This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Vip Cluster Activegate shared

Go to solution
dcinciripini
Participant

‎11 Apr 2023 09:52 PM - last edited on ‎12 Apr 2023 08:40 AM by Community Team

Hello everyone,

we have a customer who would like that as Cluster Activegate's vip is used an existing one used to receive Matomo traffic in order to minimize access points in the event of a cyber attack.

Everything would be managed by a load balancer that should be properly configured but I fear that, even in that case, sharing the vip could lead to traffic distribution problems between Matomo and Dynatrace.

What do you think? Have you ever had experience with a similar structure?

Labels:
Reply
4 REPLIES 4

Go to solution
Yosi_Neuman
DynaMight Guru
DynaMight Guru

‎12 Apr 2023 08:47 AM

Hi @dcinciripini 

This should work with no problems as design and experienced at few customer sties.

Yosi_Neuman_0-1681285509505.png

HTH

Yos 

dynatrace certificated professional - dynatrace master partner - Matrix Soft Ware Division - Israel
Reply

Go to solution
dcinciripini
Participant

‎08 May 2023 10:45 AM

Hi Yosi,

Thanks for your answer. I have another question about this setup:
If the ssl terminates on the balancer, is it still necessary to insert the ssl certificates in the Cluster Activegates?

 

In this community post: (https://community.dynatrace.com/t5/Real-User-Monitoring/Not-seeing-agentless-RUM-traffic-in-Dynatrac...)

and in this part of the documentation it seems like it is needed (https://www.dynatrace.com/support/help/managed-cluster/basic-concepts/managed-deployment-scenarios#s...)

dcinciripini_0-1683539050607.png

 


but I don't understand why

0 Kudos
Reply

Go to solution
dcinciripini
Participant

‎08 May 2023 01:36 PM

I explain myself in a better way:
Would it be possible, since the load balancer will terminate the ssl, to transfer the traffic from the load balancer to the CAG in http instead of https (thus avoiding putting the ssl certificate on the activegate clusters) or https traffic is mandatory also between load balancers and CAG?

Thanks in advance,
Davide

0 Kudos
Reply

Go to solution
Yosi_Neuman
DynaMight Guru
DynaMight Guru
In response to dcinciripini

‎08 May 2023 10:10 PM

Hi @dcinciripini 

From Required configuration for each traffic case its look like that for some use cases you need to have certificate from end to end 

Yosi_Neuman_0-1683579471523.png

Yos 

dynatrace certificated professional - dynatrace master partner - Matrix Soft Ware Division - Israel
Reply
Ask a question

Featured Posts