The documentation you're currently reading is for version 2.4.1. Click here to view documentation for the latest stable version.
Overview: Single-box Reference Deployment¶
First, let’s review what the main BWC components are, their role, and how they are wired together when BWC is deployed on a single box. As you follow the installation instructions in this section, this is your target “reference deployment”.
1. st2 services¶
st2 services provide the main BWC functionality. They are located at
share a dedicated Python virtualenv, and are configured by /etc/st2/st2.conf.
- st2sensorcontainer runs sensors from
/opt/stackstorm/packs. It manages the sensors to be run on a node. It will start, stop and restart based on policy the sensors running on a node.
- st2rulesengine evaluates rules when it sees TriggerInstances and decides if an ActionExecution is to be requested. It needs access to MongoDB to locate rules and RabbitMQ to listen for TriggerInstances and request ActionExecutions. The auxiliary purpose of this process is to run all the defined timers.
- st2actionrunners run actions from packs under
/opt/stackstorm/packsvia a variety of Action Runners. Runners may require some runner-specific configurations, e.g. SSH needs to be configured for running remote actions based on
remote-command-runner. Windows prerequisites must be in place to run Windows runners. See Runners for details.
- st2resultstracker keeps track of long-running workflow executions, calling the Mistral API endpoint.
- st2notifier generates
st2.core.notifytriggerbased on the completion of ActionExecution. The auxiliary purpose is to act as a backup scheduler for actions that may not have been scheduled.
- st2garbagecollector is an optional service to periodically delete old execution history data from the database, per settings in
- st2auth is an authentication service with the REST endpoint. A variety of auth backends is available; see Authentication. Reference deployment uses flat file auth backend.
- st2api is REST API web service endpoint, used by CLI and WebUI. It also serves webhooks for webhook triggers.
- st2stream is an event stream consumption HTTP endpoint where various useful events are posted. These events are consumed by WebUI and hubot i.e. ChatOps to update with results etc.
st2client is the CLI and Python bindings for the BWC API. To configure CLI to point to the right
API, authentication options, suppressing insecure warnings for self-signed certificates and other
conveniences see CLI Reference.
st2client is packaged with
st2, or can be installed
Mistral is a workflow service component that BWC uses for long-running workflows. It
is packaged as
rpm, installed under
runs in a dedicated Python virtualenv, and is configured by
server runs workflow logic and calling actions, reaching out to st2api for action execution
st2mistral is a mistral plugin with stackstorm extensions.
mistral-api is an
internal end-point accessed by
st2notifier. In a single-box deployment
it is restricted to localhost.
4. NGINX for WebUI and SSL termination¶
- nginx provides SSL termination, redirects HTTP to HTTPS, serves WebUI as static HTML, and reverse-proxies REST API endpoints to st2* web services.
- StackStorm WebUI (st2web, and Workflow Designer, for Brocade Workflow Composer) are installed at
/opt/stackstorm/static/webuiand configured via
st2webcomes in its own
Flowis deployed with
bwc-enterprisepackage. They are HTML5 applications, served as static HTML, and calling BWC st2auth and st2api REST API endpoints. NGINX proxies st2auth and st2api requests through 443 HTTPS port to
5. st2chatops - ChatOps components¶
BWC Chatops components are Hubot, |st2|’s Hubot adapter, and plugins for connecting to different
Chat services. They are packaged in
rpm, installed at
/opt/stackstorm/chatops/ and configured in
The required dependencies are RabbitMQ, MongoDB, and PostgreSQL. The optional dependencies are:
- nginx for SSL termination, reverse-proxying API endpoints and serving static HTML.
- Redis or Zookeeper for concurrency policies (see Policies).
- LDAP for Brocade Workflow Composer LDAP authentication.