cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Complete list of Domain and IP of the access from Dynatrace managed server to the internet

nkobayashi1
Helper

Hi,

Could you provide the complete list of domain and IP of the access from Dynatrace managed server to the internet?

We need to put the domain and IP into the hosts file of Dynatrace managed server.

Since on the environment, the public DNS lookup is restricted. The customer said that it is not possible to allow public DNS access in this environment for the dynatrace managed trial.

Best Regards,
Noah Kobayashi

8 REPLIES 8

BabarQayyum
Leader

Hello Noah,

If I am not wrong you are asking about the Outbound communication to Dynatrace Mission Control.

Below is the documented information.

  • Your Dynatrace Managed clusters must be able to communicate with Mission Control (URL: https://mcsvc.dynatrace.com and IP addresses: 52.5.224.56, 52.200.165.10, 52.221.165.63, and 13.228.109.33) via HTTPS (port 443) for license validation, health monitoring, and automatic updates. Communication between Dynatrace Managed clusters and Mission Control is based on TLS v1.2.
  • To enable health monitoring, your Dynatrace Managed Server must also have access to *.live.dynatrace.com (IP addresses 34.203.81.189, 34.205.222.178, 54.164.42.22, 52.1.155.152, and 54.164.49.176) via HTTPS (port 443).
  • Communication between Dynatrace Managed clusters and Mission Control can also be routed via a proxy, but the proxy must allow web sockets and, if the proxy is clustered, it must provide sticky sessions for web socket communication. Also, the proxy must support the SNI TLS extension.

Review the below link for more insight.

https://www.dynatrace.com/support/help/installatio...

Regards,

Babar

nkobayashi1
Helper

Hi,

In our case, we need to use hosts file to resolve domain name.
And hosts file requires complete domain and IP list without "*".
We need to know about the domains included in the *.live.dynatrace.com.

In addition, we see "opcsvc.ruxit.com" in the install log of dynatrace managed server.
This domain is not documented.
So we want to know complete domain and IP list in that sense.
Could someone provide that?

Here is the install log of dynarace managed server.

2018-04-26 06:11:40 UTC Checking connection to Mission Control ..
2018-04-26 06:11:40 UTC Looking for system HTTPS proxy ...
2018-04-26 06:11:40 UTC Looking for system HTTPS proxy ... failed, no proxy found
2018-04-26 06:11:40 UTC Testing connection to Dynatrace Mission Control https://mcsvc.dynatrace.com:443 ...
2018-04-26 06:11:41 UTC Testing connection to Dynatrace Mission Control https://opcsvc.ruxit.com:443 ...
2018-04-26 06:11:41 UTC Testing connection to Dynatrace Mission Control ... failed, with error: ('Connection aborted.', gaierror(-2, 'Name or service not known'))

Best Regards,
Noah Kobayashi

Hello Noah,

I would suggest you to open a support case to get the actual domain names and more you required to fulfill the requirements.

Regards,

Babar

Julius_Loman
Leader

opcsvc.ruxit.com is pointing to mcsvc.dynatrace.com (think of it as an DNS alias). If you are setting proxy restriction rules (e.g. based on FQDN), you should include both host names. If you are setting firewall rules (e.g. based on IP addresses), you should include just the IPs @Babar Q. mentioned.

For the health monitoring (the *.live.dynatrace.com) it will probably depend on your installation as this is dynamically assigned during install. However, you can skip the health monitoring and run the cluster without it if you have to.

pshinde
Inactive

@Julius L. can you please elaborate more on Health monitoring . What all things will get monitored with that.

@Prashant S. I have no idea, you will have to ask someone from Dynatrace. Actually I think just the regular things that are monitored with oneagent are collected with this agent. But this agent on Dynatrace Managed Cluster Node is connected to environment owned and managed by Dynatrace. I believe it just collects performance data about server's OS and processes and they are probably used by Dynatrace DevOps team when investigating issues (support tickets).

You may be interested in this page: https://www.dynatrace.com/support/help/get-started/managed-introduction/how-does-mission-control-pro-active-support-work/

nkobayashi1
Helper

Thank you all.

I tried the installation of Dynatrace Managed in the environment where DNS cannot be used. The installation was successful with only the following hosts record.

52.5.224.56 opcsvc.ruxit.com
52.5.224.56 mcsvc.dynatrace.com

At that time, I saw OneAgent installation was skipped.

Verifying disk space ...                                                OK
Testing connection to Dynatrace Mission Control ... OK
Verifying system connectivity ... OK
Preparing system user for Dynatrace ... OK
Initializing installation ... OK
Checking user permissions ... OK
Downloading Dynatrace OneAgent. This may take a few minutes ... skipped
Installing system access tool ... OK
Installing. This may take a few minutes ... OK
Preparing connectivity settings ... OK
Setting up cluster configuration. This may take a few minutes ... OK
Starting Dynatrace. This may take a few minutes ... OK
Configuring Dynatrace. This may take a few minutes ... OK


Installation completed successfully.
Exit code: 0