My coworkers and I am experiencing an issue with server task locking up and lasting up to 107 hours. This ultimately disrupts services for our HBSS team and requires the servers to be rebooted. We shut down our agent handler, then ePO, followed by the database. I was told it had to be done this way because the agent handlers need to communicate with the ePO and if ePO goes offline then will just continue passing it information. I am new to HBSS administration so I don't know all the facts. So, I have several questions. Do agent handlers just blindly pass information to ePO or do they require an acknowledgement. How often to agent handlers communicate with the ePO? I have checked under the Agent Handler list option, but only tells me the last time there was communication. Not how often is should be expected. I ask these questions because I have found that I can just restart ePO services to end the hung task instead of rebooting the entire suite, but my Team Lead has concerns that this will negatively impact communication and lead to data from agent handlers not being passed to the ePO.
How often to agent handlers communicate with the ePO?
Agent Handlers use a work queue in the McAfee ePO database as their primary communication mechanism.
Agent Handlers check the server work queue every 10 seconds and perform the requested action (IF there is an action to be performed). Typical actions include agent wake-up calls, requests for product deployment, and data channel messages. These frequent communications to the database require relatively high speed, low latency connection between the Agent Handler and the McAfee ePO database.
To expand on tao's response, the agent handlers do most of their work with the ePO Database and not with Tomcat, event parser, and Apache on the ePO server. There is a few instances in which the agent handler will communicate with Tomcat (Application Server service) and Apache (ePO Server service). At no time does the Agent Handler communicate with the event parser.
The Agent Handler will communicate with Tomcat only for Data Channel uploads. This is things like Drive Encryption key uploads or FRP key requests.
The Agent Handler will communicate with Apache only to access the ePO Master Repository for software updates / deployments if the package doesn't exist in the Agent Handlers cache. If you have Distributed Repositories this will likely not have any impact at all as the agent will just pull the package from another repository.
Outside of those two scenarios, the Agent Handler isn't aware of the ePO servers state. While you may see a system fail to activate Drive Encryption or a software deployment fail, the impact is minimal to insignificant and I see no rational justification to shutdown services on Agent Handlers when restarting services on ePO.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.