Dynatrace Associate vILT – Day 1

Agenda

• Welcome/Accessing Environment/Overview
• Introduction to Dynatrace
• Dynatrace Offerings
• SaaS vs Managed

• Optional Components
• ActiveGate
• (previously called Security Gateway)

• OneAgent
• Network Monitoring
• Installation
• Container Monitoring
• Updating OneAgent
• Beta Features

Confidential 2
Accessing Your Training Environment

• As part of this class you will be instrumenting an application server with Dynatrace and throughout the week
will be involved in hands on labs. You can access your personalized environment on Dynatrace University.

Confidential 3
Welcome to Dynatrace Email

1. Complete your welcome email

instructions (check your junk folder).

2. Please complete your registration by

creating a unique password.

3. If you cannot find the email, go to

https://dynatrace-managed.dxs-
platform.com, enter your email, and
click ‘forgot password’

Confidential 4
Logging into our Dynatrace Tenant

1. Login to your Dynatrace Tenant using the following address:

• https://dynatrace-managed.dxs-platform.com
• Use your email address, and the password you created earlier
while setting up your environment.

2. Please raise your hand if you are having any difficulty connecting to
your environment.

Confidential 5
Easytravel Application Server Credentials + IP

https://university.dynatrace.com/account/environments

*If you have trouble accessing your environment, please inform the
instructor and email [email protected].
Please include the class name you are attending. Confidential 6
 Connecting to your Application Server

• In any browser, navigate to your provided EC2 IP address. You should

see the easyTravel application appear.

• Log into your EC2 instance via Native SSH, Putty, MobaXTerm, etc
• Username = ec2-user
• Password = dyn@trac3

*If you need to download putty, you can do so at http://putty.org.

Confidential 7
 Enterprise cloud is the platform for digital transformation

Complexity Scale Dynamic Frequency of Change User Expectation

Hybrid Multi-Cloud Web-scale and Containers and DevOps Digital Experience
automation microservices

of enterprises are hybrid of enterprises building web- container and microservices of enterprises are of users rate performance
with multi-cloud scale architecture adoption adopting DevOps ahead of features and
functions
Confidential 8
Software intelligence built for the enterprise cloud

Go beyond APM with the Dynatrace all-in-one platform

Application Cloud infrastructure Digital experience

AIOps
performance monitoring monitoring management

Software Intelligence Platform

Confidential 9
THE SOLUTION One Platform. Simplify

Hybrid • Single view across your entire hybrid-cloud

Multi-Cloud ecosystem from monolithic and mainframe to
your new cloud platform.

Web-scale and • Full stack coverage for DEM, APM, Cloud

Automation Infrastructure and AIOps

• Deep cloud integrations with all leading cloud

Container and providers.
Microservices

DevOps

Digital Experience

Confidential 10
THE SOLUTION Fully automated, with scale, out of the box.

Hybrid Dynatrace does the work for you

Multi-Cloud
• AI continuously analyzes to find problems with root
cause and business impact explained
Web-scale and
Automation • OneAgent automatically instruments your
applications, log files, containers and more

Container and
• Real time topology discovery & mapping across
Microservices
dynamic environments

• Software intelligence for 100,000+ hosts with

DevOps
Dynatrace web-scale architecture

Digital Experience

Confidential 11
 Better data makes Dynatrace A.I. and massive automation possible

High fidelity data Mapped end-to-end Deterministic AI Answers + Action

Users
Automated problem detection
Apps
Services Business impact determined
OneAgent

Code
Root cause explained
Server
Logs No alert storms
Network
Trigger self healing
Custom

Completely automated

Confidential 12
THE SOLUTION Containers? No problem.

Hybrid • Auto discover microservices and containers

Multi-Cloud without code or image changes

• Automatic and continuous dependency

Web-scale and mapping
Automation
• Monitor containerized processes transparently

Container and • OneAgent on the host is all it takes

Microservices

DevOps

Digital Experience Azure

Container Services

Confidential 13
THE SOLUTION Release better software faster

Hybrid • Continuous feedback

Multi-Cloud A.I. provides real time feedback for dev,
test, operation and biz teams.

Web-scale and • Measure and communicate

Automation A single source of truth enhances team
productivity and decision making.

Container and • Build an unbreakable delivery pipeline

Microservices and enable self-healing.

DevOps

Digital Experience

Confidential 14
THE SOLUTION Deliver perfect digital experiences

Hybrid • Full visibility into real user journeys.

Multi-Cloud
• Identify user sessions by ID and understand business
impact.
Web-scale and
Automation • See exactly what your users see with Session Replay.

• Get proactive with synthetic monitoring.

Container and
Microservices

DevOps

Digital Experience

Confidential 15
Dynatrace - Software intelligence built for the enterprise cloud

Application performance management

Microservices & containers Code-level Database monitoring

Lifecycle analytics Transaction tracing Monolith and mainframe

Cloud infrastructure monitoring

Cloud monitoring Virtualization monitoring Network monitoring

Container monitoring Server monitoring Log monitoring

AIOps

Continuous auto-discovery Anomaly detection Prediction

Automatic topology Root cause analysis Third party data & metrics

Digital experience management

Real user monitoring Mobile app monitoring RUM for SaaS vendors
Session replay Synthetic monitoring Digital experience insights

All-in-one software intelligence platform.

Confidential 16
Architecture

Confidential 17
What is Dynatrace?

Confidential 18
Dynatrace Capabilities

Business insights User behavior Full stack monitoring Application topology Root cause analysis Real user monitoring Synthetic monitoring Mobile app
analytics discover monitoring

Application Database monitoring Server monitoring Network monitoring Virtualization monitoring Microservices & Cloud monitoring Log analytics
performance container monitoring
management

Confidential 19
Deploying software and getting the best of both worlds

SaaS Managed
We provide the service, you just use it. You provide the platform, we manage the service.
Benefits
• No local installation • Full control of data
• No worries about hardware
provisioning backups and data
• Self monitoring built-in
storage • No worries about
• No monitoring/operator needed
patching, upgrading,
Concerns
• Compliance
troubleshooting,
• Bandwidth consumption monitoring or failover

Confidential 20
Dynatrace SaaS

Confidential 21
HA Proxy Server Cassandra Elasticsearch
Embedded
Cluster Cluster Cluster
ActiveGate

Availability Zone
Availability Zone
Availability Zone
Confidential 22
Ports - SaaS

Scale

SaaS Cluster

443 https 443 https

Target Applications

Dynatrace Agents Web UI

Confidential 23
Storage and Retention - SaaS

• Code Level and Performance data

• Service Requests – 35 days
• Service Code Level – 10 days

• Time Series
• 1 minute intervals – 14 days
• 5 minute intervals – 28 days
• 1 hour intervals – 400 days
• 1 day intervals – Forever

• RUM
• Sessions and User Actions – 35 days
• Waterfall analysis– 10 days

• Synthetic
• Transactions – 35 days

Confidential 24
Updates

• The components are updated on the schedules below:

• SaaS Cluster
• Every 2 weeks (automatic)

• OneAgent
• Every 4 weeks (optional)
• OneAgent versions are supported for 9 months (12 months with Premium support)

Confidential 25
Dynatrace Managed

Confidential 26
Dynatrace Managed Architecture
Mission Control
Monitoring

WebUI and Control Services

Dynatrace
Cluster
Analytics Services

Cassandra NoSQL Services

…
Dynatrace
Nginx Load Balancing WebUI

Agent Security Services

Cluster
Management
Console

Dynatrace
… OneAgent
Confidential 27
Ports - Managed

443 https Web UI

Target Applications

443 https
Dynatrace Agents Scale
Cluster Management Console (CMC)
8443 https
Cluster Nodes

443 https
Mission Control
(possible via proxy)

Confidential 28
Storage and Retention – Managed

• Code Level and Performance data

• Service Requests – 35 days (can be configured)
• Service Code Level – 10 days (can be configured)

• Time Series
• 1 minute intervals – 14 days
• 5 minute intervals – 28 days
• 1 hour intervals – 400 days
• 1 day intervals – Forever

• RUM
• Sessions and User Actions – 35 days
• Waterfall analysis– 10 days (can be configured)

• Synthetic
• Transactions – 35 days (can be configured)

Confidential 29
Updates

• The components are updated on the schedules below:

• Managed Cluster
• Every 4 weeks (may delay, but can’t skip them)
• Cluster versions are supported for 3 months (4 months with Premium support)

• OneAgent
• Every 4 weeks (optional)
• OneAgent versions are supported for 9 months (12 months with Premium support)

Confidential 30
 Managed Node Requirements

Max. hosts Max user Disk Direct Storage Long-term Elasticsearch

Node type monitored actions/s Minimum Node spec (Total across all nodes for Metrics Store (per node for 30 days
IOPS 10 days code visibility) retention)
(per node) (per node) (per node)

Small 250 250 8 vCPUs, 32GB RAM 150 500 GB 1.2 TB 700 GB

Medium 600 500 16 vCPUs, 64GB RAM 300 1 TB 2.5 TB 2 TB

Large 1500 1000 32 vCPUs, 128GB RAM 750 2 TB 5 TB 4 TB

XLarge 3000 3,000 64 vCPUs, 256GB RAM 1500 4 TB 10 TB 8 TB

Clusters should have equally sized nodes. A sufficiently sized 3-node cluster is the recommended setup.
For failover, a cluster must have ((# of nodes / 2) + 1) nodes to maintain functionality and can’t lose 3 or more nodes

Examples:
To monitor 8k hosts with a peak load of 3k user actions per second:
You need 3 XLarge nodes with a combined storage of 4TB for direct storage and 30TB for long term metrics
To monitor 200 hosts with a peak load of 500 user actions per second:
You need 1 Medium node with a combined storage of 1TB for direct storage and 2.5TB for long term metrics
or to have failover you can also use 3 Small nodes
Confidential 31
Directory Paths for Managed Node

Directory symbol Directory path Description Requirements

PRODUCT_PATH /opt/dynatrace-managed Main directory for binaries Min. 3 GB

DATASTORE_PATH /var/opt/dynatrace-managed Main directory for data Min. 3 GB

Logs of all components, services, and

LOG_PATH /var/opt/dynatrace-managed/log Max. 1 GB
tools

CASSANDRA_DATASTORE_PATH DATASTORE_PATH/cassandra Metrics repository Min. 25 GB

ELASTICSEARCH_DATASTORE_PATH DATASTORE_PATH/elasticsearch Elasticsearch store Min. 3 GB

SERVER_DATASTORE_PATH DATASTORE_PATH/server Transactions store Min. 14 GB

AGENT_BUILD_UNITS_PATH DATASTORE_PATH/agents OneAgent installation packages Min. 20 GB

SERVER_BUILD_UNITS_PATH DATASTORE_PATH/installer Installer for adding nodes to a cluster Max. 2 GB

Main directory for self-monitoring

SELFMON_AGENT_INSTALL_PATH /opt/dynatrace Min. 4 GB
OneAgent binaries

Confidential 32
Confidential 33
Mission Control
Pro-active Support

Confidential 34
Pro-active Support

• Dynatrace Managed relieves you of common maintenance and support challenges

• With pro-active support you get fully automated management capabilities that keep your Dynatrace
Cluster secure, reliable, and up-to-date—while saving you from the hassles of administrative tasks like
upgrades and troubleshooting

• With your permission, Dynatrace Managed Support staff can even remotely access your Dynatrace Cluster to
assist with troubleshooting

• All remote-access requests initiated by Dynatrace Support are logged and tracked along with all
other Dynatrace Cluster events

• You have control over which data is sent and what access is allowed

Confidential 35
 Updating reliably and fully automatically

Dynatrace Mission
Control

Dynatrace Update
Dynatrace cluster
v+1 Dynatrace Mission Control Team

Dynatrace Managed cluster updates are OneAgent updates are

mandatory optional
published typically every four weeks published typically every four weeks
started at a user specified time (daily or weekly) fully under your control
announced at least 24 hour in advance (OneAgents are compatible for at least one year)
very fast: monitoring continues seamlessly, UI downtime ca. 5 minutes Confidential 36
 Remote Management
Dynatrace Mission
Dynatrace Managed Cluster Control
Request for access

Dynatrace node 1
Request for access

Dynatrace node 2

Dynatrace Mission Control Team

Access cluster management
Dynatrace node n Access each environment
Access an internal maintenance UI

Auditing Security is key Mission Control Team cannot:

All configuration changes of Dynatrace All communication with Mission Control is via Access certificates
Managed are fully audit logged https with browser-like certificate checks Access user credentials
Each remote access is logged as an event with 2Factor authentication for remote write Gain root access to any servers
a reason access (coming soon)
Confidential 37
What data is sent to Mission Control?

• Usage and billing information

• Dynatrace Cluster health statistics

• Once permission is granted, our Mission Control team can remotely analyze the hardware utilization of your Dynatrace Managed
installation and alert you if more resources are required.

• Dynatrace Cluster event tracking

• Events like server starts/shutdowns, added/removed nodes, and Security Gateway registrations are tracked automatically
• Our Mission Control team can remotely analyze and address problems or incompatibilities with your Dynatrace Cluster, so you don't
need to track and react to system events.
• If you should ever need to contact Dynatrace Support, you won't need to collect the required log files for problem details

• System settings
• Our Mission Control team can remotely optimize your Dynatrace Managed settings to ensure optimum performance and stability.

• Software updates
• Dynatrace Managed software updates are mandatory and are typically published every four weeks. You can customize the timing of
Dynatrace Managed updates (daily or weekly).

Confidential 38
Quiz 1

• What is the default data retention period for service requests?

• Which port oneagent communicates to the managed cluster?

Confidential 39
Security

Confidential 40
Security

• Security is a priority for us

• Our security measures include best practices such as firewalls and regular security updates, but we don’t
rely on these measures alone

• We also perform regular security scans and vulnerability assessments using external parties to ensure that
we have all required protections in place

• Of course, this is not a guarantee that nothing can go wrong

• If a security issue is detected, we will work the issue with the highest priority to provide a fix as quickly as
possible and to limit the risk of data breach or data loss

Confidential 41
How is Dynatrace hosting secured?

• Because Dynatrace is hosted in the Amazon Web Services (AWS) cloud, it benefits from Amazon’s secure,
world-class data centers

• Dynatrace architecture is designed around the goals of redundancy, security, and “always on” availability

• If one Dynatrace Cluster node fails, other nodes immediately take over and Dynatrace launches new nodes
to replace the failed nodes

• Even when an entire data center fails (an “availability zone” in AWS terms), nodes in other data centers
immediately compensate for the failure and there is no disruption to your Dynatrace service

• Our security team relies on industry best practices such as encrypted transmissions, cross-site scripting
prevention, protection against code or SQL injection, hardening against DoS attacks, firewalls, regular
security updates, security scans, and vulnerability assessments to ensure the security of your data

Confidential 42
Is the Dynatrace Agent secure?

• Dynatrace OneAgent undergoes continuous and extensive penetration testing and expert security reviews

• When you download Dynatrace OneAgent, it’s pre-configured to connect directly to your Dynatrace
environment (or to your ActiveGate, if you have one installed)

• Following installation Dynatrace OneAgent starts up and gathers additional configuration from Dynatrace
Cluster

• Dynatrace OneAgent then sends the most important monitoring data to Dynatrace Cluster for analysis

• All communication between Dynatrace OneAgent and Dynatrace Cluster is handled over secure socket https
communication (port 443) with strong cryptography to guarantee your data privacy

• Dynatrace OneAgent only sends data outbound to Dynatrace Cluster—it doesn’t open a listening port

Confidential 43
Is customer performance data secured?

• All performance data that are collected by Dynatrace OneAgent on the customer side are securely
transmitted to our servers and processed behind firewalls

• Metric and transaction data are encrypted even while at rest, and each customer’s data are
programmatically partitioned from each other customer’s data

• Amazon Web Services’ (AWS) certified cloud infrastructure security measures provide a high degree of data
protection
• AWS guarantees physical access controls, hypervisor protection, and secure decommissioning of instance data
• Direct access to AWS instances by Dynatrace employees is carefully regulated based on multi-factor authentication

• Backups of metric data are generated at regular intervals

• All backups are encrypted

Confidential 44
SOC 2 Type II certified

• Dynatrace has received SOC 2 Type II certification for security and availability

• View our publically available SOC 3 Report to learn more about Dynatrace adherence to the Security and
Availability Service Organization Controls 3 (SOC 3) Criteria established by the American Institute of Certified
Public Accountants (AICPA)

Confidential 45
General Data Protection Regulation
(GDPR)

Confidential 46
GDPR compliant

• Companies use Dynatrace products to monitor the performance and quality of services such as web and
mobile applications

• Dynatrace doesn't, by default, track personal data, but such tracking is possible depending on individual
environment configurations and the applications that they are monitoring

• For these reasons, Dynatrace is and must be GDPR compliant

• For more information:

• https://www.dynatrace.com/support/help/data-privacy-and-security/data-privacy/dynatrace-compliance-general-
data-protection-regulation-eu-citizens/

Confidential 47
Optional Components

Confidential 48
 Optional
Components ActiveGate

ActiveGate

API Monitoring

PaaS Integration

Agentless RUM

Mobile Monitoring

Synthetic Monitoring

ActiveGate Extensions

Confidential 49
 Optional
Components API Monitoring

ActiveGate

API Monitoring

PaaS Integration

Agentless RUM

Mobile Monitoring

Synthetic Monitoring

ActiveGate Extensions

Confidential 50
 Optional
Components PaaS Integration

ActiveGate

API Monitoring

PaaS Integration

Agentless RUM

Mobile Monitoring

Synthetic Monitoring

ActiveGate Extensions

Confidential 51
 Optional
Components Agentless RUM

ActiveGate

API Monitoring

PaaS Integration

Agentless RUM

Mobile Monitoring

Synthetic Monitoring

ActiveGate Extensions

Confidential 52
 Optional
Components Mobile Monitoring

ActiveGate

API Monitoring

PaaS Integration

Agentless RUM

Mobile Monitoring

Synthetic Monitoring

ActiveGate Extensions

Confidential 53
 Optional
Components Synthetic Monitoring

ActiveGate

API Monitoring

PaaS Integration

Agentless RUM

Mobile Monitoring

Synthetic Monitoring

ActiveGate Extensions

Confidential 54
 Optional
Components ActiveGate Extensions

ActiveGate

API Monitoring

PaaS Integration

Agentless RUM

Mobile Monitoring

Synthetic Monitoring

ActiveGate Extensions

Confidential 55
ActiveGate

Confidential 56
What is an ActiveGate?

• Proxy between the OneAgent and Dynatrace

Cluster

Confidential 57
Hosts with Direct Access

Database

Dynatrace
Cluster

Confidential 58
Hosts without Direct Access

Database

Dynatrace
Cluster

Confidential 59
Hosts without Direct Access

Database

Dynatrace
Cluster

Confidential 60
Agent – ActiveGate load balancing and failover

• Agents are aware of all endpoints they can send data to

• No location awareness → must be controlled at the firewall level

• Round robin distribution

• Every 5 mins a check is done to see if agent needs to switch AG

• Every agent needs to determine if an AG is unavailable to itself

Confidential 61
What is an ActiveGate?

• Proxy between the OneAgent and Dynatrace

Cluster

• The only component that needs direct access

to the Cluster

Confidential 62
What is an ActiveGate?

• Proxy between the OneAgent and Dynatrace

Cluster

• The only component that needs direct access

to the Cluster

• No extra configuration: install where all agents

can access it and setup is handled
automatically!

Confidential 63
Do I need an ActiveGate?

Install an ActiveGate if you need to:

• Monitor virtualization

Confidential 64
Do I need an ActiveGate?

Install an ActiveGate if you need to:

• Monitor virtualization

• Limit the number of firewall changes

Confidential 65
Do I need an ActiveGate?

Install an ActiveGate if you need to:

• Monitor virtualization

• Limit the number of firewall changes

• Introduce load balancing for monitoring data

within a large deployment

Confidential 66
 Do I need an ActiveGate?

Install an ActiveGate if you need to:

• Monitor virtualization

• Limit the number of firewall changes

• Introduce load balancing for monitoring data

within a large deployment

• Lower network bandwidth through compression

and bundling of traffic
• ~30% reduction in network traffic

Confidential 67
 Do I need an ActiveGate?

Install an ActiveGate if you need to:

• Monitor virtualization

• Limit the number of firewall changes

• Introduce load balancing for monitoring data

within a large deployment

• Lower network bandwidth through compression

and bundling of traffic
• ~30% reduction in network traffic

• Deploy ActiveGate Extensions

Confidential 68
ActiveGate Extensions

• ActiveGate Extensions allow an Environment ActiveGate to reach out and remotely collect metrics from 3rd
party products
• Collect performance and availability metrics for each instance
• Shine a light on the performance of a “black box” device
• Seamlessly integrate custom devices into Dynatrace SmartScape

• Some are still in EAP/Beta

Confidential 69
Recap – Do I need an ActiveGate?

Capability Environment ActiveGate

AWS integration Yes
VMWare integration Yes
Azure integration Yes
OpenStack integration Yes
Internal Synthetic HTTP Monitors Yes
Memory dump storage Yes
Remote Monitoring Extensions Yes

Confidential 70
SaaS – Without Environment ActiveGate

Data Center 1 Dynatrace Cloud

443

Data Center 2

Confidential 71
SaaS – Environment ActiveGate

Data Center 1 Dynatrace Cloud

9999
443

• Download installer from environment, agents can only

connect to environment where downloaded from
Data Center 2 • Runs within your data center
9999
• For Agent traffic bundling
• For remote plugin execution
• Storing memory dumps
• Already connected Agents automatically reroute through AG
when found
Confidential 72
 Two Steps to Install the ActiveGate

1. Download the Installer - Windows or Linux OS

2. Run the installer on the host(s) where the ActiveGate(s) will run

Confidential 73
Utilizing a Proxy

• Agents can communicate to the AG through a proxy

• Pass during the installer as a command line argument

• AG can communicate to the Cluster through a proxy

• Edit the ‘custom.properties’ file

Confidential 74
Environment ActiveGate for multiple environments

• It is possible to set up a single Environment ActiveGate in support of multiple SaaS environments

• Configure the ‘multitenant.properties’ to include each environment
• Environments must be on the same SaaS cluster

Confidential 75
Questions?

Confidential 76
OneAgent
Browser

Mobile*

3rd parties

Application- & Webserver

Services

Containers, Processes,
Logs

OS, Disks

Cloud

Network
Confidential 78
One Agent to monitor them all

Confidential 79
One Agent to monitor them all

Confidential 80
One Agent to monitor them all

Confidential 81
Network Monitoring

Confidential 82
Why network monitoring?

• Part of the infrastructure, can be a root cause for an application problem

• Which processes consume most of my network resources?

• Network utilization breakdown

• Which processes experience network degradation problems?

• Network quality – retransmissions, RTT, throughput

• Can everyone talk and connect to their parties?

• Process network connectivity

• Environment agnostic – any TCP/Ethernet communication can be monitored:

• physical, virtual, cloud

Confidential 83
Network helps build the SmartScape

• Network monitoring ensures that infrastructure components are connected in the SmartScape

Confidential 84
OneAgent Install

Confidential 85
Agent “Types”

Full Stack
PaaS/Solaris Infrastructure
(including AIX beta)

Java, .NET, PHP, NodeJS

Limited host metrics

Host
Network
Processes
Plugins
Logs

Confidential 86
 Agent Capability Matrix

Capability Full Stack AIX (full stack) Solaris PaaS Infra-only

Host Metrics X X Limited Limited X
Log Monitoring X X
Plugins X X
JMX/PMI X X X X
Single Installation X X Per Process Per Process X
Code Level Insights X X X X
RUM X X X X
Auto Update X X X
Auto Agent Injection X X
See IBM Java,
Java & See documentation See documentation
Technology Support documentation WebSphere, and
Oracle/Apache HTTP for full list for full list
for full list IBM HTTP

Confidential 87
Deploy Dynatrace

• Use the “Deploy Dynatrace” page to download and install the agent

Confidential 88
Deploy Dynatrace

Confidential 89
Deploy Dynatrace

Confidential 90
Installer Options

• Consider defining a logical Host Group name for the current installer and any other related OneAgent
deployment hosts

• This feature is only available to be set during the install

• Host groups have a benefit of automatically separating processes and services by the group name
• Common example is “AppName_Environment”, such as “easyTravel_Prod”

• This topic will be covered in full later in the training

• For a full list of OneAgent installer options please see the documentation:
• Windows – https://www.dynatrace.com/support/help/shortlink/oneagent-windows-install#how-to-customize-
installation
• Linux - https://www.dynatrace.com/support/help/shortlink/oneagent-linux-install#how-to-customize-installation

Confidential 91
 Three Steps to Install the OneAgent

1. Select your Application Platform

2. Run the installer on a Host
3. Restart your Processes

Confidential 92
Restart Server Processes

Confidential 93
Limited Metrics until Restart

Confidential 94
Additional important details

• Agent can only connect to the environment from which it is downloaded

• Don’t touch Agent configuration – will be overwritten by Agent

• Encryption on Agent – https

• Instrumentation on Agent

• Compression on AG

• Needs root permissions

• Non-root agent in Beta

Confidential 95
Why are root rights required for Linux?

• During installation:
• Installing Dynatrace OneAgent components in system library directories
• Setting up /etc/ld.so.preload to automatically monitor processes
• Adapting SELinux policies to allow for the monitoring of processes

• During operation:
• Access the list of open sockets for each process
• Access the list of libraries loaded for each process
• Access the name and path of the executable file for each process
• Access command line parameters for each process
• Monitor network traffic
• Read application configuration files

Confidential 96
Why are Administrator rights required for Windows?

• During installation:
• Creating the Dynatrace OneAgent service
• Modifying certain registry keys
• Installing WinPcap
• Installing oneagentmon device

• During operation:
• List all processes
• Get memory statistics for all processes
• Read each process command line and environment
• View the descriptions of executable files
• Read application configuration for Apache and IIS
• View the list of libraries loaded for each process
• Read Windows registry keys
• Start monitoring network traffic

Confidential 97
Non-root Agent

• Currently in Beta

• Installer is started as a root user with NON_ROOT_MODE parameter set

• It creates a user called ‘dtuser’

• Agent is started as a root user, but then drops privileges by switching to ‘dtuser’

• Auto-update still requires root user

Confidential 98
Container Monitoring

Confidential 99
Monitoring Docker containers

• OneAgent offers same deep monitoring capabilities as for non-containerized apps

• If you’re using a container orchestration/management tool such as Kubernetes refer to the dedicated
training material

• Monitoring is as simple as deploying OneAgent on the hosts where your containers will reside

• Dynatrace hooks into your containers without requiring image modification or other changes

Confidential 10
0
Deploy OneAgent as a Docker container

• In addition to the script-based install, OneAgent can be deployed as a container

• Automates installation process to support environments with large numbers of hosts

• Supported for Linux hosts

• OneAgent container must be allowed to run in privileged mode

• Can be deployed via container orchestration tools

• OneAgent container must be started before the instrumented containers

• Limitations:
• No deep monitoring of native (i.e. non-containerized) processes
• No capturing of app crashes and core dumps

Confidential 10
1
Benefits of container monitoring

• Tracking microservices deployments (often delivered via containers)

• See your containerized services in the context of your wider application (via SmartScape)

• Quick access to container metrics

Confidential 10
2
Container monitoring

• Easily identify: • View container info per host which would normally require executing a
• Number of running containers ‘docker stats’ command
• Top 3 containers consuming the most memory • CPU

• Most frequently started containers • Memory

• Most frequently used images • Traffic

• Throttling

Confidential 10
3
OneAgent Updates

Confidential 10
4
OneAgent Updates

• We’ve built an auto-update mechanism into Dynatrace OneAgent so you don’t have to worry about
manually updating the agents that are running in your environment

• You will always remain on the latest, most secure and most advanced version of Dynatrace OneAgent
without having to worry about manually installing anything

• By default, automatic updates are turned on

• You can disable auto-update either for all of your Dynatrace OneAgent installations or for individual hosts
• Dynatrace OneAgent downloads all necessary binaries and libraries and installs them for you
• No manual configuration required

• Some components of Dynatrace OneAgent, keep running in the processes that Dynatrace monitors (for
example, Java, .NET, Apache, IIS, etc.)
• Those processes continue to be monitored with the previous version of Dynatrace OneAgent until they are restarted

Confidential 10
5
Standard Agent Version

• You can assign a specific agent version to use

for all new hosts

Confidential 10
6
OneAgent Beta Features

Confidential 10
7
OneAgent deep monitoring features

• Whenever we're ready to introduce a new OneAgent deep monitoring feature, we'll first release the feature in
a beta stage. Beta, in our case, means that a feature:
• Is fully tested and supported
• May not yet be a 100% feature-complete
• Is available via user opt-in

• Beta features can be enabled environment wide – or for specific process groups.

• To access available OneAgent beta features:

• Settings -> Server-side Services -> Deep Monitoring
• Expand OneAgent beta features

Confidential 10
8
Confidential 10
9
What happens once Dynatrace declares a feature GA?

• Once a beta feature goes GA in an existing environment, the feature isn't enabled by default.

• The status of the new features changes to Released, you must explicitly confirm newly GA'd features to make
them available across your environment by clicking the Confirm button.

• If confirmed, the feature is enabled on all OneAgents that fulfill the minimum GA version requirement.

• The feature is removed from the OneAgent beta features list and added to the troubleshooting section of deep
monitoring.

Confidential 11
0
Quiz 2

• When is necessary to install an activegate?

• What can be identify with Dynatrace container monitoring?

Confidential 11
1
Hands On:
OneAgent

Confidential 11
2
Hands On: OneAgent

• Goal: Install a OneAgent

• Steps
• Go to Deploy Dynatrace → Start installation
• Select your OS
• Run the command to download the installer
• Run the command to run the installer
• Verify in the “Deployment Status” that your agent connected

Confidential 11
3
Hands On: OneAgent

Confidential 11
4
Hands On: OneAgent

Confidential 11
5
Hands On: OneAgent

Confidential 11
6
Hands On: OneAgent

Confidential 11
7
Hands On: OneAgent

Confidential 11
8
Hands On: OneAgent

Confidential 11
9
Hands On: OneAgent

Confidential 12
0
Questions?

Confidential 12
1
dynatrace.com

Confidential 12
2