Configure an internet connection to enable Mission Control proactive support, receive Mission Control updates, and use external problem notifications via tools such as ServiceNow, Jira, and webhooks.
The following authentication protocols are available:
There are three different ways to configure a proxy connection for your Managed Cluster. Select the approach that best suits your needs.
Use the following command-line parameters to set up a proxy connection to Mission Control during the Managed installation:
--network-proxy
If your machine uses a network proxy to connect to the internet, enter the address in the following format:
protocol://[user:password@]server-address:port
The default value is none.
--network-proxy-cert-file
If your machine uses a network HTTPS proxy with a self-signed certificate, extend the trusted certificate store. Follow this parameter with the full path to the public SSL certificate file in PEM format.
Log in to the Cluster Management Console.
Go to Settings > Internet proxy and edit Proxy configuration for a particular data center.
Select Connect via proxy and enter proxy server details:
To exclude hosts from the proxy — for example, when problem integrations via webhooks point to internal network hosts — add them to the exclusion list. Use a wildcard (*) at the beginning or end of each host entry to match all URLs within a domain.
Use the Cluster API to set or update the internet proxy configuration of your Managed Cluster.
Yes, Dynatrace supports transparent proxy configuration.
A transparent proxy (also known as an intercepting proxy, in-line proxy, or forced proxy) can route and intercept Managed Cluster communication to Mission Control. It normally sits between the Managed Cluster and Mission Control. With a transparent proxy, you can audit and inspect all communication payloads.
Dynatrace doesn't need to be aware of the proxy. Configure Dynatrace Managed to trust a root certificate whose private key is known to the proxy. In this setup, the proxy can analyze the contents of SSL/TLS transactions, effectively performing a man-in-the-middle attack that Dynatrace authorizes by trusting a root certificate owned by the proxy.
Run the reconfiguration script with the following parameters:
/opt/dynatrace-managed/installer/reconfigure.sh --update-cert --network-proxy-cert-file <proxy_cert_file>