Skip to main content
Version: Deploy 23.1

Configure satellite communication

This topic covers how to configure communication between Deploy satellites and the Deploy master to ensure secure and effective operations.

Enable communication with satellites

To begin with, enable communication between Deploy and the satellites. In Deploy, communication with satellites is disabled by default. To enable it:

  1. Locate the satellite section in the deploy-satellite.yaml file.
  2. Set enabled to true.
deploy.satellite:
  enabled: true
  1. Restart Deploy. The server will be enabled to connect to satellites.

Configure hostname and port

This section describes the process to configure a hostname and port for satellites to connect with Deploy. For instructions on specifically configuring communication to Deploy running on a Kubernetes cluster, skip to the Configure communication between satellites and Deploy on a Kubernetes cluster section. Other sections in this topic are applicable to all installations of Deploy.

The default settings in the deploy-server.yaml file are:

hostname: ""
bind-hostname: "0.0.0.0"
port: 8180

Set hostname to an IP address or a host name where Deploy can connect. Deploy sends this value to the satellites. The hostname must be visible from the network(s) where the satellites are located.

Satellites use this value to re-establish connection with Deploy if the initial connection breaks. If you do not provide a value, Deploy assign a value from a network interface that is available, or to a loopback address if no interfaces are available.

Set bind-hostname to an IP address or a host name to listen on. The default setting listens on all network interfaces.

Set port to the port that Deploy connects to. The port must also be accessible from the satellites. The default port is set to 8180.

note

You cannot connect multiple Deploy server instances to the same satellite. In Deploy, you can assign the same satellite to multiple hosts from the same Deploy instance.

Configure communication between satellites and Deploy on a Kubernetes cluster

Deploy uses Akka Remoting to communicate with Satellites outside the K8S cluster. Akka needs a unique, globally accessible canonical address to communicate with the master and worker pods. Until now, Deploy required the canonical and bind configurations to be the same.

Starting with version 23.1.6, Deploy allows you to create separate canonical and bind configurations. Following sections describe the newly introduced changes and the canonical and bind configurations based on the Kubernetes service and setup you use. All other configurations remain the same.

Configure canonical and bind properties

We have added new configuration properties (deploy.server.bind-port, deploy.cluster.node.hostname, and deploy.cluster.node.bind-hostname) that allow you to create separate canonical and bind configurations.

The following table shows how these configurations work:

PropertyExplanation
Cluster canonical hostnameThis is set by the following configuration properties, in the order of listing. If first property is not available, the next property is used.
  1. deploy.cluster.node.hostname
  2. server.hostname
  3. deploy.server.hostname
    4. If none of these properties are available, value from ServerConfiguration.getInstance().getServerHostname() is used.
Cluster bind hostname

This is set by the following configuration properties, in the order of listing. If first property is not available, the next property is used.

  1. deploy.cluster.node.bind-hostname
  2. 0.0.0.0 - default, hardcoded value.
Cluster canonical port

This is set by the following configuration properties, in the order of listing. If first property is not available, the next property is used.

  1. deploy.cluster.node.port
  2. If this property is not available, value from ServerConfiguration.getInstance().getClusterNodePort() is used.
Cluster bind port

This is set using the deploy.cluster.node.bind-port property. By default, this is configured to be the same as the canonical port in the Deploy task engine configuration. If this property is not available, the default value from the canonical port is used.

Set up connection with different Kubernetes services

We have added support for remote satellite connection to Deploy running on Kubernetes via the following methods:

  • NodePort dedicated service to the Akka port.
  • LoadBalanced service to the Akka port.
  • Headless service with an external DNS to the Akka port.

See Kubernetes documentation for information on these service types.

Service Configuration Parameters in the Deploy Custom Resources file

Based on your Kubernetes setup, the appropriate Service Configuration parameters in the Deploy Custom Resources file are set.

Here are some common Kubernetes setups and sample configurations:
Note: When using satellites to communicate with Deploy on Kubernetes, set the xl.satellite.streaming.connection-resolver property in conf/satellite.conf to blocking.

Kubernetes setupDescriptionSample Configuration
NodePort setup with defaults

  • Hostname pattern is defined in the configuration and is auto-incremented by 1 for each master and worker.

  • Port number is defined in the configuration and is auto-incremented by 1 for each master and worker.

deploy:
  master:
    podServiceTemplate:
      enabled: true
  worker:
    podServiceTemplate:
      enabled: true

NodePort setup with custom hostnames, custom hostname suffix, and different ports

  • Hostname pattern is defined in the configuration and is auto-incremented by 1 for each master and worker.
  • The port number defined in the default configuration (32180) is used and auto-incremented by 1 for each master and worker.
  • Hostname suffix is customized.

This sample configuration lists the properties for masters. You can configure the workers using the same properties with values appropriate for the workers.

deploy:
  centralConfiguration:
    useIpAsHostname: true
  master:
    hostAliases:
      - ip: "172.22.0.2"
        hostnames:
        - "master-0.companyName"
        - "master-1.companyName"
        - "worker-0.companyName"
        - "worker-1.companyName"
    podServiceTemplate:
      enabled: true
      name: 'master-{{ .podNumber }}'
      overrideHostnameSuffix: .companyName
      overrideHostname: 'master-{{ .podNumber }}'
  worker:
    # Use the same properties as the master but with values appropriate for the workers.

Fixed ClusterIP setup that uses a single port for all masters and workers

This setup uses a fixed cluster IP for each master and worker but uses the same port for all masters and workers.

This sample configuration lists the properties for masters. You can configure the workers using the same properties with values appropriate for the workers.

deploy:
  centralConfiguration:
    useIpAsHostname: true
  master:
    hostAliases:
      - ip: "10.43.156.90"
        hostnames:
        - "master-0.companyName"
      - ip: "10.43.156.91"
        hostnames:
        - "master-1.companyName"
      - ip: "10.43.156.95"
        hostnames:
        - "worker-0.companyName"
      - ip: "10.43.156.96"
        hostnames:
        - "worker-1.companyName"
    podServiceTemplate:
      enabled: true
      serviceMode: SinglePort
      type: ClusterIP
      name: 'master-{{ .podNumber }}'
      overrideHostnameSuffix: .companyName
      overrideHostname: 'master-{{ .podNumber }}'
      clusterIPs:
        - "10.43.156.90"
        - "10.43.156.91"
  worker:
    # Use the same properties as the master but with values appropriate for the workers.

Fixed ClusterIP setup that uses External DNS with a headless service.

Need description

deploy:
  master:
    clusterNodeHostnameSuffix: '.{{ template "xl-deploy.fullname" . }}-master-akka.{{.Release.Namespace}}.svc.cluster.local'
    podServiceTemplate:
      enabled: true
      serviceMode: SingleService
      type: ClusterIP
      name: '{{ printf "%s-master-akka" (include "xl-deploy.fullname" $) }}'
      incrementPort: false
      overrideHostnameSuffix: .companyName
      annotations:
        external-dns.alpha.kubernetes.io/hostname: master
        external-dns.alpha.kubernetes.io/endpoints-type: HostIP
      podLabels: null
      clusterIPs: [ None ]
      ports:
        deployAkka: 8180
      nodePorts:
        deployAkka: 8180
  worker:
    podServiceTemplate:
      enabled: true
      serviceMode: SingleService
      type: ClusterIP
      name: '{{ printf "%s-worker-akka" (include "xl-deploy.fullname" $) }}'
      incrementPort: false
      overrideHostnameSuffix: .companyName
      annotations:
        external-dns.alpha.kubernetes.io/hostname: worker
        external-dns.alpha.kubernetes.io/endpoints-type: HostIP
      podLabels: null
      clusterIPs: [ None ]
      ports:
        deployAkka: 8180
      nodePorts:
        deployAkka: 8180

LoadBalanced setup with an External IP-based service

In this example, we use a LoadBalanced service setup based on the Openshift AWS cluster. The hostnames are set from the provided AWS External IPs (AWS DNS names that are exposing LoadBalanced Service).

This sample configuration lists the properties for masters. You can configure the workers using the same properties with values appropriate for the workers.

deploy:
  centralConfiguration:
    useIpAsHostname: true
  master:
    podServiceTemplate:
      enabled: true
      serviceMode: MultiService
      type: LoadBalancer
      overrideHostnameSuffix: .us-east-1.elb.amazonaws.com
      overrideHostnames: 
        - a380xxx
        - a030xxx
      ports:
        deployAkka: 32180
      nodePorts:
        deployAkka: 32180
  worker:
    # Use the same properties as the master but with values appropriate for the workers.

Configure the ping timeout

To configure the ping timeout while reaching a satellite, change the satellite.timeout.ping property in the deploy-satellite.yaml file:

satellite {
   timeout {
     ping = "<timeout>"
   }
 }
hostname: ""
  bind-hostname: "0.0.0.0"
  port: 8180

You can specify the ping timeout in milliseconds, seconds, or minutes. For example: 100 ms or 10 seconds.

Configure the upload idle timeout

The upload idle timeout occurs when a satellite has accepted an incoming streaming connection but does not need to accept the uploaded file. This prevents unused TCP connections from remaining open. To configure the upload idle timeout, change the satellite.timeout.upload.idle property in the deploy-satellite.yaml file:

deploy.satellite:
  timeout:
    upload:
      idle: "<timeout>"

You can specify the ping timeout in milliseconds, seconds, or minutes. For example, 100 ms or 10 seconds.

Configure the file streaming timeout

This timeout occurs when Deploy attempts to connect to satellites for file transfer. To configure this value, change the satellite.timeout.streaming property in the deploy-satellite.yaml file:

deploy.satellite:
  timeout:
    streaming: "<timeout>"

The default timeout is 10 seconds.

Configure the maximum upload threads per task

To configure the maximum threads per upload task, change the satellite.streaming.max-uploads property in the deploy-satellite.yaml file:

deploy.satellite:
  streaming:
    max-uploads: 5

Configure secure communication

Deploy communicates with satellite servers over a secure communication channel using TLS/SSL technology to encrypt data. For more information about configuring SSL, see Configure secure communication between Deploy and satellites.