Skip to content

APM / Distributed Tracing#

Overview#

Distributed Tracing provides insight into the performance and health of a deployed application. By tracking each function or microservice which handles a given request, it helps you understand what is happening in your application, whether it is monolithic or distributed application with hundreds of microservices. Teams know which application or service is impacted, and debug visually to discover the root cause.

Unryo does Application Performance Monitoring (APM) using a tracing/span frontend viewer and agents that forward traces. For the agent you can chose jaeger-agent or the APM-agent to deliver the span/trace to unryo-apm. In the documentation, we will use jaeger-agent as an example.

Jaeger-agent#

You have 2 ways to install the jaeger-agent. The release provided by jaeger or the docker provided by jaeger also.

With Docker#

If you have an application running with docker-compose you can add the jaeger-agent like so.

// docker-compose.yml
services:
  jaeger:
    image: jaegertracing/jaeger-agent:latest
    ports:
    - "6831:6831/udp"
    command: ["--reporter.grpc.host-port=your.unryo.client.io:14250", "--agent.tags","authorization=Bearer UNRYO_APM_SECRET_TOKEN", "--reporter.grpc.tls.enabled=true", "--reporter.grpc.tls.key=/tmp/certs/client.key", "--reporter.grpc.tls.cert=/tmp/certs/client.pem","--reporter.grpc.tls.skip-host-verify=true"]

or

$  docker run jaegertracing/jaeger-agent:latest --reporter.grpc.host-port=your.unryo.client.io:14250 \
                                                --reporter.grpc.tls.enabled=true \
                                                --reporter.grpc.tls.key=/tmp/certs/client.key \
                                                --reporter.grpc.tls.cert=/tmp/certs/client.pem \
                                                --reporter.grpc.tls.skip-host-verify=true \
                                                --agent.tags "authorization=Bearer UNRYO_APM_SECRET_TOKEN"

Without Docker#

On your server, where your application is running.

$ wget https://github.com/jaegertracing/jaeger/releases/download/v1.20.0/jaeger-1.20.0-linux-amd64.tar.gz
$ tar xxvf jaeger-1.20.0-linux-amd64.tar.gz
$ sudo mv jaeger-1.20.0-linux-amd64/jaeger-agent /usr/local/bin/
$ jaeger-agent version
{"gitCommit":"480ba74362c3a081371c247732eb6d9be187364d","GitVersion":"v1.20.0","BuildDate":"2020-09-29T19:11:15Z"}

At this point, you will need to configure your jaeger-agent

$ jaeger-agent --reporter.grpc.host-port=your.unryo.client.io:14250 \
               --reporter.grpc.tls.enabled=true \
               --reporter.grpc.tls.key=/tmp/certs/client.key \
               --reporter.grpc.tls.cert=/tmp/certs/client.pem \
               --reporter.grpc.tls.skip-host-verify=true \
               --agent.tags "authorization=Bearer UNRYO_APM_SECRET_TOKEN"

Flags#

You can find all the tags here.

For Unryo you will need to configure the following flag.

--reporter.grpc.host-port=your.unryo.client.io:14250

your.unryo.client.io:14250 is the unryo website where your APM-service is running. You need to open the port 14250

--reporter.grpc.tls.enabled=true

To have a secure connection between your jaeger-agent and your apm-service

--reporter.grpc.tls.key=/path/to/your/client.key

Path to a TLS Private Key file, used to identify this process to the remote server(s)

--reporter.grpc.tls.cert=/tmp/certs/client.pem

Path to a TLS Certificate file, used to identify this process to the remote server(s)

--reporter.grpc.tls.skip-host-verify=true

(insecure) Skip server's certificate chain and host name verification

--reporter.grpc.tls.ca

Path to a TLS CA (Certification Authority) file used to verify the remote server(s) (by default will use the system truststore)

--reporter.grpc.tls.server-name (optional)

Override the TLS server name we expect in the certificate of the remove server(s)

--agent.tags

The authentification between APM and the jaeger-agent. The UNRYO_APM_SECRET_TOKEN is set with the APM application.