22 Jan 2021 03:45 PM
OnPremise / Local Dynatrace Managed Installation (latest version):
I have now read quite a bit about Synthetic Monitoring, however I still don't fully understand the network communication here.
According to scenario 2 https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-managed/basic-concepts/managed-deployment-scenarios/ Synthetic Monitoring uses port 9999 incoming.
If I configure Synthetic Monitoring from the outside world with a Dynatrace hosted ActiveGate (e.g. Frankfurt) in Dynatrace Managed (OnPremise installation), how is the communication to get the measured data in via port 9999? There must also be an outgoing connection so that the Synthetic Monitoring can be set in e.g. Frankfurt...
We have our Managed Node Cluster and the ActiveGates cluster in the same network zone. Unfortunately, I cannot currently make an outgoing connection to the Internet from there. What are the possibilities and how does the network communication work in detail?
I already use Mobile Application Monitoring (MAM) with Port 9999 incoming over an Loadbalancer. For the public, there is a URL (e.g. exampleural-apm.domain.ch) that is reachable over 9999 incoming, but not the ClusterActive Gates itself (traffic is routed from the Loadbalancer to the Cluster ActiveGates). MAM Monitoring works perfect, but not Synthetic Monitoring with the public location hosted by Dynatrace.
here are a few considerations:
- If i configure a Synthetic monitoring with a public active gate hosted by Dynatrace (e.g. Frankfurt), must then not be a way of an outgoing connection to the the public Dynatrace ActiveGate that he knows what to monitor and where to send the data back? How does he (the public ActiveGate knows that?
- If i use a Loadbalancer to route the 9999 Traffic from an external URL to the internal AcitveGates, is that probably a problem? Do i have to configure this somewhere in Dynatrace or does the Cluster ActiveGate need the 9999 directly incoming?
Thanks for your feedback and tips 🙂
Solved! Go to Solution.
22 Jan 2021 07:10 PM
Hi,
In that scenario 2 in the documentation, there's a Cluster ActiveGate deployed that's listening to tcp/9999 for synthetic monitoring data incoming from various public locations hosted by Dynatrace. I'm not sure whether "Frankfurt" in your example is hosted by you or Dynatrace? Because both options are actually possible.
So to clarify: you can execute synthetic tests from various servers around the world which are hosted by Dynatrace. If your target app is available from the internet, it's likely a good idea from costs perspective to use the existing monitoring locations that Dynatrace provides. If your application is in a private network, you probably want to monitor from within that same network and host your own monitoring server. So these are the options:
Option A: When using one of the public locations hosted by Dynatrace, you need the Cluster AG that has tcp/9999 open for incoming connections from the internet (so it can receive data from the various synthetic monitoring sites hosted by Dynatrace). Note that the direction is not outgoing from the ActiveGate, it's from the Dynatrace monitoring locations towards your ActiveGate tcp/9999.
Option B: When using a private location hosted by yourself, you just need to be able to send the monitoring results towards your Managed cluster port tcp/443. (or, if needed, you can route the data via proxy or a Cluster ActiveGate).
25 Jan 2021 07:17 AM
Hi,
Yes, in my scenario i want to use the location from Dynatrace hosted. I already use Mobile Application Monitoring (MAM) with Port 9999 incoming over an Loadbalancer. For the public, there is a URL (e.g. exampleural-apm.domain.ch) that is reachable over 9999 incoming, but not the ClusterActive Gates itself. MAM Monitoring works perfectly, but not Synthetic Monitoring with the public locaction hosted by Dynatrace.
here are a few considerations:
- If i configure a Synthetic monitoring with a public active gate hosted by Dynatrace (e.g. Frankfurt), must then not be a way of an outgoing connection to the the public Dynatrace ActiveGate that he knows what to monitor and where to send the data back? How does he (the public ActiveGate knows that?
- If i use a Loadbalancer to route the 9999 Traffic from an external URL to the internal AcitveGates, is that probably a problem? Do i have to configure this somewhere in Dynatrace or does the Cluster ActiveGate need the 9999 directly incoming?
25 Jan 2021 07:29 AM
Hello @Urs F.
Let me share the scnerio configured by us.
Public IP > F5 > 443 > Cluster AG > 9998 (keep in mind that the port 9999 by default is for the SSL communication).
Configured the public IP address as a second IP for the Cluster AG.
Regards,
Babar
25 Jan 2021 07:29 AM
"a public active gate hosted by Dynatrace (e.g. Frankfurt)"
-> Dynatrace is not hosting the Cluster ActiveGate, just the monitoring locations like Frankfurt. Your ActiveGate is not actively monitoring anything in this scenario, it's just receiving data from Frankfurt. So the comment about ActiveGate knowing what to monitor is not relevant, it's not actually monitoring anything 🙂 Just receiving the monitoring data. Like I described in the previous response, I believe you just need to handle the below and you're good to go:
You need a Cluster AG that has tcp/9999 open for incoming connections from the internet, so it can receive data from the various synthetic monitoring sites hosted by Dynatrace.