Configuring on-premises systems for monitoring with PDC
Pega Predictive Diagnostic Cloud™ (PDC) monitors and assesses your Pega Platform™ performance based on the data that it receives from Pega Platform. When you run Pega Platform on a private cloud or on the premises, you need to configure your systems to send data to PDC.
Configure on-premises systems to send data to PDC by performing the following tasks:
- Enabling PDC to receive monitoring data
- Setting a unique name for your system
- Setting a unique ID for every node
- Installing the SSL certificate
- Enabling PDC integration on a monitored system
Enabling PDC to receive monitoring data
PDC requires one-way communication from production servers to the PDC systems. Because most corporate data centers block all outbound network traffic, ensure that PDC can receive data. The exact way to configure data access for PDC depends on the configuration of your corporate network. The following use cases are the most common:
Connecting to PDC from a network that uses a firewall
A firewall contains an allow-list with IP addresses or DNSs that are not blocked by the firewall. To ensure that PDC receives monitoring data, add the PDC URL to the allow list of your firewall. If your firewall does not support a DNS name, use a static IP address. To obtain a static IP, contact Pega Support.
Connecting to PDC from a network that uses a proxy server
A proxy server is an intermediary between the source and the target of network traffic. The server masks the IP address of the source, which prevents PDC from monitoring your network. To ensure that PDC receives monitoring data, add PDC to a trusted sites list in your proxy server:
- Add the PDC service URL base to the list of trusted sites in your proxy server.
- Configure the monitored system so that it uses the proxy servers by using the Java
-Dhttps.proxyHost -Dhttps.proxyPort
settings. - Configure the PDC servers so that they do not use the proxy servers for internal services by using the Java
http.nonProxyHosts
setting.
For more information about configuring proxy settings, see Configure proxy settings and Internal integrations fail on configuring proxy settings in JVM.
Connecting to PDC from a network that uses an enterprise service bus (ESB)
An ESB is a communication system between applications. The system allows for dynamic connection and disconnection of services, as well as allowing or disallowing for unwanted outbound and inbound traffic. To ensure that PDC receives monitoring data, add PDC to your ESB:
- Register PDC as a service in your corporate ESB.
- Configure rules to build the destination URL in the PDC service.
- Reference the ESB URL in Pega Platform.
For detailed instructions, contact Pega Support.
Setting a unique name for your system
To ensure that PDC identifies your systems, configure a unique name for each system in Pega Platform. For example, to view information for a specific system, you select a system name from a list in the header of PDC.
- In the header of Dev Studio, click Configure > System > Settings > System Name.
- In the System Name tab, in the field, enter a unique and meaningful system label, for example, MyAppProductionServer, and then click Submit.
- Apply the changes in your environment by restarting all nodes in the system.
Setting a unique ID for every node
For PDC to work correctly, all nodes monitored in a single PDC tenant must have unique node IDs. Certain messages sent to PDC include the node ID but do not include the system name, and this can result in duplicate node IDs. Duplicate node IDs cause issues and errors in the PDC service. The PDC service is configured to block commonly duplicated node IDs, such as stream0 and stream1.
By default, Pega Platform automatically generates a unique ID for every node, using a hash of the following properties:
- name of your system
- name of the host
- the pega temp path
Because each node that shares a host has a unique pega temp path, this approach ensures that each node also has a unique ID. If you follow the Pega Platform deployment guide and use default node IDs, all your node IDs are unique by default.
If you manually specify your node IDs or use a scripting engine that assigns node IDs (such as Kubernetes Helm charts), make sure that you use a unique ID for every node. Consider the following best practices:
- If you manage node IDs using startup scripts, ensure that you do not reuse node IDs across systems.
- If you deploy Pega Platform using Kubernetes containers, specify the Deployment Name option in your configuration yaml file. For more information, see https://github.com/pegasystems/pega-helm-charts/blob/master/charts/pega/README.md.
- If you use custom scripts and set nodeID as JVM arguments, set a unique value of -Didentification.nodeid for each node. We suggest that you incorporate a unique cloud container ID or use the system name and the node type in the node ID. For example, in a Pega Cloud® Services installation, the AWS EC2 instance ID is commonly used to ensure unique node IDs, which is configured in the following way: -Didentification.nodeid=WEB-i-0fff447a098521ca6.
- To ensure that your node ID is unique across systems, you can either use a unique cloud container ID or use the system name and the node type in the node ID. For example, myAppProd-web-node1 or myAppProd-batch-node1.
Installing the SSL certificate
If your network configuration does not support downloading SSL certificates on the fly, manually install the certificates.
- Open the PDC login page, for example https://[PDC Hostname]/prweb/PRSOAPServlet/[tenant]*/SOAP/PegaAES/Events.
In the URL, replace:- [PDC Hostname] with the host name of the PDC instance to which you want to connect.
- [tenant] with your unique tenant hash.
- Download the SSL certificate for that page.
For more information, see the documentation of your web browser.
For example: For Google Chrome:- On the left side of the address bar, click the View site information icon, and then click Certificate.
- On the Details tab, click Copy to File.
- Submit the file with the SSL certificate to the security team in your company.
Enabling PDC integration on a monitored system
To ensure that your Pega system sends the data that PDC needs to create usage and performance statistics, update the system configuration with a URL that references your PDC server.
- Log in to PDC.
- In the Step 2, copy the endpoint SOAP URL of your PDC server by clicking the CLICK HERE link. section, in
- Log in to Dev Studio.
- In the header of Dev Studio, click Configure > System > Settings > Predictive Diagnostic Cloud.
- In the Configuration tab, in the field, paste the SOAP URL of your PDC server.
- Click Update Configuration.
After approximately five minutes, PDC displays data from the new system.