...
Table of Contents | ||||
---|---|---|---|---|
|
Overview
Your Self-managed Snaplex (Groundplex) allows access to endpoints that are in your network firewall. As a SnapLogic Org admin, you might typically involve your network admin or DevOps team from an organization to define the network settings of the Groundplex. Your Snaplex makes outbound HTTPS requests to the SnapLogic Control Plane. In addition to the SnapLogic Control Plane, the Snaplex also makes WebSocket Secure (WSS) outbound connections with the Control Plane, which uses this connection to send inbound control messages to the Snaplex. WSS is an extension of HTTPS that provides a standards-compliant and secure message-passing mechanism. The Groundplex does not require inbound network connectivity. The only requirement is outbound connectivity to the SnapLogic Control Plane over the HTTPS port 443.
A Groundplex also makes outbound connections to any endpoints referenced in a Pipeline. If the Pipeline running on the Snaplex communicates with Salesforce and Redshift endpoints, then the Snaplex makes outbound connections with Salesforce and Redshift databases. The protocol depends on the endpoint. Fore For example, Salesforce Snaps use an HTTPS connection, and Redshift Snaps use a TCP connection, over TLS (SSL) optionally, to establish the JDBC connection.
...
Info |
---|
Learn more about the configuration fields on these tabs in https://docs-snaplogic.atlassian.net/wiki/spaces/SD/pages/840598217/Creating+the+Snaplex+in+Manager#Node-Configuration-Options. |
HTTP Port Configuration
Use the Node Properties tab to change port values.
You can change the default values:
8090 for the JCC node
8091 for the FeedMaster node
...
HTTP/HTTPS Port Customization
You can customize the HTTP port configuration used by the JCC node. On .
Point the cursor and click the target Snaplex to open the Update Snaplex dialog.
Click the Node Properties tab
...
.
In the HTTP Port or HTTPS Port field, specify the custom port value.
Updating this option modifies the global.properties
file by setting the port number to the following value:
...
changes the default setting in the Global properties field:
HTTP Port:
jcc.jetty_port
...
=
...
8090
HTTPS Port
...
You can customize the HTTPS port configuration used by the JCC node. On the Node Properties tab in the Update Snaplex dialog, you can specify a value in the HTTPS Port field.
...
:
...
jcc.cc_secure_port
...
=
...
8888
...
Feedmaster Broker Port Customization
You can If you Snaplex has a Feedmaster node, you can also customize the FeedMaster Feedmaster node port configuration used by the JCC node. The default is 8089. On the Node Properties tab in
Point the cursor and click the target Snaplex to open the Update Snaplex dialog
...
.
Click the Node Properties tab.
Under Global properties, click to open the key-value fieldset.
Specify the custom port value.
Key:
jcc.broker_service_uri
...
Value:
ssl://0.0.0.0:8089?transport.enabledProtocols=TLSv1,TLSv1.1,TLSv1.2&transport.enabledCipherSuites=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA
Info |
---|
The port used should be unique and cannot be the same as the ports used for the HTTP and HTTPS services. |
HTTP Connection Pooling
Outbound HTTP connections created to the SnapLogic cloud or to any other HTTP endpoints are placed in a connection pool by default. You can configure the properties for the pool in etc/global.properties
by by adding them to the Update Snaplex dialog, Node Properties tab, Global properties table.
To increase the maximum number of connections that can be created at a time (default is 100):
...
Key:
jcc.http_client_max_connections
...
Value:
300
To set the TCP connection timeout for an outbound connection (in seconds, the default is 60, zero is an infinite timeout):
...
Key:
jcc.http_client_tcp_connection_timeout
...
Value:
120
To set the inactivity timeout for a socket connection (in seconds, default is 3600, zero is an infinite timeout).
...
Key:
jcc.http_client_socket_timeout
...
Value:
300
Info |
---|
The http_client_socket_timeout must be set to a value higher than the maximum child Pipeline execution time. |
HTTP Proxy Configuration
In the typical HTTP Proxy configuration, the proxy forwards requests to any endpoint. You can use the same HTTP proxy for connecting with the SnapLogic Control Plane and also for connecting to other REST endpoints, such as Salesforce. Forward HTTP proxy type is the most flexible method for integrating multiple endpoints.
...
In the following example, the field restricts HTTP requests from routing to the local host or host in the http://example.com domain.
...
Key:
jcc.http.
...
nonProxyHosts
Value:
localhost|127.*|[::1]|MYHOSTNAME|*.example.com
The proxy settings are configured per the standard JRE settings. These are displayed in the Node Proxies tab of your Snaplex in SnapLogic Manager:
paste-code-macro |
---|
jcc.http.proxyHost = myproxy.example.com
jcc.http.proxyPort = 3128
jcc.http.nonProxyHosts = localhost|127.*|[::1]|MYHOSTNAME|*.example.com
jcc.https.proxyHost = myproxy.example.com
jcc.https.proxyPort = 3128
jcc.https.nonProxyHosts = localhost|127.*|[::1]|MYHOSTNAME|*.example.com
jcc.http.proxyUser=proxyuser
jcc.http.proxyPassword=proxypass |
Reverse Proxy Configuration
In some scenarios, your network operations team can might configure a reverse proxy instead of a forward traditional proxy. In that case, all requests to the proxy are directly sent to the SnapLogic Control Plane. For example, if https://myproxy.test.com/ is the proxy server, a request will return the status from the SnapLogic Control Plane.
For example:
...
language | html |
---|
curl https://myproxy.test.com/status
To enable the Snaplex to work with the reverse proxy, add the following information to two key-value pairs to the Global Properties of your Snaplex properties:
Global property |
...
Key |
|
...
Value |
|
...
Key |
|
...
Value | control-plane-name |
Where control-plane-name is one of the following:
elastic
uat
emea
Info |
---|
Since setting Setting up a reverse proxy is uncommon, your network operations team has to allow access as explained above to enable SnapLogic to access your S3 instanceunusual. In most cases, a forward proxy should be used. |
Troubleshooting Snaplex Communication
This article covers some basic troubleshooting tips You can run the following cURL commands to test communication with the Snaplex. In each command, you specify the Control Plane name in the URL.
Name | Control Plane |
---|---|
elastic | Production - default |
emea | Production - EMEA region |
uat | Testing - default |
To verify if outbound requests are permitted from the Snaplex node
...
:
...
curl
...
https://
...
control-plane-name.snaplogic.com/status
A response with the status OK
indicates successful completion.
If this request hangs or fails, then a proxy is required. Request the HTTP proxy information from your network operations team.
To check access through a proxy
...
:
...
curl
...
-x myproxy.mydomain.com:3128
...
https://
...
control-plane-name.snaplogic.com/status
...
If this request fails with a 407 (Proxy Authentication Required), then you need to specify the authentication information in the proxy.
To check the proxy authentication, run the following command:
...
curl
...
-x myproxy.mydomain.com:3128
...
--proxy-user
...
"proxyuser:proxypasswd"
...
https://
...
control-plane-name.snaplogic.com/status
...
The -v
option can be added to curl to get detailed messages.
Control Plane Name
Info |
---|
For Windows-based Groundplexes, download the TLS (SSL) enabled |
...
...
to verify your configuration. |