Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
2834 Discussions

Intel EMA Recovery Server - network requirements

neilbrin
New Contributor I
‎03-20-2023 02:24 PM
1,918 Views

I currently have a TEST Intel EMA platform configured in AWS using the documentation provided by Intel for a multi-web server deployment. I also have AWS based load balancers configured in front of these web servers, with one ELB for Swarm traffic (tcp/8080) and one ELB for Management (tcp/443 & tcp/8084) . I can't find anywher ein the Intel documentaiton as to the traffic flows required for the Recovery server connectivity (tcp/8085) and whether the traffic is to/from the endpoint to the Intel EMA web servers or the traffic is required from the support/management host to the EMA web servers. I've read through the documentation in the link below, but couldn't find anything useful, so just wondering if there are any diagrams or details around the Recovery server network traffic and firewall requirements;
https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm?turl=WordDocuments%2Foneclickrecovery.htm

 

0 Kudos

Link Copied

9 Replies
neilbrin
New Contributor I
‎03-20-2023 02:27 PM
1,917 Views

Also, I couldn't see this traffic listed in the diagram (see attached), whcih is form this document;
https://www.intel.com/content/dam/support/us/en/documents/software/manageability-products/intel-ema-web-deployment-guide.pdf

 

Preview file
145 KB
0 Kudos
Copy link
Victor_G_Intel
Employee
‎03-21-2023 10:34 AM
1,891 Views

Hello neilbrin,


Thank you for posting on the Intel® communities.


To continue with your request, can you please share with us the exact EMA version you are currently using?


Regards,


Victor G.

Intel Technical Support Technician  


0 Kudos
Copy link
neilbrin
New Contributor I
‎03-21-2023 03:55 PM
1,879 Views
In response to Victor_G_Intel

Hi Victor,

 

We are currently using Intel EMA v1.9.0.0

 

Regards,

Neil...

In response to Victor_G_Intel
0 Kudos
Copy link
Victor_G_Intel
Employee
‎03-22-2023 10:10 AM
1,864 Views

Hello neilbrin,

 

Thank you for your response.

 

Please let me review this information internally, and kindly wait for an update.

 

Once we have more information to share, we will post it on this thread.

 

Regards,


Victor G.

Intel Technical Support Technician


0 Kudos
Copy link
MichaelA_Intel
Moderator
‎03-23-2023 10:41 AM
1,842 Views

Hi, if you are looking for more detail for recovery server, please check this guide and Section 6.6:


https://www.intel.com/content/dam/support/us/en/documents/software/manageability-products/intel-ema-distibuted-seve-installation-and-maintenance-guide.pdf


Unfortunately, we do not have any diagrams available. Secondly, there is a deployment guide for AWS that might help:


https://www.intel.com/content/dam/support/us/en/documents/software/manageability-products/intel-ema-web-deployment-guide.pdf




0 Kudos
Copy link
neilbrin
New Contributor I
‎03-23-2023 02:39 PM
1,830 Views
In response to MichaelA_Intel

Thanks Michael.

 

I can see from the documentation it appears that the intra-EMA Recovery server traffic is on tcp/8095, but the default port for the Recovery component is listed as tcp/8085 . What I'm trying to establish is whether we need tcp/8085 port open from the endpoints to the Recovery server[s] (similar to the tcp/8080 swarm traffic) , or does it need to be open from the management/support workstations (ie. similar to the tcp/443 [web], tcp/8084 [websocket] traffic). This answer has impacts on firewall rules, security groups and possibly load balancers.

Also, are there any recommendations around using a Load Balance/Traget group (AWS) for this Recovery traffic?

 

Finally in Section 6.6 Recovery Server settings (Intel EMA Distributed Server installation and maintenance guide) in the 'UI: Server IPs' row, it states Ajax server and I think this should be 'Recovery' server?

 

Thanks again,

Neil...

In response to MichaelA_Intel
0 Kudos
Copy link
MichaelA_Intel
Moderator
‎03-24-2023 05:05 PM
1,810 Views

Hi Neil,


I know there is tons of information in our documentation and could be missed or need clarification, so thank you for reaching out to us with your questions.


In Section 2 of the installation guide under General Installation Notes, instructions to setup Recovery load balancer:

For the health monitoring rule of the Recovery server load balancer, use 8085 for the port and TCP for the protocol. For the load balancing rule for the Recovery Server load balancer, use 8085 for the front-end and back-end ports, TCP for the protocol, and do not enable session persistence.


Firewall rules required is Endpoint connecting to EMA Server on port TCP 8085. TCP 8095 is for internal communication between Recovery and other EMA server components (Swarm, Manageability, Ajax). Recovery server rule will be similar to Swarm server rule except on TCP 8085.


Finally, yes, you are correct, it should be Recovery server and not Ajax server. I will feed this back to the publishers, thank you.


Regards,

Michael


0 Kudos
Copy link
neilbrin
New Contributor I
‎03-25-2023 02:26 PM
1,782 Views
In response to MichaelA_Intel

Excellent. Thanks Michael.

 

This is the information I was after. Much appreciated

 

Regards,

Neil...

In response to MichaelA_Intel
0 Kudos
Copy link
MichaelA_Intel
Moderator
‎03-27-2023 02:17 PM
1,728 Views

Thank you Neil, happy to help.


Regards,

Michael


0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.