Installing and Configuring Agents
Installation instructions for Foglight for Redis© are detailed in the following sections and should be performed in the following order:
Configuring Redis
Configuration of the Redis Enterprise environment consists of creating or identifying an existing user with the appropriate permissions for accessing the REST API.
Redis Agent User Permissions
Foglight requires a user with one of the following Cluster Management Access roles:
- DB Member
- Cluster Viewer
- Cluster Member
- Admin
It is recommended to use one of the relatively less powerful roles DB Member or Cluster Viewer, if possible. For a full description of each role see the Redis Enterprise permissions documentation.
No Data Access Controls (Redis ACLs) are required.
To create a user with REST API permissions, open the Redis management UI in a browser and click on the Access Control section. On the Users tab, click + icon below the users table. For the new user, enter a name, email ID, and password. For role, select one of the four roles mentioned above and save the user.
Enable Certificate Authentication
To communicate securely with the Redis Enterprise REST API endpoint, the Foglight Agent Manage requires a copy of the root certificate in its truststore. When Redis Enterprise is installed, it is configured with a self-signed certificate. This certificate can be found on any database node at the following path:
/etc/opt/redislabs/api_cert.pem
Copy the certificate, either the default or the installed production certificate, and import it into a truststore for use with the FglAM. If the FglAM is already configured to use a truststore, import the certificate into the existing truststore. To generate a JKS truststore for use with Foglight, use the keytool command. Specify the store and certificate filenames, alias name, and password as required.
keytool -importcert \\
-keystore truststore.jks \\
-alias redis_<cluster-name>\_api_cert \\
-file api_cert.pem \\
-keypass <password> \\
-storepass <password> \\
-storetype JKS \\
-noprompt
Edit the baseline.jvmargs.config file in the <FglAM-install-root>/state/default/config directory by adding the following parameters. Set the file paths and passwords appropriate for your system.
vmparameter.0 = "-Djavax.net.ssl.trustStore=/path/to/truststore.jks";
vmparameter.1 = "-Djavax.net.ssl.trustStorePassword=changeit";
vmparameter.2 = "-Djavax.net.ssl.trustStoreType=JKS";
Escape any quotes with a backslash ('\'). On an Agent Manager installed on Windows, use forward slashes in the file paths:
vmparameter.0 = "-Djavax.net.ssl.trustStore=\\"C:/path/to/truststore\\"";
Restart the Foglight Agent Manager to load the modified JVM parameters. Run the Foglight for Redis agent without selecting the Disable certificate authentication? checkbox.
Creating and Configuring Agents
Using the Agent Status Dashboard
The Agent Status page can be used to create new agents and configure and manage existing agents. To access the page from the navigation pane, click Administration > Agents > Agent Status.
To create a new agent instance:
Deploy the Redis agent package to the FglAM before creating the agent if it has not been deployed yet. Click Deploy Agent Package on the Agent Status or Agent Managers page to perform this.
- Navigate to Administration > Agents > Agent Status.
- Click Create Agent.
- Select the hosts to which you want to deploy agent packages. Considerations for this may include physical or virtual locality to the monitored instance, allocated resources, or grouping with other agents of the same type or monitored environment.
- Click Next.
- Select the RedisAgent type. Then, select the Specify Name radio button and enter agent instance name. Click Next.
- Click Finish.
- Once the agent has been created, click the checkbox for the required Redis agent.
- Click Edit Properties.
- Select Modify the default properties for this agent.
- Edit the agent properties for the Redis agent instance. Refer to Agent Properties.
- Click Activate.
To modify the properties of an existing agent, go to step 3, deactivate the agent, update the configuration, and then reactivate the agent.
Configuring Agent Properties
When an agent connects to the Foglight Management Server, it receives a set of properties used to configure its running state.
The Foglight Cartridge for Snowflake includes default agent properties. Agent properties can be specific to a single agent instance or apply to multiple agents. To configure the agent properties, navigate to Administration > Agent > Agent Status. On the Agent Status page, select the checkbox for the required agent, and click Edit Properties. Click Modify the private properties for this agent to edit the properties of the selected agent or click Modify the properties for all RedisAgent agents to edit the properties of all Redis agents.
This section includes the following key areas:
Environment
An environment is a container internal to Foglight used to encapsulate and differentiate different logical groupings of Redis components. This facilitates, for example, differentiation in Foglight of Redis databases with the same name in production and development environments.
- Environment Name – The Environment property is an arbitrary label. It is crucial that a unique value be set for each agent to prevent the agents' data from being merged into a single environment. If a monitoring agent is deleted and replaced with another agent, the same value should be used for the environment so that data collected from the new agent is merged into the existing data. Alternatively, use a different label to prevent merging with existing data.
REST Connection
Monitoring data for Redis Enterprise clusters is gathered by the REST API.
- REST Address – The REST API endpoint. This address includes a port number, for example, https://some.address.com:9443. The REST API endpoint is normally the FQDN of a cluster followed by the port 9443. The address used must match the name SSL certificate. Refer to Enable Certificate Authentication. Use the public endpoint of one of the cluster databases and replace the port number with 9443. If the endpoint is not a published domain name record, add an appropriate entry to the hosts file of Foglight Agent Manager to enable proper lookup.
- REST API Key – The username of the REST user. Refer to Redis Agent User Permissions.
- REST API Secret – The password of the REST user.
- Disable SSL certificate authentication? – When you disable this option, the agent does not verify whether SSL chains terminate in a trusted authority. Select this checkbox if the Redis Enterprise nodes use self-signed certificates that have not been imported into the FglAM truststore. Only disable SSL certificate authentication for testing or trial environments, as this is not recommended for production use.
Collection Periods
Collection Periods – Intervals in seconds between agent data collections. Different collection types can be scheduled at different intervals. Defaults are set based on the type of data being collected. A given collection can be disabled by setting its interval to zero. The following are the configurable collection periods: “Alerts”, “Log”, “Cluster”, “Cluster Stats”, “Node”, “Node Stats”, “DB”, and “DB Stats”.
Options
Host Aliases – A list that maps a host name or IP address to an alias. In the Connection Address field, enter the address by which the host should be identified within Foglight. In the Alternate Address field, enter any other address under which the host might be encountered in the monitoring environment. Use an alias to standardize internal representations, such as in a cloud environment, to their external addresses. This approach ensures uniform submission of host data across the monitoring environment, enabling Redis agent cartridge dashboards to link directly to the Foglight Hosts dashboard.
Foglight for Redis Roles
The following descriptions are for roles installed with the Foglight for Redis cartridge. They can be assigned to any Foglight user.
- Redis User
- Redis Administrator
