cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Looking to upgrade from Dynatrace Managed to SaaS? See how

Communication between Mission Control and Dynatrace Managed is one-way or two-way?

waikeat_chan
DynaMight Pro
DynaMight Pro

Security Team asked me if the Dynatrace Managed talks to Mission Control, of Mission Control talks to Dynatace Managed?

Or it is a two way comm that, They talk to each other?

 

6 REPLIES 6

Radoslaw_Szulgo
Dynatrace Guru
Dynatrace Guru

That is not true. Communication is always uni-directional from Cluster to Mission Control. We guarantee that no incoming traffic needs to be allowed to the cluster.


Even remote access works that way. In that case cluster acts as a client and Mission Control as a Server.

[update 08.08.2018]

1) In theory websocket tunnels that are utilized in remote access are
birectional. Indeed it's the Mission Control that sends a message to
the cluster to get page contents and post operation requests. Keep in
mind tough, that in that communication MC acts as a server and Cluster
as a client.


2) To get updates, cluster periodically polls MC
to get current list of updates. If new are retrieved, then they are
being downloaded an distributed to all nodes. If there's no updates on
the list that are downloaded, then the cluster removes them. When
cluster has new updates to OneAgents/Gateways then they are downloaded
by them.

3) Email notifications for health alerts are
sent by the cluster not by MC. The exception is when SMTP configured in
the cluster doesn't work or is not configured properly, then the email
request is sent from the cluster to MC that sends the email using Amazon
SES on behalf of the cluster.


Senior Product Manager,
Dynatrace Managed expert

Hello @Radoslaw S. ,

Thanks for bringing this up as this has been confusing for me from quite some time.

If communication is always uni-directional , then i will suggest to edit below line with a more clear statement in the official documentation

"To facilitate pro-active support, your Dynatrace Server transmits status information to and from Dynatrace Mission Control."

Please confirm me on below points also :

1) how does remote access taken by MC team (in case of issues in customer's Managed Cluster) works ? is it CLUSTER to MISSION CONTROL direction and not vice versa ?

2) Updates : : updates to SGW , Cluster , ONeagent are always polled by Cluster and then downloaded?

3) Email notifications for health alerts sent by MC : are these also not initiated by MC?

Thanks

Himanshu Mor


See my updated response.


Senior Product Manager,
Dynatrace Managed expert

Thanks @Radoslaw S. ! this helps clarify things for me.

For point number 1 regarding remote access: so we need to allow incoming connections also in our DC firewall for such scenarios because first connection request will be sent from MC to Cluster -> Please correct if i am still wrong here.

Thanks

Himanshu Mor


Yes you will need incoming connection allowed for websocket WSS protocol


Senior Product Manager,
Dynatrace Managed expert

Thanks @Radoslaw S. ! This helps!


Featured Posts