Summary

A description of Tachyon Stacks and their Tachyon components, the Tachyon Agents and how they connect to provide the Tachyon features.

Tachyon deployment architecture

At the top-most level, Tachyon architecture consists of Tachyon Server components, grouped into Stacks, and a set of Tachyon Agents that are deployed onto the devices that you want to manage.

Tachyon Server Stacks

There are two types of Stack: Master Stacks and Response Stacks.

A Tachyon system consists of a single Master Stack and one or more Response Stacks, with optional DMZ Servers. Each Response Stack has a Tachyon Core component that supports an associated set of up to five Tachyon Switches, which is the primary mechanism for rapidly requesting and retrieving responses from the Tachyon Agents. As each Switch can handle up to 50000 devices there is a limit of 250000 devices per Response Stack.

The Tachyon Switches may be local or remote to the other components in the Response Stack. Tachyon, Catalog, SLA and BI databases are installed on SQL Server database instance(s) that may also be local or remote to their respective Master or Response Stacks. It is also possible for multiple Response Stacks to share the same Responses database. The BI cube is installed on a local or remote SQL Server Analysis Services (SSAS) instance.

Please refer to Design Considerations - Architecture section for guidance on which architecture to choose. Below is a detailed description of Tachyon components.

Please refer to Communication Ports reference page for connection details between components and ports necessary for firewalls.

On this page:

Tachyon Single-Server system

In the most basic setup there is a single server which hosts both a Master Stack and a Response Stack and this can be deployed by selecting the default settings in Tachyon Setup

The following table shows the Tachyon Server components for each type of Stack, and also shows the DMZ Server discussed below.

SubsystemComponent

Master Stack

Response Stack

DMZ Server

Tachyon Platform

Tachyon Master database

1 (optionally Remote)

 


Tachyon Portal UI and applications (Tachyon)

1 

Consumer API

1

 


Coordinator service1

1E CatalogCatalog UI (CatalogWeb)1 (optionally Remote)

Catalog Update Service

Catalog API

Catalog database1 (optionally Remote)

SLA PlatformSLA/Platform APIs (Admin, Core External)1

SLA Platform UI (Platform)1

Engine1

Integrate Services (Connection Manager)1

Inventory1

Operations Provider1

SLA databases (Data, Integrate, Shared)1

SLA BIMDX API1

SLA-BI database1 (optionally Remote)

SLA-BI cube (requires SSAS)1 (optionally Remote)

Tachyon ResponseCore (Core and Core Internal) 1
Background Channel (Background) 11
Switch(es) (also includes a single Switch Host service) up to 5 (optionally Remote)up to 5
Tachyon Responses database 1 (optionally Remote)

The picture opposite shows a Tachyon Single-Server System with databases optionally installed locally or on remote SQL Server instance(s). 

The Response Stack has can be installed on the same server as the Master Stack, and on remote servers.

The DMZ Server has only the Agent facing components of the Response Stack: the Background Channel and Switches.


Tachyon Multi-Stack system

The picture opposite shows a Tachyon Multi-Stack System. Here the Tachyon Master Stack communicates with one ore more Tachyon Response Stacks. The Response Stack local to the Tachyon Server is optional if there is at least one remote Response Stack.

As with a single-server system, the databases are optionally installed locally or on remote SQL Server instances(s).

Tachyon components

Let's take a look at each of the Tachyon components in slightly more detail.

ComponentDescription

IIS Components

The following components are IIS Web Applications that reside on a single-server.

Under the Tachyon website:

  • Admin
  • Background (Background Channel)
  • Consumer (Cnsumer API)
  • Core
  • CoreExternal
  • CoreInternal
  • Platform
  • Tachyon

Under the Default Web Site:

  • CatalogWeb

Core

The Core is a Tachyon Response Stack component which has two web applications, Core and Core Internal.

Core does the following:

  • Forwards workflow commands from the Workflow service to the Tachyon Switch
  • Generates and sends instrumentation data to the Instrumentation service

Core Internal does the following:

  • Forwards responses from the Switch to the Responses database. This task requires high throughput therefore uses HTTP, but restricts access to the Switch server's local IP Address only

Background Channel

The Background Channel is a Tachyon Response Stack component which provides a means for the Tachyon Agents to retrieve large data items from Tachyon without loading the Tachyon Switch:

  • Stores Agent resources from the Consumer API in the Background Channel for Tachyon Agents to retrieve
  • Responds to Tachyon Agents retrieving Agent resources from the Background Channel

Switch

The Switch is a Tachyon Response Stack component which provides the following:

  • Sends instructions to and retrieves responses from the Tachyon Agents
  • Receives workflow commands from the Core component
  • Retrieves instruction definitions from the Core component
  • Forwards responses to the Core component
  • Sends instrumentation data to the Instrumentation component

The Switch Host service is responsible for starting local Switches.

Tachyon Portal UI

Tachyon users browse to the Tachyon Portal to access Tachyon applications:

  • Explorer
  • Guaranteed State
  • Patch Success
  • Settings

Consumer API

The Consumer API provides the following:

  • Processes the consumer requests from the Explorer and other Consumers
  • Publishes Agent resources to the Tachyon Background Channel
  • Forwards requests for instrumentation data from the Explorer to the Tachyon Instrumentation component
  • Forwards workflow commands from Consumers to the Tachyon Workflow component

Coordinator

The Coordinator service is the coordinating service used by Tachyon components. It has the following modules:

  • Licensing
  • Instrumentation - processes instrumentation data from the following components:
    • Core
    • Switch
    • Consumers
    • Switch
  • Workflow
    • Forwards workflow commands from the Consumer API to the Core
    • Stores workflow in SQL
    • Connects to remote SMTP to send emails used in the approval process for actions
    • The Workflow component contacts the Authentication component to manage the two-factor authentication process
  • Coordinator
    • Sends instructions according to Tachyon schedules
  • ServiceNow
  • Agent Deployment
  • Managenent Groups
    • Processing of Management groups within Tachyon.
  • Policy
    • Processing of Policies, including Guaranteed State.

onds to requests for instrumentation data from the Consumer API.

Supports the two-factor authentication feature, with email.

Catalog UI

The Catalog website used to view and interact with the Catalog.

Catalog Update Service

Service used to connect to the 1E Cloud Catalog in order to download the latest catalog entries..

Catalog API

APIs used to manage and update the 1E Catalog.

SLA Platform APIs

The Admin APIs are used to manage the SLA Platform.

The Core External APIs are used by SLA Platform clients, including the AppClarity Software Reclaimer. The Software Reclaimer will be a feature in a future version of Tachyon.

SLA Platform UI

The Platform website used to view and interact with the Inventory.

Engine

The Engine service is the coordinating service used by SLA Platform components. This includes processing of Management groups within SLA.

Integrate Services

The Integrate Agent performs Connector functions by connecting to data sources and importing data into repositories. The Integrate Manager manages Agent operations including respository action schedules.

Inventory

The inventory repositories.

Operations Provider

The Operations Provider and functions

BI MDX API

APIs used to manage SLA Business Intelligence.

Consumers

The primary examples of Consumers are the Tachyon applications (Explorer, Guaranteed State, Patch Success and Settings) other examples include external consumers such as Configuration Manager extensions.

SQL Server

Tachyon has two databases:

  • Tachyon Master
  • Tachyon Responses

SLA Platform has three databases:

  • SLA-Data
  • SLA-Shared
  • SLA-Integrate

SLA BI has two databases:

  • SLA-BI database
  • SLA-BI cube on a SQL Server Analysis Server (SSAS) instance

Tachyon Agents

Each Tachyon Agent runs on one of the devices you want to include in your Tachyon managed estate. The Tachyon Agents communicate with the Tachyon Switches and the Background Channel to provide responses to instructions (questions and actions).

Tachyon architecture for Internet-facing devices

Enabling Tachyon to support devices that are external to your company network is done by slightly extending the default single-server architecture.

The Responses Stack handles communications between the Master Stack and the Tachyon Agents. The Background Channel and Switches components handle the direct communication with the Tachyon Agents, the Core processes the information in both directions between the Master Stack and the Switches.

To enable external Tachyon Agent devices to interact with Tachyon you need to put the Background Channel and at least one Switch into the DMZ.

You would then need to configure the internal firewall to allow two-way communication between:

  • The Core on the Internal Response Stack and the Switch(es) in the DMZ
  • The Instrumentation module of the Coordinator on the internal Response Stack and the Switch(es) in the DMZ
  • The Consumer API on the internal Master Stack and the Background Channel in the DMZ

You would then need to configure the external firewall to allow incoming connections for:

  • The external Tachyon Agents and the Background Channel in the DMZ
  • The external Tachyon Agents and the Switch(es) in the DMZ

You would then need to make the following changes:

  • The Tachyon Master database would need to be modified to enable Tachyon to recognize and additionally use the DMZ Background Channel and Switch(es) and raise the security level of the Core and Switch communications to use HTTPS. 
  • The configuration files for the Switch host on the Internal Tachyon Server and on the Tachyon Server in the DMZ would need to be changed to enable the Switch(es) to communicate with the Core.
  • The configuration file for the Background Channel on the DMZ would need to be changed to enable the Background Channel to communicate with the Consumer API.

The DMZ picture shows a dual firewall design, but single firewall is also supported.