An environment ActiveGate is connected to one environment/tenant within your Managed cluster and handles traffic only from OneAgents in that environment. On the other hand a Cluster ActiveGate can handle agent traffic from all of the environments/tenants within your cluster.
You download a Cluster AG from the CMC admin page, and you download an Environment AG from with the environment.
Hi @James K. I have a little doubt here, why if an Environment ActiveGate is connected only to one environment I can do this:
So again what is the difference? a bit confused here.
In the most typical deployment pattern and by default environment activegates handle one environment, but yes you can configure them to handle certain additional specific environments on the same cluster. A cluster activegate works this way by default.
And there's no way to have a cluster activegate for yourself in SaaS.
Both of them have also different functions. For example if you have managed installation and you want to monitor mobile application you have use cluster activegate and make it public. Environment ActiveGate is useful for example if you have agents from single environment inside dmz. Than you can proxy traffic from OneAgents through ActiveGate. This makes network rules easier 🙂 Read more in Dynatrace Documentation.
Where in the dynatrace website documentation page(s) can I get a clear difference btw env and cluster active gates? Unfortunately I only see information for "active gate" with use cases here https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-activegate/basic-concepts/w... but I need a clear distinction between both and clear scenarios
I always consider the Cluster Active Gate (only available with Managed) to be designed primarily for deployment in the DMZ with an External IP address exposed to the internet for incoming traffic such as Mobile monitoring beacons, External Synthetic monitoring beacons, Agentless RUM monitoring beacons. The Environment Active Gate is better suited to internal network deployment when needed for things like running Internal Browser Monitors/HTTP Monitors, VMWare monitoring, etc.
The training material in the University has useful material on various subjects, like this one.
See What Type of ActiveGate Do I Need? | On Demand | Dynatrace University
As I understand, Environment AG's for one act like a proxy-like gateway, for OneAgents, so the individual OA's do not need to connect to the SaaS, or the Managed Cluster. It receives the data, and forwards in compressed chunks. No need to drill more holes in the firewall, and more efficient network usage. They are also used for cloud and remote technologies monitoring, and to run synthetic monitors from a private location.
A Cluster AGs, only visible in a Managed environment, is a part of the Managed Cluster. It's build in, so in the base you don't need a separate one. But since you may not want or can not expose your Managed Cluster to the outside world, you can place a Cluster AG as gate-keeper in DMZ. I think having Cluster AGs also takes some workload off the actual cluster nodes.
See Managed deployments | Dynatrace Help