1. Latest Release Home
  2. Guides
  3. Concepts
  4. Tools
    1. Alert Editor
    2. Alias Sync Tool
    3. Analyzer
    4. Apache Parquet Merge Tool
    5. Avro Extractor Tool
    6. Business Schema Designer
    7. Business Schema Manager
    8. Cluster Management Console
    9. CMC Logs Manager
    10. CMC Monitoring
    11. CMC Patch Manager
    12. CMC Scheduler
    13. CMC Tenant Manager
    14. Command Line Interface
    15. Content Manager
    16. Dashboard Filters Manager
    17. Dashboard Manager
    18. Data Agent
      1. Set up Data Agent with Proxy
    19. Data APIs for External Notebooks
    20. Data Lineage Viewer v2
    21. Data Manager
    22. Data Studio Manager
    23. Formula Builder
    24. Inspector Tool
    25. Join Editor
    26. Load Job Details Viewer
    27. Load Plan DAG Viewer
    28. Model Update Viewer
    29. Notebook Editor
    30. Profile Manager
    31. Public API
    32. Query Plan Viewer
    33. Scheduler
    34. Schema Designer
    35. Schema Diagram Viewer
    36. Schema Manager
    37. Schema Version Compare
    38. Schema Wizard
    39. Security Manager
    40. Table Editor
    41. Tenant Management Tool
    42. Upload Service Command Line Interface (CLI)
    43. Versioning Migration Tool
  5. References
  6. Integrations
  7. Data applications
  8. Data Governance
  9. Release Notes
  10. Incorta Premium
  11. Release Support Policy
  12. Release Model

Guides → Set up Data Agent with Proxy

Starting 2024.7, the data agent uses two separate network protocols to communicate with the Incorta cluster: one for the controller and one for the agent. When the data agent host must reach the cluster through a proxy server, you must configure each component with the appropriate proxy settings before starting the data agent.

Note

For releases before 2024.7, you need to configure the data agent proxy only.

Setup steps

Here are the high-level steps to configure a data agent through a proxy:

  1. Confirm proxy protocol support.
  2. Install the data agent.
  3. Add HTTP CONNECT proxy settings to the controller component.
  4. Add SOCKS5 proxy settings to the agent component.
  5. Start the data agent and verify the connection.

Confirm proxy protocol support

Before you begin, confirm the following:

  • Your proxy supports both of the following protocols, with access to the Incorta cluster's data agent service ports:
ProtocolComponentDefault cluster port
HTTP CONNECTController6260
6261 (to handle the data agent auto-upgrades in case of Incorta Cloud installations)
SOCKS5Agent6767
6768
  • Ensure that the proxy server and any device on the network path forward the Transport Layer Security (TLS) traffic without modification. TLS interception (also known as SSL/TLS inspection or SSL bumping) breaks the data agent connection.
Note

You may use one proxy endpoint to serve both protocols or two separate proxy endpoints.

Important

If the proxy server cannot support both protocols, configure a direct egress allow-list entry for the data agent host instead. For details, see Alternative setup: direct outbound access.

Install the data agent

Follow the standard data agent installation steps. Do not start the data agent yet.

Configure the controller proxy

The controller uses HTTP CONNECT to communicate with the cluster on port 6260. Configure the JVM proxy settings in the controller startup script.

  1. On Linux or macOS, open incorta.dataagent.controller/bin/controller.sh. On Windows, open controller.bat.

  2. Locate the section that sets the JAVA_OPTS based on the JDK version, and add the following immediately below it:

    • Linux / macOS:

      JAVA_OPTS="$JAVA_OPTS -Dhttps.proxyHost=<PROXY_HOST> -Dhttps.proxyPort=<PROXY_PORT>"
      export JAVA_OPTS

    • Windows:

      set JAVA_OPTS=%JAVA_OPTS% -Dhttps.proxyHost=<PROXY_HOST> -Dhttps.proxyPort=<PROXY_PORT>
    Note

    Replace <PROXY_HOST> and <PROXY_PORT> with the HTTP CONNECT proxy address and port.

  3. If the proxy requires authentication, append the proxy credentials to the previous Java option. For example:

    JAVA_OPTS="$JAVA_OPTS -Dhttps.proxyHost=<PROXY_HOST> -Dhttps.proxyPort=<PROXY_PORT> -Dhttps.proxyUser=<PROXY_USER> -Dhttps.proxyPassword=<PROXY_PASSWORD>"

  4. Save the file.

Configure the agent proxy

The agent component uses SOCKS5 to communicate with the cluster on ports 6767 and 6768. Configure the JVM proxy settings in the agent startup script.

  1. On Linux or macOS, open incorta.dataagent/bin/agent.sh. On Windows, open agent.bat.

  2. Locate the section that sets the JAVA_OPTS based on the JDK version, and add the following immediately below it:

    • Linux / macOS:

      JAVA_OPTS="$JAVA_OPTS -DsocksProxyHost=<PROXY_HOST> -DsocksProxyPort=<PROXY_PORT>"
      export JAVA_OPTS

    • Windows:

      set JAVA_OPTS=%JAVA_OPTS% -DsocksProxyHost=<PROXY_HOST> -DsocksProxyPort=<PROXY_PORT>
    Note

    Replace <PROXY_HOST> and <PROXY_PORT> with the SOCKS5 proxy address and port.

  3. Save the file.

Start the data agent

In releases starting 2024.7, start the controller first, then start the agent.

  • To start the controller, run the following. Once started, use the Incorta platform to start the agent:

    cd <DATA_AGENT_INSTALL_DIR>/incorta.dataagent.controller
    ./bin/controller.sh start

  • To start the data agent for releases before 2024.7, run the following:

    cd ../incorta.dataagent
    ./bin/agent.sh start

For more details, refer to Tools → Data Agent → Start the data agent service.

Verify the connection

In the Cluster Management Console (CMC), confirm that the data agent displays Connected status.

Alternative setup: direct outbound access

If the available proxy does not support the required protocols, you can configure a direct egress allow-list for the data agent host to reach the cluster on the following destinations. The host values for each destination are visible in the CMC.

DestinationDefault port
Analytics/CMC Data agent controller public host6260
Analytics public host6767
Loader public host6768
Auto-upgrade port6261 (in case of Incorta Cloud installation)

Confirm that the allow-list is active, and verify connectivity from the data agent host before starting it:

  • Linux/macOS:

    nc -vz <CLUSTER_HOST> <PORT>

  • Windows:

    Test-NetConnection -ComputerName <CLUSTER_HOST> -Port <PORT>

A successful TCP connection to each destination confirms that the allow-list is active. Start the data agent.

Important

The proxy settings described in this guide are not required when using direct outbound access.