Configuring Monitoring

The AMPS monitoring interface is defined in the configuration file used on AMPS start up. The Admin tag is used to control the behavior of the administration server and statistics collection for the instance.

Described below are the configuration items available for Admin. Expand each item for more details.

InetAddr

Defines a port for the embedded HTTP admin server, which can then be accessed via a browser. This element can also specify an IP address, in which case the HTTP server listens only on that address. If no IP address is specified, the HTTP server listens on all available addresses.

Starting with version 5.3.3, both IPv4 and IPv6 address formats are fully supported for specifying the network address of the embedded HTTP server. If no address is specified AMPS will listen for incoming connections on both IPv4 and IPv6 protocols.

If you wish to limit AMPS to listen for addresses of only a specific IP protocol you may specify the ANY address for that protocol.

For example:

0.0.0.0:8445 will cause AMPS to listen on port 8445 for only IPv4 addresses.

[::]:8445 will cause AMPS to listen on port 8445 for only IPv6 addresses.

There is no default for this parameter. If this parameter is not provided, AMPS does not provide an HTTP admin server, but will continue to collect statistics.

FileName

Location for storing the statistics information reported by the Admin Server.

When a filename is provided, 60East recommends configuring an Action to periodically truncate the statistics in the file. See Truncate Statistics for details.

Default: :memory:

When the FileName is set to the default, the statistics database is maintained in memory.

Interval

The refresh interval for the Admin Server to update gathered statistics.

Default: 10s

Minimum: 1s

WWWAuthenticate

The HTTP authentication type used for the Admin Server when Authentication is configured. This specifies how the Admin Server will retrieve credentials from HTTP requests.

This option accepts one of:

Basic realm="<SECURITY_DOMAIN>": Basic authentication
NTLM: Microsoft security protocol
Negotiate: Negotiated authentication

Default: Negotiate

Authentication

The authentication to use for the Administrative interface.

This is an Authentication element, as described in the Configuring Authentication section.

Entitlement

The entitlement to use for the Administrative interface.

This is an Entitlement element, as described in the Configuring Entitlement section of this guide.

AnonymousPaths

The regular expression that defines paths in the Admin Server that can be accessed anonymously without going through authentication and entitlement.

Default: There is no default for this option.

ExternalInetAddr

This parameter allows the instance to explicitly report a value that should be used for connections to the admin interface.

When an upstream instance replicates to this instance, this is the address that will be recorded as the admin address in the statistics database for the upstream instance. This is the address that will be used by Galvanometer to collect replication information for this instance when Galvanometer displays a replication view.

Notice that this parameter does not affect the addresses that are used by the admin server. Instead, it provides information on the address to use to reach this server in cases where this should be a different address than that used for replication between instances.

This parameter is useful for allowing Galvanometer to build a replication view in cases where the admin interface must be reached through a specific address; for example, when the instance must be accessed through a proxy.

Default: There is no default for this option.

AccessControlAllowOrigin

This option is included to allow the replication mesh functionality of Galvanometer to function in cases where organizational policies require an explicit domain list in the Access-Control-Allow-Origin header of HTTP responses, particularly in cases where requests to the admin console might be received from multiple subdomains (such as nyc.us.my.com, lon.uk.my.com, tok.jp.my.com, etc.).

If this option is used, the value should be set to a regular expression that matches the set of domains from which requests might be expected.

When this option is set, and the Origin header in the incoming HTTP request matches the value provided, the admin web server will return the value of the Origin header in the request as the value of the Access-Control-Allow-Origin header of the response. Otherwise, the AMPS server will respond with the detected host address of the AMPS server.

If this option is set, to comply with the CORS standard, the configuration should also generally include a header that indicates the origin response can vary on each request, as follows: <Header>Vary: Origin</Header>

When this option is not set, the Admin server will default to providing * for the header value.

SessionOptions

This option allows you to set options for the cookie provided to authenticated admin conditions.

The value of the option is appended to the admin cookie. This option should be a valid set of options for an HTTP cookie.

By default, the value of this option is max-age=86400; path=/; HttpOnly.

By default, AMPS will store the monitoring interface database information in system memory. If the AMPS instance is going to be up for a long time, or the monitoring interface statistics interval will be updated frequently, or if this is a production system where it is important to be able to troubleshoot problems, it is strongly recommended that the FileName setting be specified to allow persistence of the data to a local file.

AMPS supports the ability to connect to the Admin interface over HTTPS. To enable HTTPS, provide a Certificate and a PrivateKey in the Admin configuration block.

Described below are the configuration items used to enable HTTPS. Expand each item for more details.

Certificate

The certificate file to use for the Admin Server.

Default: There is no default for this option.

PrivateKey

The private key to use for the Admin Server.

Default: There is no default for this option.

Ciphers

The cipher list to use for the Admin Server.

The cipher list is passed to the OpenSSL implementation without being interpreted by the AMPS server.

For OpenSSL, details on the format of the cipher list are available at: https://www.openssl.org/docs/man1.1.1/man1/ciphers.html

Default: There is no default for this option.

Below is an example of how to configure the monitoring interface. This will start an http server in the AMPS process.

<Admin>
    <FileName>stats.db</FileName>
    <InetAddr>localhost:8085</InetAddr>
    <Interval>10s</Interval>
</Admin>

In this example localhost is the hostname and 8085 is the port assigned to the monitoring interface. With this configuration:

http://localhost:8085/

Root URI for Galvanometer.

http://localhost:8085/amps

Root URI for simple monitoring interface.

The Interval tag is used to set the update interval for the AMPS monitoring interface. In this example, statistics will be updated every 10 seconds.

The basic monitoring interface is accessible through a web browser, but also follows a Representational State Transfer (RESTful) URI style for programmatic traversal of the directory structure of the monitoring interface.

Below is an example of how to configure monitoring to allow the Galvanometer to collect replication information when a specific address needs to be used by the admin interface.

<Admin>
    <InetAddr>9090</InetAddr>
    <FileName>stats.db</FileName>
    <Interval>20s</Interval>
    <ExternalInetAddr>proxy.example.com:8185</ExternalInetAddr>
</Admin>

PreviousGalvanometer NextConfiguring AMPS for Automation with Actions

Last updated 1 month ago