Cluster Mode Setup
Operavix’s cluster mode allows you to integrate the main Operavix application server with additional components—such as the Automation Agent, Webhook Agent, and AI Agent—into a unified distributed system. Communication between components occurs over the gRPC protocol, with mandatory mutual authentication based on X.509 certificates and traffic encryption.
This mode enhances system fault tolerance, scalability, and flexibility when processing large data volumes or executing resource-intensive tasks.
General Cluster Setup Principles
Each cluster node must specify:
- A unique node name within the cluster (string, e.g.,
"operavix") - A port for incoming gRPC connections (default:
7000) - An X.509 certificate and private key in
PEM/PKCS#8format for the current node - A list of other nodes’ addresses in
host:portformat - Certificates of other nodes for mutual authentication and trust establishment
All inter-node connections are encrypted. HTTP mode is not supported—only HTTPS/mTLS over gRPC.
Windows Configuration (Legacy Installation)
If the Operavix server is installed on Windows:
- Create the configuration file:
C:\ProgramData\Operavix\config\cluster.json - Populate it with the following content:
Explanation:
{ "network": { "current": { "name": "operavix", "port": 7000, "ssl": { "cert_chain_path": "ssl/operavix.crt", "private_key_path": "ssl/operavix.key", "trust_certs": ["ssl/agent01.crt", "ssl/agent02.crt"] } }, "nodes": ["agent01.domain.local:7000", "agent02.domain.local:7000"] } }Parameter Description nameUnique node name in the cluster (appears in logs and the web UI) portPort for incoming gRPC connections cert_chain_pathPath to the node’s X.509 certificate (PEM format), relative to C:\ProgramData\Operavixprivate_key_pathPath to the node’s private key in PKCS#8formattrust_certsArray of paths to certificates of other trusted nodes nodesArray of addresses of other cluster nodes (including the gRPCport) - Restart the Operavix service to apply the changes.
Docker Container Configuration (Linux)
When running Operavix in Docker (e.g., Docker Swarm), the configuration is passed via environment variables and Docker secrets.
Environment Variables
| Variable | Description |
|---|---|
CL_NAME | Unique name of the current node (e.g., "operavix") |
CL_PORT | gRPC port (optional, default: 7000) |
CL_REMOTE_NODES | Semicolon-separated list of other nodes’ addresses: "agent01.domain.local:7000;agent02.domain.local:7000" |
Docker Secrets (files mounted inside the container)
| Secret | Purpose |
|---|---|
cluster_current.crt | Certificate of the current node (PEM) |
cluster_current.key | Private key of the current node (PKCS#8) |
cluster_remote_node_*.crt | Certificates of remote nodes (e.g., cluster_remote_node_agent01.crt) |
Example Docker Swarm Deployment
docker service create --name operavix-app \
--secret operavix_app_https_certificate \
--secret operavix_app_https_certificate_password \
--secret cluster_current.crt \
--secret cluster_current.key \
--secret cluster_remote_node_agent01.crt \
--secret cluster_remote_node_agent02.crt \
--mount type=volume,src=operavix-app-data,target=/var/lib/operavix/data/ \
--mount type=volume,src=operavix-app-log,target=/var/log/operavix/ \
--publish published=443,target=8010,mode=host \
--restart-max-attempts 5 \
--restart-condition "on-failure" \
-e JVM_MAX_MEMORY='4G' \
-e FE_URL="https://server-name.domain.com" \
-e FE_CORS_POLICY="*" \
-e CL_NAME="operavix" \
-e CL_REMOTE_NODES="agent01.domain.local:7000;agent02.domain.local:7000" \
operavix/operavix_app:d250603
Agents (Automation, Webhook, AI) are configured in the same way—each with its own name, certificate, and references to other nodes, including Operavix.
Verifying the Configuration
After configuring all nodes:
- Log in to the Operavix web interface using an administrator account.
- Navigate to: Settings → About System.
- Ensure all cluster nodes appear in the list.
- Expand each node to view details, including the version numbers of the components in use.
Was the article helpful?