US
Setting Up Monitoring for Hybrid Deployments
Install the Anypoint Monitoring agent on an on-premises server to monitor applications that are running on that server and managed in the cloud.
The Anypoint Monitoring agent sends monitoring data to the Anypoint Monitoring cloud endpoint. Anypoint Monitoring data is transferred using an open-source protocol for transferring log data over a highly efficient bidirectional binary channel. Data is securely transmitted using mutual TLS encryption.
To use Anypoint Monitoring across a server group or cluster, you must install Anypoint Monitoring on each individual server.
Before You Begin
Before installing the Anypoint Monitoring agent, set up and run a Mule runtime engine instance on your server. For guidance, see Run Mule Runtime Engine On-Premises.
If you have an outbound firewall, open port 443.
Outbound connections are made to the following endpoints:
-
US Control Plane
-
data-authenticator.anypoint.mulesoft.com:443
-
dias-ingestor-router.us-east-1.prod.cloudhub.io:443
-
s3.amazonaws.com:443
-
-
US-GOV Control Plane
-
data-authenticator.gov.anypoint.mulesoft.com:443
-
dias-ingestor-router.us-gov-west-1.gprod.msap.io:443
-
-
EU Control Plane
-
data-authenticator.eu1.anypoint.mulesoft.com:443
-
dias-ingestor-router.eu-central-1.prod-eu.msap.io:443
-
s3.eu-central-1.amazonaws.com:443
-
Ports
Region | Name | Port |
---|---|---|
anypoint.mulesoft.com |
443 |
|
US |
mule-manager.anypoint.mulesoft.com |
443 |
US |
runtime-manager.anypoint.mulesoft.com |
443 |
US |
analytics-ingest.anypoint.mulesoft.com |
443 |
US |
arm-auth-proxy.prod.cloudhub.io |
443 |
US |
data-authenticator.anypoint.mulesoft.com |
443 |
US |
exchange-files.anypoint.mulesoft.com |
443 |
US |
exchange2-asset-manager-kprod.s3.amazonaws.com |
443 |
US-GOV |
runtime-manager.gov.anypoint.mulesoft.com |
443 |
US-GOV |
gov.anypoint.mulesoft.com |
443 |
US-GOV |
exchange-files.gov.anypoint.mulesoft.com |
443 |
US-GOV |
exchange2-asset-manager-kgprod.s3.us-gov-west-1.amazonaws.com |
443 |
EU |
eu1.anypoint.mulesoft.com |
443 |
EU |
mule-manager.eu1.anypoint.mulesoft.com |
443 |
EU |
runtime-manager.eu1.anypoint.mulesoft.com |
443 |
EU |
analytics-ingest.eu1.anypoint.mulesoft.com |
443 |
EU |
arm-auth-proxy.prod-eu.msap.io |
443 |
EU |
data-authenticator.eu1.anypoint.mulesoft.com |
443 |
EU |
exchange2-asset-manager-kprod-eu.s3.eu-central-1.amazonaws.com |
443 |
Supported Operating Systems
Ensure that Anypoint Monitoring is installed on a server running one of the following operating systems:
-
CentOS 7
-
RedHat Enterprise Linux 7
-
Ubuntu 16.04 and 18.04
-
Windows Server 2016, Windows Server 2019
To install the agent, you must have root or administrative privileges.
Supported Versions of Mule Runtime Engine
Run your Mule app on a supported Mule runtime version. For supported versions, see Mule Runtime Release Notes.
Supported Versions of Mule Runtime Manager Agent
Ensure that one of the following Mule Runtime Manager agent versions is installed in the Mule runtime engine running on the server:
-
2.6.x
-
2.5.x
-
2.4.x
-
2.3.0
-
2.2.x
-
2.1.9
-
2.1.7
-
2.1.6
-
1.14.x
-
1.13.0
-
1.12.x
-
1.11.x
-
1.10.0
Mule deployments must be visible and managed in the Runtime Manager user interface. To ensure they appear, use the Runtime Manager user interface or the ARM REST API for new deployments.
Hardware Prerequisites
Ensure that the server has the minimum hardware requirements for Anypoint Monitoring, which are:
-
2GHz CPU or 1 virtual CPU
-
1GB RAM
-
4GB disk space
-
Intel x86 or x64 compatible CPU architecture
Install the Anypoint Monitoring Agent
-
Meet the prerequisites in Before You Begin:
Mule runtime engine must be installed and running.
-
Follow the steps in Managing CloudHub and Hybrid Settings to download the agent’s
am.zip
file and install the agent from Settings, in Anypoint Monitoring.-
When you extract the
am.zip
file, a folder calledam
is created in the location where you extracted the ZIP. -
The installation script asks if you want Anypoint Monitoring installed as a service.
-
If you don’t want to have it preset as a service by the installer, select No.
-
You can call the installation script with the
-x
argument to skip this prompt. If you skip the prompt, Anypoint Monitoring is not installed as a service.
-
-
You cannot install the Anypoint Monitoring agent on a server that has an existing filebeat instance running.
-
When you install the Anypoint Monitoring agent on a hybrid server in a server group, use Runtime Manager to restart the server to enable Anypoint Monitoring to begin collecting metrics.
-
SOCKS5 Proxy Setting
If you proxy your monitoring data as it leaves the data center, the proxy must support the SOCKS5 protocol, and you must configure the Anypoint Monitoring agent to communicate through the proxy.
To configure the agent for the SOCKS5 proxy:
-
Set up Runtime Manager with a proxy. See Create a Server in Runtime Manager.
-
Install the Anypoint Monitoring agent and use the
-p
option. For example, on a Windows server, at the command line, enter:<location-of-am-folder\bin>powershell -file install.ps1 -p socks5://user:password@socks5-server:1080
For a Linux server, enter:
$ ./install -p socks5://user:password@socks5-server:1080
If the user or password of the SOCKS5 proxy configuration contains URI reserved characters, it must be percent-encoded following the encoding rules of RFC 3986.
Verify the Anypoint Monitoring Agent is Running
-
Wait 10 minutes for the configuration to propagate.
-
Log in to Anypoint Platform with a user account that has permission to access Anypoint Monitoring content.
-
In the navigation bar or the main Anypoint Platform screen, click Monitoring.
-
On the Built-in Dashboards page, select an app that is deployed on the server where you installed the Anypoint Monitoring agent.
-
Check whether the CPU Utilization and Memory Utilization charts are displaying data.
If you see data in the charts, the Anypoint Monitoring agent is installed and running.
If you do not see data in the charts, verify that Anypoint Monitoring is able to connect to the endpoint.If necessary, you can add the endpoint to an allowlist for outbound firewall rules so your server allows connections. The endpoints to add to the allowlist are listed in Before You Begin. -
Log into the server on which the Anypoint Monitoring agent is running.
-
Open the log file for the data-transfer agent. The log file is in this path:
./am/filebeat/logs
If you are using Linux and the Anypoint Monitoring agent is running as a service, the log file is in the /var/log/filebeat
directory. -
Look for entries that mention connection failures or connection retries.
Update the Anypoint Monitoring Agent
When you upgrade the Runtime Manager agent, you must reinstall the Anypoint Monitoring agent.
If you need to update the Anypoint Monitoring agent at some point in the future, follow these steps:
-
Stop Mule.
-
In the
am
folder, run the following command:
./bin/uninstall
-
Delete the
am
folder. -
Follow the instructions for installing the Anypoint Monitoring agent on-premises.
-
Restart Mule.
If you add or remove a Mule runtime from the cluster or a server group, you must reinstall the Anypoint Monitoring agent. |
Performance Impact
Enabling monitoring can impact CPU utilization and memory utilization depending on your specific application configuration. Before enabling monitoring in your production environment, test any performance impact in your pre-production environment to ensure optimal performance and sizing.
Troubleshooting
-
If you find connection failure or retry entries, ensure that port 443 in your outbound firewall is open.
-
If you do not find connection failure or retry entries, contact MuleSoft technical support.
Disable Log Forwarding for Hybrid Runtime Servers
Feature available in Advanced usage and Titanium subscription tiers |
You can disable log forwarding to Anypoint Monitoring if you have AM installer v.2.5.10 or later. To disable this feature, you must configure a JVM property on each hybrid server for which you want to disable log forwarding. You cannot disable log forwarding per application.
To disable log forwarding:
-
Upgrade the Anypoint Monitoring agent to a version that supports disabling log forwarding (am-2.5.10.0.zip or later).
-
Stop Mule.
-
Add the following line in the
MULE_HOME/conf/wrapper.conf
file (where<N>
is the next available property index):
wrapper.java.additional.<N>=-Danypoint.platform.monitoring.logs_forwarding.enabled=false
-
Restart Mule.