forked from pivotal-cf/docs-new-relic-nozzle
-
Notifications
You must be signed in to change notification settings - Fork 0
/
installing.html.md.erb
179 lines (146 loc) · 11.5 KB
/
installing.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
---
title: Installing and Configuring New Relic Nozzle for VMware Tanzu
owner: Partners
---
You can install the [New Relic Nozzle for VMware Tanzu](https://network.pivotal.io/products/nr-firehose-nozzle/) as a tile in Ops Manager, or push it as a regular application.
## <a id='install-opsmgr'></a> Install as a tile in Ops Manager
1. Download New Relic Nozzle for VMware Tanzu from [Pivotal Network](https://network.pivotal.io/products/nr-firehose-nozzle/).
2. Go to the **Ops Manager Installation Dashboard** and click **Import a Product**.
3. Under the **Import a Product** button, click the **+** sign next to the version number of New Relic Nozzle for VMware Tanzu. This adds the tile to your staging area.
4. Click the newly added **New Relic Nozzle for VMware Tanzu** tile.
### Configure the nozzle tile
Change the following settings to configure the nozzle tile:
* Under **New Relic Firehose Nozzle > Settings > Assign AZs and Networks**:
- Select your desired networks.
- Click **Save**.
* Under **New Relic Firehose Nozzle > Settings > New Relic Firehose Nozzle**:
- New Relic RPM Account ID: `YOUR-NEW-RELIC-RPM-ACCOUNT`
- New Relic RPM Account Region: `US` or `EU`. Choose EU if your RPM URL contains .eu
- New Relic Insights Insert Key: `YOUR-NEW-RELIC-INSIGHTS-INSERT-KEY`
- Firehose Subscription ID: unique Subscription Identifier (i.e. `newrelic.firehose`)
- Nozzle instances: specify between 1 to 30 instance(s) depending on the load of Firehose events. Default is 2.
* Under **New Relic Firehose Nozzle > Settings > Advanced Settings**:
- Skip SSL Verification (True/False): whether to verify SSL connection
- Enable New Relic Logs - HttpStartStop: Send HttpStartStop (Timer) envelopes to New Relic Logs (boolean true/false)
- Enable New Relic Logs - LogMessage: Send LogMessage envelopes to New Relic Logs (boolean true/false)
- Selected Events: comma-separated list of event types
- Drain Interval: how often aggregated metric events are sent (Default: 60s)
- Firehose -> Reverse Log Proxy Gateway Timeout (minutes): connection timeout to the RLP Gateway (Default: 16m)
- Firehose No Traffic Restart Threshold (seconds): the nozzle will automatically restart if no messages are received in this time period (Default: 15s)
- Firehose Queue Buffer Size (messages): number of messages the nozzle buffer can hold while processing. Also the number of messages that will be dropped if the buffer fills (Default: 8192)
- Log Level: INFO or DEBUG
- Tracer (True/False): activate trace level logging (**extremely** verbose)
* If your environment uses a proxy server, add the following environment variables:
- Proxy Server Address and Port: `proxy server address:port`
- Proxy Bypass: comma-separated list of servers to bypass proxy
* Under **New Relic Firehose Nozzle tile > Settings > LogMessage Filters** tab:
- LogMessage Source Include Filter: comma or pipe-separated list of log sources to include (optional)
- LogMessage Source Exclude Filter: comma or pipe-separated list of log sources to exclude (optional)
- LogMessage Message Content Include Filter: comma or pipe-separated list of log message content to include (optional) (for example, Including Error,CRASHED would only send LogMessage events that contain Error or CRASHED)
- LogMessage Message Content Exclude Filter: comma or pipe-separated list of log message content to exclude (optional)<br /><br />
**Note**: include logic is processed before exclude logic. If specified, include filters will only generate New Relic events if the include filter is matched. Exclude filters will exclude matches
### <a id='obtain-config-values'></a> Where to Obtain Configuration Values
The following properties can be obtained either from the VMware Tanzu Application Service or from New Relic:
* Firehose Subscription ID: a unique ID (i.e. `newrelic.firehose`)
* Skip SSL: if SSL is disabled, this value should be set to `true`.
* Selected Events: a comma-separated list of any of the following Firehose event types:
- `ValueMetric`
- `CounterEvent`
- `ContainerMetric`
- `HttpStartStop`
- `LogMessage`
* New Relic RPM Account ID: the first number that you find in your RPM Url (i.e. `https://insights.newrelic.com/accounts/RPM-ID/...`)
* New Relic Insights Insert Key: an insert key from `https://insights.newrelic.com/accounts/RPM-ID/manage/api_keys`.
* Client Id: `Ops Manager -> VMware Tanzu Application Service -> Credentials -> Job -> UAA -> Opentsdb Nozzle Credentials -> Link to Credential -> identity` </br>(Only for Application push)
* Client Secret: `Ops Manager -> VMware Tanzu Application Service -> Credentials -> Job -> UAA -> Opentsdb Nozzle Credentials -> Link to Credential -> password` </br>(Only for Application push)
* API URL: `https://api.YOUR-PCF-DOMAIN` -- `cf curl /v2/info` </br>(Only for Application push)
* UAA URL: `https://uaa.YOUR-PCF-DOMAIN` -- `cf curl /v2/info` </br>(Only for Application push)
* API User Name: if using admin account - `Ops Manager -> VMware Tanzu Application Service -> Credentials -> Job -> UAA -> Admin Credentials -> Link to Credential -> identity` </br>(Only for Application push)
* API Password: if using admin account - `Ops Manager -> VMware Tanzu Application Service -> Credentials -> Job -> UAA -> Admin Credentials -> Link to Credential -> password` </br>(Only for Application push)
To obtain the properties:
1. Go to **New Relic Insights > Manage Data > API Keys** as an admin user.
2. Copy an existing insert key or create a new one, save it, and copy it.
3. Return to the Ops Manager Installation Dashboard and paste the insert key.
4. Click **Apply Changes**.
## <a id='install-app'></a> Install as an Application
When pushing New Relic Nozzle for VMware Tanzu as an application, you must have a manifest with the following properties:
```
applications:
- name: newrelic-firehose-nozzle
memory: 512M
disk_quota: 256M
instances: 2
health-check-type: http
health-check-http-endpoint: /health
host: cf-firehose-nozzle-${random-word}
buildpacks:
- binary_buildpack
path: dist
command: ./nr-fh-nozzle
env:
NRF_CF_CLIENT_ID: "Ops Mgr -> Elastic Runtime -> Credentials -> Job -> UAA -> Opentsdb Nozzle Credentials -> Link to Credential -> identity"
NRF_CF_CLIENT_SECRET: "Ops Mgr -> Elastic Runtime -> Credentials -> Job -> UAA -> Opentsdb Nozzle Credentials -> Link to Credential -> password"
NRF_CF_API_UAA_URL: "run cf curl /v2/info to get the url"
NRF_CF_API_URL: "run cf curl /v2/info to get the url"
NRF_FIREHOSE_ID: newrelic.firehose
NRF_CF_SKIP_SSL: true
NRF_ENABLED_ENVELOPE_TYPES: ValueMetric,CounterEvent,LogMessage,ContainerMetric,HttpStartStop
NRF_CF_API_USERNAME: "Ops Mgr -> Elastic Runtime -> Credentials -> Job -> UAA -> Admin Credentials -> Link to Credential -> identity"
NRF_CF_API_PASSWORD: "Ops Mgr -> Elastic Runtime -> Credentials -> Job -> UAA -> Admin Credentials -> Link to Credential -> password"
NRF_NEWRELIC_ACCOUNT_ID: New Relic Account ID
NRF_NEWRELIC_INSERT_KEY: New Relic Insights Insert Key
# # Optional Settings (with their default values listed). Uncomment the setting to change.
# # New Relic account region. Choose EU if RPM URL includes .eu.
# NRF_NEWRELIC_ACCOUNT_REGION: US or EU
# # How often accumulated metric events are sent. Recommended: 29s, 59s, 89s, or 129s
# NRF_NEWRELIC_DRAIN_INTERVAL: 59s
# # Number of minutes before the HTTP connection to the RLP Gateway is considered hung and restarted. The RLP Gateway should force a new connection every 14 minutes. This is only applicable if the connection hangs.
# NRF_FIREHOSE_HTTP_TIMEOUT_MINS: 16
# # Number of consecutive seconds with no messages before the nozzle is automatically restarted. Set per environment based on normal message load.
# NRF_FIREHOSE_RESTART_THRESH_SECS: 15
# # Number of messages the nozzle buffer can hold while processing. Also the number of messages that will be dropped if the buffer fills. Recommended minimum is 6000.
# NRF_FIREHOSE_DIODE_BUFFER: 8192
# # Log level (INFO or DEBUG)
# NRF_LOG_LEVEL: INFO
# # Trace level logging (extremely verbose)
# NRF_TRACER: false
# # Send HttpStartStop envelopes to New Relic Logs
# NRF_LOGS_HTTP: false
# # Send LogMessage envelopes to New Relic Logs
# NRF_LOGS_LOGMESSAGE: false
# # LogMessage filters (| separated values)
# NRF_LOGMESSAGE_SOURCE_INCLUDE: ""
# NRF_LOGMESSAGE_SOURCE_EXCLUDE: ""
# NRF_LOGMESSAGE_MESSAGE_INCLUDE: ""
# NRF_LOGMESSAGE_MESSAGE_EXCLUDE: ""
# # if proxy used in your environment
# http_proxy: <proxy server address:port>
# no_proxy: <comma separated list of servers to bypass proxy>
```
<p class="note"><strong>Note:</strong> In order to automate the <code>cf push</code> deployment process as much as possible, create an application <code>manifest.yml</code> file. Update the manifest as required for your environment. Make sure to assign proper values to all required environment variables. Any property values within angle brackets must be changed to the correct values for your environment.</p>
<p class="note"><strong>Note:</strong> Make sure to build the nozzle binary in <code>dist</code> subdirectory (using the build command below), so that when you push the app, the source and rest of the unnecessary files/folders do not get pushed into the container.</p>
### <a id='create-client-secret'></a> Adding a Client, Granting Permissions, and Setting a Secret
This example creates a new client and grants the necessary UAA permissions. A default client is used when the nozzle is deployed as a tile and these steps are not necessary. The OpenTSDB Nozzle Credentials can also be retrieved and used instead of creating a custom client.
```
uaac target https://uaa.[your cf system domain]
uaac token client get admin -s [your admin-secret]
uaac client add firehose-to-newrelic \
--name firehose-to-newrelic \
--secret [your_client_secret] \
--authorized_grant_types client_credentials,refresh_token \
--authorities doppler.firehose,cloud_controller.admin_read_only
--scope doppler.firehose
```
* UAA Client ID would be `firehose-to-newrelic`
* UAA Client Secret would be the value set with `--secret`
### <a id='app-build'></a> Application Build and Deploy
If you make any changes to the code, or would like to run on other operating systems, you can clone the code from [GitHub](https://github.com/newrelic/newrelic-pcf-nozzle-tile/) and follow the building and deploy steps from the [README file](https://github.com/newrelic/newrelic-pcf-nozzle-tile/README.md).
## <a id='using-proxy'></a> Using Proxy Servers
If you need to use a proxy server in your environment, use the following environment variables:
* `http_proxy`
* `no_proxy`
You can specify the values for these properties during the setup of the tile in Ops Manager. If you use the app version of the nozzle, you can set these environment variables at the end of the `manifest.yml` in the **env** section, or set them directly by running `cf set-env`.
### <a id='notes'></a> Notes
* Environment variables must be written in lower case.
* You must set `http_proxy` to your proxy server address and port (for example, `http://my_proxyserver:my_proxy_port`).
* You must set `no_proxy` to any address that you need to bypass. For the nozzle to work properly with proxies, you must bypass the `doppler` server (`doppler.YOUR-VMware Tanzu-DOMAIN.com`). Make sure not to include the protocol and the port for `no_proxy`; just add the server name.