System requirements and performance considerations
The HCL Launch server runs on Windows™ and UNIX™ systems. Following some guidelines can improve the performance of the server and agents.
You must have a Licensing server with available licenses. See Managing licenses.
The following new installation and upgrade requirements are applicable starting from version 7.1.0:
- New Java 11 compatibility.
- If installing Java 11, ensure database driver is compatible.
- Java 6, 7 and 8 are deprecated and no longer supported.
- HCL Launch agents uses Groovy v3.0.9.
The following diagram shows the default port numbers that HCL Launch uses for communication. Most of these ports can change depending on your choices at installation time. The following diagram is only a summary of the defaults.
For topologies, see Systems and topology overview.
The server must have network access to the following ports:
- The server must be able to accept connections from agents and agent relays. By default, agent relays and WebSocket agents connect on port 7919.
- Users and agents that do not use a relay must be able to initiate connections to the server through HTTPS. The default port is 8443 for HTTPS.
- Installing agents remotely on Linux™ or UNIX™ systems requires the server to initiate connections to the SSH port of the agent computer. The default port for SSH is 22.
- Remote discovery of agents requires the server to initiate connections to port 22 for Linux™ agents and port 135 for Windows™ agents. See Discovering agents automatically.
- The server might require access to other ports if you connect to external systems, such as an SMTP server for notifications or to cloud systems that use virtual system patterns.
If your agents connect to the server through an agent relay, you must configure
your networks and firewalls to allow the following communication. In this case, you install the
agent relay on the same network and the same side of the firewall as the agents.
- Agents must be able to open network connections on the agent relay HTTP proxy port. The default agent relay HTTP proxy port is 20080.
- Agents must be able to open a network connection to the Agent Relay CodeStation proxy port (HTTP_proxy + 1, by default 20081).
- Installing agents remotely on Windows™ systems requires the WinRS agent to initiate connections on ports 80 and 5985 on the target computer.
- Agents run steps from automation plug-ins and source configuration plug-ins. Some of these steps require that agents create network connections to an external system.
- Agent relays must be able to open network connections on the server with HTTPs port. The default HTTPS port is 8443. It is not possible to reverse the direction of this connection. Starting with V7.2.2, relays support proxying HTTPS requests only. However, the relay listens itself on HTTP protocol.
If your agents connect directly to the server, you must configure your
networks and firewalls to allow the following communication:
- WebSocket agents must be able to open network connections on the server. The default server port is 7919.
- Agents must be able to open network connections on the server with HTTPS port. The default HTTPS port is 8443.
- Agents run steps from automation plug-ins and source configuration plug-ins. Some of these steps require that agents create network connections to an external system.
You must configure virtual images in supported clouds for communication with HCL Launch:
- Virtual images must be able to open network connections on the server HTTP and HTTPs ports. The default HTTP(S) ports are 8080 and 8443. It is not possible to reverse the direction of this connection.
- The agent that is installed on the virtual image must be able to open network connections on the agent relay port.
For best performance, follow these guidelines:
- Because agent activity can sometimes become resource intensive, agents are usually installed on systems other than the one where the HCL Launch server is located.
- When possible, install the server as a dedicated user account. However, HCL Launch runs well as a root user (or local system user on Windows™), and running this way is the easiest method to avoid permission errors.
- Install the agent as dedicated system account. Ideally, the account is dedicated to HCL Launch. Because HCL Launch agents run remote commands, it is best to create a user specifically for the agent and grant this user only the appropriate privileges.
- Installing multiple agents on the same system is not necessary because a single agent can run parallel deployments as different users. While idle agents use minimal resources, many agents on the same system might have a noticeable impact.
- For best server performance, install the server on a system that is dedicated to the server and does not run any other major software.
- For servers on Linux™ or UNIX™, if the server is connected to many agents (400 or more), increase the
process and file limit for the server. For example, for Red Hat Enterprise Linux, version 7, use the
/etc/security/limits.conf file. For AIX, use the
/etc/security/limits.d/90-nproc.conf file. Add
the following lines to the appropriate file and then restart the server
computer:
Use the name of the operating system user that is running the server forOS-user soft nofile 60000 OS-user hard nofile 60000 OS-user soft nproc 65535 OS-user hard nproc 65535
OS-user
.Similarly, if an agent relay connects to many agents, increase the process and file limit for the relay in the same way..