Before you begin
What you need:
- A machine dedicated to Security Gateway with:
- 1 GB free disk space
- 2 GB RAM (4 GB recommended)
- 1 dual core processor
- A working instance of Dynatrace server.
- Administrator credentials for the servers where the Dynatrace Managed node will be installed.
- An up-to-date Linux distribution supported by Dynatrace Managed.
Note: The Linux operating system has a limit on the number of open files that a process can handle. It's recommended that you set the number of open files to at least
500,000 for user
root to ensure proper operation. The current limit can be checked via the
ulimit -H -n command. Note that this limit is set per user, so if you run Security Gateway on a different user than
root, you need to update the relative configuration file accordingly.
To configure the permitted number of open files:
- Create the file
/etc/security/limits.d/80-dynatrace.confwith the following content:
root hard nofile 500000.
- Log out, log back in, and restart Security Gateway.
Make sure the system limit for the number of open files is higher. To view the system limit, execute the following command:
If required, follow the steps below to change the system limit:
sysctl -p /etc/sysctl.d/80-dynatrace.confto apply the new value.
Download the installer
Downloading the installer is fairly easy—just follow the steps below.
Log in to your Dynatrace Server and select Home from the navigation menu to enter the Dynatrace Cluster Management Console.
Click Add new Security Gateway.
Choose the operating system on which you would like to install the Security Gateway.
For Windows, download and execute the installer. For Linux, copy the
wgetcommand line and paste it into your terminal window. Wait for the download to complete and then begin the installation. Make sure to copy the command directly from the cluster page because the command contains your cluster master address.
Run the installer
You'll need root rights to install a public managed Security Gateway. You can use
sudo to run the installation script. To do this, type one of the following commands into the directory where you downloaded the installation script.
- If you're on an Ubuntu Server, use the following command:
sudo /bin/bash psg-installer.sh
- If you're using Red Hat Enterprise Linux:
su -c '/bin/bash psg-installer.sh'
- If you start a root session:
After a few validation steps, the Security Gateway is automatically installed and connected to the cluster nodes.
- Distribution path:
- Dynatrace Server data files:
- Gateway configuration:
- Log files directory:
The installer optimizes also operating system settings:
- Swap is turned off (with
PREROUTING" rules are enhanced to enable forwarding communication to Dynatrace Server (HTTPS to port 8021). To see the exact rules, type
iptables -L -vt natin your terminal.
readaheadpage cache is set to 512.
- Limits for users are changed globally (unlimited locked-in-memory address space, unlimited address space, increased limit for number of processes and open files).
How to update a Public Managed Security Gateway
To update Security Gateway, download the new version and reinstall it. You don´t need to uninstall your current Security Gateway version. Just install the new version over the old one.