This topic provides use cases that you can follow to implement the APM Proxy within a network. BMC Application Diagnostics’ end-user experience data collection works with networking equipment as long as it does not manipulate the HTTP payload. Networking equipment, such as load balancers and routers, must intercept the network connection (OSI Layer 4) and forward it as-is to the intended destination with no impact to the HTTP payload (OSI Layer 7). As long as the load balancers are configured to allow the beacons through with no changes to the existing HTTP data, the APM Proxy can process the beacon.
Use Case 1: APM Proxy on network
BMC recommends this use case in non-production environments or for internal-user applications only.
In this use case, install the APM Proxy when installing the Diagnostics Server. The host name of the Diagnostics Server becomes the host name portion of the URL injected by the Diagnostics Agent. Before installing the APM Proxy, ensure that you have addressed the following requirements:
- Firewall: The end users of the monitored application must be able to communicate with the APM Proxy on the defined port (Ports 8300 and 8343 by default).
- The APM Proxy must have a fully qualified domain name.
- The APM Proxy must have a certificate installed for this host name, which will be trusted by end-user browsers.
- For internal applications, you can use a certificate signed by a local signing authority (with the root pre-installed on employee browsers).
- For external applications, you must provide a signed certificate.
Use case 2: APM Proxy deployed behind a load balancer
BMC recommends this use case when monitoring large-scale production web applications, and includes a router or other network equipment that terminates TCP connections.
BMC tested this use case with a load balancer, the most common type of network equipment that terminates a TCP connection. Any system or device that functions in a similar manner (such as a reverse-proxy) should also work, provided that it does not modify the HTTP payload.
When the APM Proxy is installed behind a load balancer, the following items need to be identified and configured. Details about configuring load balancers varies among vendors. To properly configure your load balancer, refer to your vendor's load balancer documentation.
Prerequisite
An OSI Layer-4 load balancer with a dedicated Virtual IP for the host name used for APM Proxy beacons, or a Layer-7 load balancer that can make routing decisions based on the Host header
Before installing the APM Proxy
- Define a host name that will resolve to the APM Proxy’s IP address, or to a Virtual IP on a load balancer.
- Create a certificate with the Common Name matching the defined host name.
- Update the value of the APM proxy callback address to the host name or IP address of the load balancing server.
- Configure the load balancer:
- Negotiate HTTPS using the certificate created in Step 2.
- Direct end-user HTTP/HTTPS requests to this host name to the host:port of the APM Proxy.
Additional considerations for Content Delivery Networks
Because the injection of code that calculates performance metrics must occur at the origin, performance monitoring is not available for web pages that are cached by a Content Delivery Network (CDN), such as Akamai. However, performance monitoring is available for pages whose page container is called from the origin (or proxied), but the static components of the page are cached, and will still work.
Related topics
APM Proxy server deployment requirements
BMC Application Diagnostics deployment use case
Installing BMC Application Diagnostics
Additional resources
Wikipedia: Open Systems Interconnection model (OSI) model
Overview
Content Tools
Apps
Reporter Replacement
com.bmc.atlassian.bmc-util-plugin-2.section.label
Tasks