cloud systems that use virtual system patterns.
If your agents connect to the server through an agent relay, you must
configure your networks and firewalls to allow the following communication. In this case, you
install the agent relay on the same network and the same side of the firewall as the agents.
- Agents must be able to open network connections on the agent relay JMS port. The default agent relay JMS port is 7916.
- Agents must be able to open network connections on the agent relay HTTP proxy port. The default agent relay HTTP proxy port is 20080.
- Agents must be able to open a network connection to the Agent Relay CodeStation proxy port (HTTP_proxy + 1, by default 20081).
- Installing agents remotely on Windows™ systems requires the WinRS agent to initiate connections on ports 80 and 5985 on the target computer.
- If you are using artifact caching as described in Agent security and communication, agents must be able to open network connections on the agent relay artifact caching port. The agent relay artifact caching port is 20081.
- Agents run steps from automation plug-ins and source configuration plug-ins. Some of these steps require that agents create network connections to an external system.
- Agent relays must be able to open network connections on the server JMS port. The default server JMS port is 7918.
- Agent relays must be able to open network connections on the server HTTP and HTTPs ports. The default HTTP(S) ports are 8080 and 8443. It is not possible to reverse the direction of this connection.
If your agents connect directly to the server, you must configure
your networks and firewalls to allow the following communication:
- JMS agents must be able to open network connections on the server JMS port. The default server JMS port is 7918.
- WebSocket agents must be able to open network connections on the server. The default server port is 7919.
- Agents must be able to open network connections on the server HTTP and HTTPS ports. The default HTTP(S) ports are 8080 and 8443.
- Agents run steps from automation plug-ins and source configuration plug-ins. Some of these steps require that agents create network connections to an external system.
You must configure virtual images in supported clouds for communication with HCL Launch:
- Virtual images must be able to open network connections on the server HTTP and HTTPs ports. The default HTTP(S) ports are 8080 and 8443. It is not possible to reverse the direction of this connection.
- The agent that is installed on the virtual image must be able to open network connections on the agent relay JMS port. The default agent relay JMS port is 7916.
- Virtual images must be able to open network communication ports to the Heat engine. The default Heat engine ports are 8000 and 8003.
- If the virtual image contains a Chef role, it must be able to open network communication ports to the Chef server. The default Chef server communication port is 443.
For best performance, follow these guidelines:
- Because agent activity can sometimes become resource intensive, agents are usually installed on systems other than the one where the HCL Launch server is located.
- When possible, install the server as a dedicated user account. However, HCL Launch runs well as a root user (or local system user on Windows™), and running this way is the easiest method to avoid permission errors.
- Install the agent as dedicated system account. Ideally, the account is dedicated to HCL Launch. Because HCL Launch agents run remote commands, it is best to create a user specifically for the agent and grant this user only the appropriate privileges.
- Installing multiple agents on the same system is not necessary because a single agent can run parallel deployments as different users. While idle agents use minimal resources, many agents on the same system might have a noticeable impact.
- For best server performance, install the server on a system that is dedicated to the server and does not run any other major software.
- For servers on Linux™ or UNIX™, if the server is connected to many agents (400 or more), increase the
process and file limit for the server. For example, for Red Hat Enterprise Linux, version 7, use the
/etc/security/limits.conf file. For AIX, use the
/etc/security/limits.d/90-nproc.conf file. Add
the following lines to the appropriate file and then restart the server
computer:
Use the name of the operating system user that is running the server fordeployUser soft nofile 60000 deployUser hard nofile 60000 deployUser soft nproc 65535 deployUser hard nproc 65535
deployUser
.Similarly, if an agent relay connects to many agents, increase the process and file limit for the relay in the same way..