For those wanting to read the prior parts!
Also, a happy Mother's day to all!
This is the third of four tech tips on TIM monitoring tools. The topic will be a high-level look at apm-scripts. I want to thank Joerg Mertin for creating this tool and his insights used in the article.
Why is this needed?
The network has become a victim of its own success. It is relied on heavily to carry an ever increasing load of data of multiple and state-of-the-art protocols. Because of this, there may be issues with how clean network data is. (Such as dropped packets, out of order packets, TCP empty packets and traffic that is not compliant with TCP, SSL, or HTTP.) So having a tool to access TIM health and how it is handling network data and load is increasing crucial. This does not replace having knowledge of the operating system, SSL, TCP, and network/application performance behavior.
Originally this was a series of unrelated scripts created sometime around 2010 to gather network information (netstat.tar.gz) This evolved into multiple scripts that became complex to use. Instead, a GUI interface was created.Note this works for non-MTP and MTP TIMs. For the sake of simplicity, TIM here will refer to both types.
The most current version is 1.20-86 which collects pcaps. To help gather the most information about TCP and SSL, a copy of tshark and pstack is required to be installed on the TIM.
Installation of apm-scripts is done by untarring the included files and running a shell script. (apm-interact.sh). The software installs the various modules and files to perform the options below
The GUI and various collection options.
Once in the GUI, you may capture information using one or more options. These include: (Note that this goes far beyond just TIM to the EM, PHP agent, and APM database.)
1) CIPHER - If possible, gathers the SSL ciphersuites used by the web servers monitored by the TIM. It then checks if they are supported by the TIM or not.
2) EM -- Collects information from an EM including tess-default/customer.properties settings, versions, directories, errors, and warings, and more.
3) EXIT . Using EXIT,exit,quit, or q to leave the GUI.
4) PHP -- Gathers information on the APM PHP agent.
5) PCAP -- If the required libraries are in place, gathers a pcap (packet capture) file. I believe that this is done automatically in the new release.
6) PSQL -- Pulls key information from the APM database once it can log in such database processes information, database version, active queries, database file size, and much more.
7) SYS -- Retrieves summary data about the TIM's operating system. This may help quickly pinpoint system problems. Information gathered is OS version, Memory usage, network cards, drivers used, TIM thread analysis via pstack, TIM settings from TIM configuration files, network protocol statistics, SSL versions, network packet lengths, and much more.
8) TIM -- Collects TIM information such as operating system release, memory usage, system uptime, TIM version, network data statistics (such as OOO packets, SSL decodes), routing tables, iptables information, host tables, ethtool output ifcfg configuration file settings, and more.
9)TIMPERF -- Pulls in protocolstats, some system, and card information.
10) HWCOLL-- This last option gathers the TIM hardware and operating setting overlap
APM Performance Database
Once this information is attached to the case, it is uploaded to the APM Performance Database which produces graphical output that can be used to show how the TIM is doing over time. This visualization can help quickly nail unexpected behavior. This includes looking at CPU Load versus various operations (Connecting to TCP, SSL Sessions, captured packets), Memory use, Analyzed Packets,Login Sessions, Transactions, Packets forwarded, space on RAM Disk, and much more.
This only gives a small flavor what this powerful tool can do.
Next month we wrap up with some of the minor but still important TIM tools.