Follow

Version 3.1.0 - November 10, 2014

The final Meter 3.1.0 build is 3.1.1-499, available as of Nov 10th, 2014.

Features

Boundary Premium Agent Relay Integration

Boundary Meter 3.1.0 integrates the functionality of both the Boundary Agent and Relay programs. New features that are implemented in the meter as a result of this integration are:

  • Send metrics to both Boundary Premium and Boundary Enterprise with a single meter
  • Boundary Premium Plugin support (no need to install a Relay)
  • Support for relaying SDK performance metrics to Boundary Premium

All of these features are equally supported across the same operating systems that the Boundary Meter supports. You can provision the meter to send to Boundary Premium or Enterprise independently, or add either service after installation.

 

The meter does not connect to the premium backend as a traditional 'agent', only as a relay. So, it will currently only show up in the UI as a relay. There are some backend/UI changes required to remove this distinction so the concept of a 'relay' and an 'agent' will eventually be removed from the rest of the Boundary Premium product.

To provision a meter for Boundary Premium, any of the following methods works:

  • With an existing meter installation, simply add your premium API "token" and set the "enable" attribute to true in the meter.conf configuration file. See below for more details on elements of the configuration file.
  • Using the setup_meter.sh script or the INSTALLTOKEN environment variable, append your premium API token to your existing Boundary Enterprise token with a comma, e.g. 4FtQaHhAFejk0mhb1SJHKx8nzrL:4z84GMGQSr8Ue5xqteAqfY0Q3WW,api-XXXXXXXXX.
  • Use the meter command line to integrate the API key into your configuration file, e.g. 'boundary_meter -l create -p api-XXXXXXXXX' automatically merges your premium API key into the meter.conf configuration file.
  • Add your premium API token to the chef or puppet configuration

Plugin Process Isolation

The Boundary Relay is a Node.js program and generally requires running as the 'root' user. Boundary Meter 3.1.0 implements the plugin relay functionality as a separate process running as the new unprivileged 'boundary' user. This improves security and limits damage that an potentially buggy plugin could cause to a system. The meter is able to automatically restart plugins and the plugin manager process if problems are detected.

The plugin process starts automatically whenever you add plugins to the meter from the Boundary Premium UI. It will show up in the process list as 'pluginmgr' or a second boundary-meter process. However, if you remove all plugins from the meter, it will continue running until the meter is restarted.

Plugins are installed under /etc/boundary/plugins on Unix/Linux or \Program Files\Boundary\plugins on Windows systems. Note that installing Boundary Meter 3.1.0 will also add the new local 'boundary' user and group to Unix/Linux systems. The meter also supports running as an unprivileged user on Windows, but one should configure a Windows service account manually if this functionality is desired.

Expanded Configuration File

Meter 3.1.0 continues the migration a JSON config file over operating-system-specific switches or registry settings. This means many more meter features are now configured in the same way across all platforms. This file also encapsulates settings from the Boundary Agent and Relays into a single configuration, as the meter supports automatic migration and integration of the files from both of these programs.

The configuration file is located in the following places:

For Unix/Linux based systems: /etc/boundary/meter.conf

For Windows-based systems: \Program Files\Boundary\meter.conf

In practice you should never have to edit this file but if you require more advanced tuning of the meter you can alter the configuration file then restart the meter by executing the following command:

For Unix/Linux based systems: /etc/init.d/boundary-meter restart

For Windows based systems: sc restart "Boundary Meter"

The file format is standard JSON, which is different from the Boundary Agent, but follows the conventions of the Boundary Relay and earlier meter releases. The following JSON keys are allowed:

debug
Enables extra debugging (values 1-4, 0 disables). The default value is 0.

http_max_log_kb
Max file size in KB when logging http debug data. The default value is 1024.

enterprise_api.enable
Enables or disables access to the Enterprise API. The default value is false.

enterprise_api.api_key
The API key for accessing the Enterprise API.

enterprise_api.org_id
The Organization ID for accessing the Enterprise API.

enterprise_api.host
The hostname of the Enterprise API endpoint. The default value is api.boundary.com.

enterprise_api.plaintext
Determines whether to access the Enterprise API HTTP (true) or HTTPS (false). The default value is false.

enterprise_api.compress
Determines whether to enable HTTP compression accessing the Enterprise API. The default value is true.

enterprise_api.port
Override the default port for accessing the Enterprise API. The default value is 443.

premium_api.enable
Enables or disables access to the Premium API. The default value is false.

premium_api.token
The API token for accessing the Premium API.

premium_api.poll_interval_ms
The amount of time between collecting metrics. The default value is 1000.

premium_api.send_interval_ms
The amount of time to batch metrics before forwarding to the API. The default value is 4000.

premium_api.max_backlog
The maximum number of metrics that will be queued between send intervals. The default value is 1000.

premium_api.timeout_ms
The maximum time to wait for an API transaction to succeed. The default value is 15000.

premium_api.control_interval_ms
Interval between polling for control/heartbeat updates. The default value is 2000.

premium_api.backoff_s
The amount of time to backoff if there is an error pushing metrics to the API. The default value is 120.

premium_api.plaintext
Determines whether to access the Premium API HTTP (true) or HTTPS (false). The default value is false.

premium_api.compress
Determines whether to enable HTTP compression accessing the Enterprise API. The default value is true.

premium_api.host
The hostname of the Premium API endpoint. The default value is premium-api.boundary.com.

premium_api.metadata_interval_ms
The amount of time between checking for metadata updates. The default value is 30000.

premium_api.port
Override the default port for accessing the Premium API. The default value is 443.

premium_api.metrics_prefixes
Forwards all local metrics with given prefix. For example, specifying "statsd" will forward all statsd metrics. Specifying 'system.os.loadavg' will forward all system load average metrics.

premium_api.metrics_map
Maps local metrics to different premium metric names. Metrics are specified with a source, followed by the metric name. For example, if you expect a metric from the statsd sink called "my.metric", the source name would be "statsd.my.metric". The entry "statsd.my.metric": { "name": "MY_METRIC" } would remap a local statsd metric to a premium metric called MY_METRIC. Supported sources are 'system' for internal metrics, 'statsd', 'graphite' and 'collectd'.

premium_api.tags
A list of tags to be sent as metadata.

premium_api.validate_plugins
Enables or disables plugin validation. The default value is true.

collectd_sink.enable
Enables or disables listening for collectd metrics. Collectd metrics are prefixed with 'collectd.'. The default value is false.

collectd_sink.port
Override the default port for listening for collectd metrics. The default value is 25826.

collector.enable
Enables or disables sending IPFIX flow data to Boundary Enterprise. The default value is false.

collector.collectors
List of collectors to try for sending IPFIX flow data.

collector.mode
IPFIX data format (biflow or topk). The default value is biflow.

collector.msg_burst_ms
Minimum interval between sending IPFIX messages. The default value is 100.

collector.msg_timeout_s
Amount of IPFIX messages to queue before discarding if the IPFIX collector is down. The default value is 15.

collector.certfile
SSL Certificate file to use for authenticating with the IPFIX collector. The default value is cert.pem.

collector.cafile
SSL CA Certificate file to use for authenticating with the IPFIX collector. The default value is ca.pem.

collector.keyfile
SSL Key file to use for authenticating with the IPFIX collector. The default value is key.pem.

graphite_sink.enable
Enables or disables listening for graphite metrics. Graphite metrics are prefixed with 'graphite.'. The default value is false.

graphite_sink.port
Override the default port for listening for graphite metrics. The default value is 2003.

packet_capture.log_stats
Periodically log low-level capture statistics. The default value is false.

packet_capture.disable_acceleration
Disable packet capture acceleration. Leave this disabled for the best performance. The default value is false.

packet_capture.promiscuous_mode
Enable capturing all packets, even those not directed at a local network interface. The default value is false.

graphite_writer.enable
Enables or disables sending metrics to a graphite server. The default value is false.

graphite_writer.uri
Protocol, hostname and port of the graphite server. The default value is tcp://localhost:2003.

http_proxy.enable
Enables or disables use of an HTTP proxy server. The default value is false.

http_proxy.hostname
The name or web address of a proxy server if one is to be used.

http_proxy.port
The port of the proxy server. The default value is 8080.

http_proxy.type
Can be either 'http' or 'socks5'. The default value is http.

http_proxy.user
User name if required for proxy login.

http_proxy.password
Password if required for proxy login.

http_proxy.auth
Can be either 'basic', 'digest', or 'ntlm'. The default value is basic.

ipfix_sink.enable
Enables or disables listening for IPFIX flow metrics. The default value is false.

sdk.count_per_route
Enable (true) or disable (false) sending per route request count measures. The default value is true.

sdk.cpu_time_per_route
Enable (true) or disable (false) sending per route cpu time measures. The default value is false.

sdk.resp_time_per_route
Enable (true) or disable (false) sending per route response time measures. The default value is false.

sdk.resp_time_threshold
The lower limit of response time in milliseconds for sending route level data - responses which take more time than this setting can be sent to the backend. Note: there is a server side threshold also for this value, setting the client side threshold lower than the server side threshold will have no effect as the data will be thrown away on the server side. The server threshold is 100 ms. The default value is 10.

sdk.max_reported_routes
The maximum number of reported routes by the meter. Only the top N response times will be reported. The default value is 10.

sdk.route_response_time_sort_by
The aggregate criteria by which the meter will sort the top routes. Valid aggregation functions are max, mean and count. The default value is max.

sdk.file
The Unix domain socket path for the SDK ingress on Linux/Unix. The default value is /tmp/gd.agent.sock.

sdk.port
The UDP socket port for the SDK ingress on Windows. The default value is 26873.

statsd_sink.enable
Enables or disables listening for statsd metrics. Statsd metric names are prefixed with 'statsd.'. The default value is false.

statsd_sink.port
Override the default port for listening for statsd metrics. The default value is 8125.

tls.skip_validation
Enables or disables validating server-side TLS certificates. This is useful for debugging on-premise installations. The default value is false.

privileges.user
Sets the user to run the meter and child processes as. The default value is boundary.

Bug Fixes

Syslog output on 3.0.0 nonfunctional

The syslog output of the 3.0.0 meter did not work. Meter 3.1.0 corrects this issue.

3rd Party Library Updates

Updated OpenSSL to 1.0.1j and Curl to 7.38

Have more questions? Submit a request