• United States (English)
• Brazil (Português)
• China (中文)
• France (Français)
• Germany (Deutsch)
• Italy (Italiano)
• Japan (日本語)
• Korea (한국어)
• Mexico (Español)

• Sign In
• Create Support Account

FREE TRIALS

• Become a portal pro
• Print
• My Downloads ()

• Support
• Technical Documentation
• Foglight APM for Real User Experience 5.9.11
• Foglight APM for Real User Experience 5.9.11 - Installation and Setup Guide

Foglight APM for Real User Experience 5.9.11 - Installation and Setup Guide

Table of Contents  

Installation overview

Introducing the monitoring architecture

Software components

Foglight Management Server Archiver Sniffer Browser Instrumentation Relayer Archiver databases

Ports used by Foglight APM

Appliance types Typical monitoring solutions

Monitoring physical networks Monitoring virtual networks Mixing physical and virtual appliances Adding Foglight APM to an existing Foglight installation

Installing physical appliances

Before you begin

Physical appliance components Other network components required Anatomy of an appliance

Planning an installation of physical appliances

Public network switch Private network switch for the capture subnet Network taps

Monitoring individual web servers Monitoring web server farms

Network information required for physical appliances

Installing appliances on a network rack Connecting appliances to the network Connecting Sniffers

Connecting Sniffers to network taps Connecting Sniffers to Archivers

Connecting one Sniffer to one Archiver Connecting Sniffers to Archivers

Starting physical appliances and configuring remote access Launching the Console Program remotely with DRAC

Installing virtual appliances

Monitoring multiple ESXi hosts

Monitoring multiple hosts through a centralized Sniffer Monitoring multiple hosts using local Sniffers Mixing virtual and physical appliances Scaling out a multiple host configuration Installing virtual appliances to monitor multiple hosts

Monitoring a single ESXi host

All-on-one-host variation Scalability Installing virtual appliances to monitor a single host

Before you begin

Software environment Foglight APM OVF templates Required port groups RAID configuration Network information for virtual appliances

Creating port groups on virtual switches

Configuring port groups on a distributed switch

Creating a Monitoring Network port group required by Sniffers Creating the Capture Network port group required by Sniffers and Archivers Creating a virtual adapter for the Capture Network port group

Configuring port groups on a standard switch

Deploying Foglight virtual templates Deploying the Foglight virtual Sniffer template Connecting virtual appliances on different servers Powering on virtual appliances

Setting up appliances

Logging in to the Console Program Enabling SSH and changing the default password Setting the date and time Specifying network settings Exiting the Console Program Launching Foglight Configuring software components

Working with appliance-hosted Management Servers

Configuring Management Server settings Configuring the Management Server to work with SSL keys

Creating a new SSL key for Foglight HTTPS access Using an existing SSL key for Foglight HTTPS access Configuring Foglight for secure remote LDAP access

Restricted file access Transferring support files from a physical appliance

Transferring files to Windows systems Transferring files to Linux systems

Troubleshooting appliance-hosted Management Servers Differences from working with server-hosted Management Servers

Setting up server-hosted Management Servers

Server requirements

Downloading and installing 256-bit encryption files Disabling the NetBIOS over TCP/IP setting

Installing Foglight APM cartridges Communicating with Sniffer and Archiver appliances Configuring Federated Children Enabling High Availability mode

Maintaining appliances

Launching the Console Program

Accessing physical appliances using SSH on Microsoft Windows systems Accessing physical appliances using SSH on UNIX systems

List of tasks available from the main menu Managing user accounts

Adding new user accounts Modifying user accounts and enabling SSH Removing user accounts

Modifying the time zone, time, or date Modifying the list of NTP servers for physical appliances Modifying network settings Shutting down appliances Rebooting appliances Updating software

Upgrading from a PKG file Displaying the upgrade log

Testing network settings Stopping and starting processes Reviewing the appliance system details and health status Reviewing the status of NIC devices Verifying monitored traffic by port Purging and resetting Archiver databases Creating support bundles Creating TCP dump files Accessing the home directory Creating Dell report archives on physical appliances

Backing up and restoring physical appliances

Setting up appliances as NetVault clients

Enabling an appliance's NetVault client Registering an appliance in NetVault

Running and restoring backups

Stopping Foglight and running a backup Restoring backups

Preparing a new appliance Restoring a backup

Appendix: Troubleshooting

Diagnosing Sniffer issues

Overview of the Sniffer test Running the Sniffer test Investigating and resolving issues in monitored traffic

Understanding packet drops with SPAN ports and aggregation network taps Expanding full partitions on virtual appliances

Expanding the size of virtual disks Expanding the size of partitions

• Viewing Topics 25 - 28 of 137

×

Network taps

A network tap provides monitoring access to the traffic flowing across a network. Different types of devices are often used as network taps, but only full-duplex network taps and smart taps with full-duplex enabled guarantee the 100% data capture that Foglight APM requires to provide complete and accurate data processing and reporting. A true full-duplex tap splits the ingress traffic (requests to the web servers) and egress traffic (responses from the web servers) into two streams. When those streams are fed into two separate monitoring NICs on an appliance hosting a Sniffer, you get full data capture.

 

IMPORTANT: SPAN ports and aggregation network taps do not reliably mirror all traffic routed through them to the monitoring port, which results in inaccurate data in Foglight. For more information, see Understanding packet drops with SPAN ports and aggregation network taps.

Before starting your installation, you need to determine the best place to install network taps in your network. The main consideration is to maximize visibility into the requests and responses going to and from your web servers. Therefore, you want to select locations where the Sniffers can see traffic for all the web servers providing content to the end users of your applications.

For more information, see the following topics:

•	Monitoring individual web servers

•	Monitoring web server farms

Monitoring individual web servers

In the simplest case, where the traffic you want to monitor is handled by one or two web servers, install network taps in front of the individual web servers. Sniffers monitor only this traffic.

Monitoring web server farms

To monitor all web servers in a server farm, install the network tap between the firewall and the load balancer, as shown in the following diagram. This allows a Sniffer to see all traffic before it is separated out by server destinations. Redundant paths to the server farm (or multiple server farms) may mean deploying additional network taps to obtain complete coverage.

 

IMPORTANT: If you have a reverse proxy in your network, or if your load balancer acts as a reverse proxy, you may want to choose a different deployment location. For more information, see Understanding how load balancers and reverse proxies affect metrics.

Figure 5. Monitoring web server farms

Configuring web servers in a server farm

When the network tap is installed between the firewall and the load balancer, the traffic contains only the IP address of the load balancer rather than the web servers. While this behavior is important for security purposes, it means that Foglight attributes the data for all web servers to the load balancer IP address. Usually, you want data attributed to individual web servers.

To enable Foglight to track data by web server, you need to configure the web servers to insert an extra shared HTTP response header into the traffic. For example, you can create an HTTP response header called SERVER-ID. On each web server, you assign a unique, fictitious (for security purposes) IP address to this header.

After Foglight is running, an APM Administrator defines a server identifier with the same name as the response header, and Foglight automatically begins tracking hits by web server. For more information, see “Managing identifiers for virtual addressing schemes” in the Foglight APM Administration and Configuration Guide.

Understanding how load balancers and reverse proxies affect metrics

Most load balancers also act as a reverse proxy. Reverse proxies multiplex requests from multiple client connections onto one proxy network connection to the web server. So, while there could be thousands of connections coming into the proxy, the proxy may maintain only a dozen connections to each web server.

Reverse proxies affect some of the metrics collected by Foglight, depending on where the network tap is installed in relation to the proxy. The affected metrics are Network Delay and Back End Time for hits and pages, which are also included in the calculations of End-to-End Time for hits and pages. For more information about how these metrics are calculated, see “Understanding calculated data” in the Foglight APM Reference Guide.

When a network tap is installed between the client and the reverse proxy, Network Delay is an estimate of the time it takes for a request to travel from the end user’s device to the point where the tap is located. This is the desired measurement. The Back End Time includes the time spent on the request by the reverse proxy and the web server, which in many cases is acceptable, but may not be desirable if your stakeholders want the Back End Time to reflect the performance of the web server only.

When a tap is between the reverse proxy and the server farm, the Back End Time reflects the time spent by a web server without the overhead of the proxy, but the Network Delay is a fraction of the actual network delay. In this scenario, Network Delay is based on the time it takes for a request to travel from the reverse proxy to the tap.

The following table summarizes the trade-off in metric calculations. Select the deployment option that suits your needs.

 

Table 4. Metric calculation trade-offs

Network Tap Installed	Network Delay	Back End Time
Between the client and the reverse proxy (recommended)	Estimate of time elapsed from the end user’s device to the tap, which is the expected value.	Time spent on a request by the reverse proxy and a web server.
Between the reverse proxy and the server farm	Estimate of time elapsed from the reverse proxy to the tap, which is a fraction of the expected value.	Time spent on a request by a web server.

Some customers install network taps in both locations and configure two separate installations of Foglight (Management Server, Archiver, and Sniffer) to monitor the taps. The Foglight instance monitoring the client side tap provides accurate Network Delay metrics, while the Foglight instance monitoring the server farm side provides accurate Back End Times and volume metrics for each web server.

 

CAUTION: If you install network taps on both sides of a reverse proxy, do not connect them to the same installation of Foglight. The metrics collected in this fashion are inaccurate.

Network information required for physical appliances

You need to have the following information to set up the appliances. For IP addresses, you can use either IPv4 or IPv6 formats.

 

IMPORTANT: You must assign dedicated IP addresses to appliances. DHCP and dynamically-assigned IP addresses are not supported.

 

Table 5. Network information required for physical appliances

Network Information	Description
Control Port IP Address	• Enables communication among Foglight, Archivers, and Sniffers • Each appliance needs a unique and dedicated IP address that belongs to the same intranet subnet • Corresponds to Control Port (eth0) on the physical appliance
Subnet Mask	Mask corresponding to the Control Port IP Address and subnet
Hostname	Domain name of the Control Port IP Address
Auxiliary IP Address	• Not required for an All-in-One Appliance or Foglight Server appliance • Enables data transfer from Sniffers to Archivers located on different appliances • Each Sniffer appliance and Archiver appliance needs a unique Auxiliary IP Address that belongs to the same capture subnet • Corresponds to Auxiliary Port (eth1) on the physical appliance
Subnet Mask	Mask corresponding to the Auxiliary IP Address and capture subnet
Gateway IP Address	• IP address of your network’s gateway • Same for every appliance
DRAC IP Address	• Each appliance requires a unique DRAC IP address • Corresponds to DRAC Port on the physical appliance
Preferred DNS IP Address	• IP address of the primary DNS server (supports DNS lookups) • Same for every appliance
Alternate DNS IP Address	• Optional—IP address of a secondary DNS server • Same for every appliance

•  Previous
• Viewing Topics 25 - 28 of 137
• Next 

Search this document Search all documents

×

 Welcome to Quest Support

You can find online support help for Quest *product* on an affiliate support site. Click continue to be directed to the correct support content and assistance for *product*.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating