The Blue Medora Nozzle for PCF is a Cloud Foundry component that is required by the management pack in order to connect to the Cloud Foundry Loggregator Firehose. It exposes PCF metrics via a RESTful API.

Prerequisites

Recommended Deployment Method: Blue Medora Nozzle for PCF Tile

Other Deployment Methods

Other deployment methods include:

  • Cloud Foundry CLI method

  • Clone from github method

  • BOSH CLI method

Cloud Foundry CLI method

  • Install the Cloud Foundry Command Line Interface (cf-cli) available from the Cloud Foundry CLI github repository.

  • To deploy the nozzle, you must configure the manifest.yml, which is set up in a default configuration to be deployed as a cf app, as follows:

    • The BM_WEBSERVER_USE_SSL environment variable in the manifest.yml must be set to false during a cf app deployment as internal cloud foundry communication does not use SSL.

      Note:

      We also recommend keeping the BM_STDOUT_LOGGING environment variable as true; otherwise, the log files may grow quickly and use up the allocated disk space.

  • Once the manifest.yml has been configured, run cf push from the cf-cli to install as a cf app.

Clone from github method

  • Install the Go programming language (version 1.6+) on a machine that can connect to the Traffic Controller.

  • To deploy the nozzle, run the following command, which clones the nozzle files and dependencies from the github repo and sets them up in your Go environment:

    go get github.com/BlueMedoraPublic/bluemedora-firehose-nozzle

BOSH CLI method

Configure the Nozzle

Complete the following tasks to configure the nozzle once it has been deployed:

Caution:

The following configuration sub-topics are not applicable to the recommended deployment method: Blue Medora Nozzle for PCF Tile (see: above). 

All "Other" deployment methods must following the configuration tasks outlined below.

  • Configure the bluemedora-firehose.nozzle.json file

  • Generate SSL Certificates

Configure the bluemedora-firehose.nozzle.json file

To configure the Blue Medora Nozzle for PCF after deployment, modify the bluemedora-firehose-nozzle.json file (located in the configfolder of the nozzle files) as follows:

Field

Description

UAAURL

The UAA login URL of the Cloud Foundry deployment

UAAUsername (UAA Client)

The UAA Client that has access to read from the Loggregator Firehose (See: Blue Medora Nozzle for PCF Credentials (UAA Client) on the page Obtaining Nozzle, Cloud Controller, and BOSH Director Credentials)

UAAPassword (UAA Client password)

Password for the UAA Client (See: Blue Medora Nozzle for PCF Credentials (UAA Client) on the page Obtaining Nozzle, Cloud Controller, and BOSH Director Credentials)

TrafficControllerURL

The URL for the Traffic Controller. To find the URL, follow the instructions outline at: https://docs.cloudfoundry.org/loggregator/architecture.html#firehose

SubscriptionID

The subscription ID of the nozzle. For more information about subscription IDs and nozzle scaling, see: https://docs.cloudfoundry.org/loggregator/log-ops-guide.html#scaling-nozzles

DisableAccessControl

If true, disables authentication with UAA. Used in lattice deployments

InsecureSSLSkipVerify

If true, allows insecure connections to the UAA and Traffic Controller endpoints

IdleTimeoutSeconds

The amount of time, in seconds, the connection to the firehose can be idle before disconnecting

MetricCacheDurationSeconds

The amount of time, in seconds, the RESTful API web server will cache metric data. The higher this duration, the less likely the data will be correct for a certain metric as it could hold stale data.

WebServerPort

Port to connect to the RESTful API (default: 443)

An example configuration would look similar to the following:

{
“UAAURL”: “https://uaa.pcf.environment.com”, “UAAUsername”: “uaa_user”, “UAAPassword”: “password”,
“TrafficControllerURL”: “wss://doppler.pcf.envrionment.com:443”, “SubscriptionID”: “bluemedora-nozzle-id”, “DisableAccessControl”: false,
“InsecureSSLSkipVerify”: true, “IdleTimeoutSeconds”: 30,
“MetricCacheDurationSeconds”: 60,
“WebServerPort”: 443
}

Generate SSL Certificates

The Blue Medora Nozzle for PCF uses SSL for its REST webserver. In order to generate these certificates, run the following command and answer the questions at the prompts:

openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout certs/key.pem -out certs/cert.pem

Run the Nozzle

Once you have deployed and configured the nozzle, you can run it using the following command:

go run main.go