Keep in mind I wouldn't have any application or HTML being served off that nginx container, it is purely for Dynatrace RUM. OneAgent is running via the Dynatrace Operator as a daemon set on all nodes.
Does anyone know how to achieve this?
Solved! Go to Solution.
Can you be more specific on your use case?
Thanks for your reply.
Reason I want to do a dedicated webserver is because for the applications developed in .NET Core deployed in Kubernetes, the automatic injection/reporting doesn't work as expected due to differences in the context root of the application and how it's actually exposed externally due to firewall rules.
For example, I have a service that is exposed externally under https://www.example.com/v1/app however the context root of the service is simply /, and the URI stem part of it (/v1/app) is only known to the ingress definition, and the service itself has no idea about it. So the automatic injection of the JS agent in the HTML works, however it points to https://www.example.com/ruxitagentjs to load the JS agent and https://www.example.com/rb_xxxx for the beacons, which result in 404s because neither are available under that URI path.
My idea is to have a dedicated container just for the purpose of serving the RUM assets and endpoints, so I am not overloading any other business services.
Let me know if I need to expand in any of these topics.
Problem with this approach is I am then overloading the .NET Core service under /v1/app with the RUM tasks for all services in the web application (there are 20+), and the intent is to not overload any.
So proper way would be to adjust those paths in the advanced section of the application.
Those values can be relative only.
I can image spinning a dedicated web server for serving the RUM JS and processing the beacons, however, the mapping has to be done by you. So basically defining ingress rules at your cluster for the /ruxitagentjs* and rb_* to point to your dedicated web server. This technically should work, but it needs this additional configuration of your ingress in K8S. Anyway, I'd recommend the first approach as it is less error-prone (no ingress rules required).
Thing is there is substantial impact if I direct all RUM requests to a single service. We serve around 10k actions/min in our website during peak, and the impact on the service I tried is about 5% CPU usage increase in each node that is part of the service pool, as now everything RUM related is hitting it. The performance team asked for a way to have this in a dedicated service, not interfering with a real business service.
So back to the original question, is there a way to have a dedicated webserver for RUM JS and beacon processing, without any business applications running in it? What needs to be done in this webserver, do I need to statically add the JS file and whatnot? I will make sure the ingress definition will handle the external traffic appropriately.
OK, but in your case, I don't think you have a single instance of the web server, so the load for the beacons should be spread equally.
Based on how things work, you can easily set up just a plain nginx or apache and have it monitored by oneagent. The context of /ruxitagent* and rb_* will be automatically added. You only need to set up the ingress rules on the K8s so the traffic to those two URL paths will be directed to the dedicated web servers.
Oneagent on the webserver has to be connected to the same Dynatrace tenant as the monitored application. RUM JS or the beacon endpoint can be anywhere, but they have to report to the same tenant.
So basically there is nothing to do in Dynatrace, you only have to setup your routing within k8s.
The CPU increase is 5% when using 4 instances (5% on each instance), which is pretty high.
I will try the "plain nginx" approach with the appropriate ingress routing rules and report back if it worked.
Thanks for the pointers.
To close the loop here, I can confirm deploying a simple nginx webserver with the appropriate ingress path, and setting that path in the application advanced RUM properties works fine for serving the JS agent and receiving the beacons.
Thanks everyone for the help.