Automic Workload Automation

View Only

Unix Agent File Transfer Configuration Network Issue

Tamman Montanaro posted Sep 21, 2023 02:15 PM

Hello,

I am experiencing an issue with the unix automic agent communicating with another mainframe agent via file transfer. Our unix agent is setup on the cloud using the firewall and load balancer setup by our cloud to communicate with any public ip address over the internet. Our mainframe address is a public dns where it hosts its own agent.

Currently, we can initiate the file transfer from automic and the communication from our cloud unix agent successfully connects with the public mainframe address. The issue arises when the mainframe agent tries to connect with our unix agent. Instead of routing through the cloud firewall and load balancer, it tries to connect via the private ip address of our cloud agent instance. I am not sure how the mainframe agent is even acquiring the private ip address of our cloud unix agent. How can I change the configuration on automic so that all file transfer calls from the mainframe routes to the public load balancer?

I have investigated changing the [HOST] parameter on the unix ini file, however the automic engine still provides the private ip address of our agent.

Unix agent doc: Agent Unix

Automic

remove preview

Agent Unix

Parameter Name Description language = The Language(s) in which the log messages are displayed.Always a pair of languages separated by comma enclosed in brackets. if a message text is not available in the primary language the secondary language will be taken.

View this on Automic >

Broadcom Employee Markus Embacher posted Sep 22, 2023 02:46 AM

Hi Tamman,

your mainframe agent receives the internal address from the Automation Engine. The [HOSTS] section is the right place to configure an alternative address. The sending agent replaces this internal address by the external address that is defined here.

Please note, the the agent needs at restart for the settings to take effect.

Regards, Markus

Broadcom Employee Michael Dolinek posted Sep 22, 2023 09:18 AM

Hi @Tamman Montanaro

you can also specify the "external" IP address and port in the Agent's configuration file.

UC_EX_IP_ADDR must be set to the external ip or hostname
UC_EX_IP_PORT must be set to the external port
UC_EX_JOB_MD_IP_ADDR must be set to localhost

More details can be found here https://docs.automic.com/documentation/webhelp/english/ALL/components/DOCU/21.0.8/Automic%20Automation%20Guides/Content/AWA/Admin/inifiles/admin_ini_agent_unix.htm

These settings are available in v21.0.6 and up.

Michael

Tamman Montanaro posted Sep 22, 2023 12:43 PM

@Markus Embacher

Does the [HOSTS] section only need to be updated within the Unix agent or in the Automic Engine itself? I actually had tried updating the unix agent [HOSTS] parameters and restarting the agent, however the engine still was providing the private ip of the unix agent. Was my formatting corret?

UNIX_AGENT_NAME=DNS

Should I only restart the unix agent once the change is in place or does the mainframe agent need to be restarted as well? I am unclear on that.

Thanks,

Tamman Montanaro

Broadcom Employee Markus Embacher posted Sep 25, 2023 03:31 AM

Hi Tamman,

since the mainframe agent is trying to transfer a file to the UNIX agent the initial connection attempt is being made by the mainframe agent to reach the UNIX agent. The mainframe agent is being told the address of the UNIX agent by the Automation Engine. The Automation Engine receives the address by the UNIX agent itself. Now we want to make sure the we overrule that address because the mainframe agent is not able to reach the UNIX agent by using that internal address. Therefore the settings need to be configured in the configuration dataset of the mainframe agent. After that pls restart the mainframe agent.

After that the mainframe agent will use the address from it's configuration dataset to contact the UNIX agent.

Regards, Markus

Tamman Montanaro posted Sep 26, 2023 04:33 PM

Hey @Markus Embacher,

Thanks for the insight. That gives me more clarity on how to best resolve this. Looking at the specific Z/os documentation (which is what I imagine the configuration file looks like - since I do not have direct access the our mainframe), can you confirm what section I should update? Would I change the CP_LIST section to include the unix agent and desired dns/port?

I am following this documentation for the configuration file:
https://docs.automic.com/documentation/webhelp/english/ALL/components/DOCU/21.0.6/Automic%20Automation%20Guides/Content/AWA/Admin/inifiles/admin_ini_agent_zos.htm?tocpath=Reference%7CConfiguration%20(INI)%20Files%7CAgents%7C_____13

Thanks,

Tamman Montanaro

Broadcom Employee Markus Embacher posted Sep 27, 2023 02:28 AM

Hi Tamman,

pls follow the same syntax as for example the .ini of the Unix agent and add that section manually to the configuration dataset of the z/OS agent

[HOSTS]
UNIX01=10.11.12.13

Regards, Markus

Tamman Montanaro posted Oct 05, 2023 04:00 PM

Hello @Markus Embacher,

I have successfully updated the mainframe configuration and now we can drop off files coming from the mainframe to our AWS ec2 instance. However, the traffic from the aws ec2 instance to the mainframe public address seems to be timing out somewhere. Is there any configuration change we need to consider for the traffic going the other way?

I am working with my network team to see if it is just a network issue, but I just wanted to make sure that there are no other application configurations to consider. Again, the file can be dropped off from the mainframe to the AWS private instance now (using the host configuration on the mainframe ini), but the aws private instance cannot drop a file off to the mainframe public instance.

I appreciate all the help you have provided thus far.

Thanks,

Tamman Montanaro

Broadcom Employee Markus Embacher posted Oct 06, 2023 02:27 AM

Hi Tamman,

what is the address the EC2 instance is using to connect to the mainframe? Maybe you have to add a similar configuration to the .ini of the EC2 agent to tell the agent which address to use for contacting the mainframe.

Regards, Markus