cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AWS integration with Managed Dynatrace

shashank_b_agra
Organizer

Hi, I am trying to integrate my AWS infrastructure with self hosted Dynatrace. It's hosted internally with in my corporate data centre with a single cluster and has 3 nodes/servers.

My AWS infrastructure has got 2 accounts Prod and Non Prod and I would want both of them to be monitored in Dynatrace. I've got couple of questions -

  1. I believe the Active gate needs to be deployed in AWS to talk to DT clusters. Where this active gate will be deployed?
  2. What ports and connectivity is required in order for my AWS resources to be monitored in DT?
  3. Does it also require a direct connect set up so that AWS can talk to on-premise Dynatrace solution via Direct connect?
  4. Any other steps which I need to take care of while designing this solution?

Let me know if anyone can help or advise on this please.

3 REPLIES 3

Babar_Qayyum
DynaMight Guru
DynaMight Guru

Hello @Shashank A.

Dynatrace can be deployed with or without Environment ActiveGate. Make sure that you meet one of the following deployment requirements:

  • For deployments with Environment ActiveGate, the Environment ActiveGate must be hosted in AWS.
  • For deployment without Environment ActiveGate, a Dynatrace Managed Server must be hosted in AWS.

Please have a look at the below link for the rest of your questions.

https://www.dynatrace.com/support/help/technology-support/cloud-platforms/amazon-web-services/aws-mo...

If something is missing that can be discussed here.

Regards,

Babar

JamesKitson
Dynatrace Guru
Dynatrace Guru
  1. You don't strictly need an ActiveGate if the OneAgents in AWS can reach your Managed Cluster directly but there will be some benefits such as allowing for more restrictive firewall rules and compression of traffic before it leaves AWS. As far as where it specifically should go that depends a lot on your AWS architecture but the main point of course is that if you do decide to use an ActiveGate the OneAgents will need to be able to reach it and the ActiveGate needs to be able to reach the Managed cluster.
  2. Do you mean the compute resources like EC2 with the OneAgents installed? OneAgent will talk HTTPS protocol with the Cluster directly using 443. If you have an ActiveGate you can refer here to the required ports: https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-activegate/configuration/wh...
  3. I've never configured Direct Connect but it is not required if the connections are routable over the Internet. If you have that link I'm sure it can be configured if desired though.
  4. Much will depend on how your AWS resources are networked. If OneAgents are not able to directly reach the cluster and must go through an ActiveGate consider setting up multiple per area of your network to avoid losing monitoring if an ActiveGate goes down. If you know you want certain OneAgents to only talk with certain ActiveGates you can look at planning and implementing network zones, though this is not necesary: https://www.dynatrace.com/support/help/setup-and-configuration/network-zones/

    This page has some good diagrams to look over when getting a feel for ports and such: https://www.dynatrace.com/support/help/shortlink/managed-deployment-scenarios#scenario-2-pure-dynatr...

Hi @James K. Thank you for your detailed response. So the thing is my Dynatrace is hosted inside my corporate data centre including the Active gate. So the one agent on my application servers which are also hosted internally talk to DT clusters via Active gate. This is the current scenario.

Now I have a new requirement where i would want few things like -

  1. Monitor AWS resources like EC2 instances in Dynatrace.
  2. Enable RUM stuff for applications which are hosted externally i.e. not inside my data centre. II know it's not possible to install one agent on those servers so is there any other way? Do we need an active gate which is available publically for this to happen?
  3. For the application which is hosted externally, we obviously don't have access to their servers so one agent installation is out of the picture. The other thing we can do is agent less monitoring which is inserting java script tag into each html pages. So this insertion has to be done manually or is there any automated way?

Featured Posts