[cas-dev] application monitoring
David Harrison
david.harrison at stress-free.co.nz
Thu Jan 29 17:51:57 EST 2009
Boy this is sounding like quite a few CIO -> tech staff meetings I've
sat in on :-)
I haven't seen Andrew's servlet but if it tests that the
authentication & ticket validation process works from start to finish
then that maybe useful.
More often than not your Java app server will be functioning happily,
yet the service won't be working because of a network or software
issue in the LDAP service, database or consuming application.
i.e. It is pointless simply testing if CAS is breathing, you've got to
ensure it can stand up and dance.
With Hyperic you do this by defining an 'application' which is a pool
of network resources.
e.g. Java app server, CAS application, LDAP server(s), databases, etc.
When a part of this ecosystem fails the monitoring system alerts you
CAS probably isn't happy.
However in theory this isn't full proof as it doesn't test the ticket
issuing and validation process, it simply assumes if the components
are happy everything is fine.
The question is though have people run into problems with the ticket
validation process even when the underlying CAS components are
configured and running properly?
David
On 30/01/2009, at 4:02 AM, Scott Battaglia wrote:
> When I say monitoring I mean the overall health of the system, which
> includes is the CAS server and service available. But also includes
> things like is authentication taking too long, or are we
> experiencing higher average CPU utilization, or a higher number of
> failed authentications. Some of that is covered by using the
> Inspektr library (it keeps track of application-specific statistics).
>
> -Scott
>
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>
>
> On Thu, Jan 29, 2009 at 9:51 AM, Andrew Feller <afelle1 at lsu.edu>
> wrote:
> Scott / David,
>
> When we say "monitoring" we mean "Is the CAS server and service
> available?", correct? If so, then why not include some form of the
> service check servlet that I sent you Scott? That way you can have
> a simple point that multiple devices and software products can poll
> to see if it is up. Upon hindsight of the new RESTful API, the
> service check could be written using the REST API and cut out the
> need for a HTTP client.
>
> If we say "monitoring" means "determine performance of the CAS
> server", then that is something entirely different: auditing. IIRC,
> we decided to use the Inspektor library for that.
>
> A-
>
>
> On 1/29/09 8:41 AM, "Scott Battaglia" <scott.battaglia at gmail.com>
> wrote:
>
> David,
>
> Thanks for the insight! What we might want to do then is merely add
> a section to the CAS Manual called "Monitoring" or some such thing
> and allow people to detail what they did just to give people a
> jumpstart.
>
> i.e. sections like:
> "Monitoring CAS with Hyperic"
> "Monitoring CAS with OpenNMS"
> "Monitoring CAS with SpringSource Application Management Suite"
>
> If anyone has the appropriate experience and would be willing to
> help us out with documenting this, please let me know!
>
> -Scott
>
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>
>
> On Thu, Jan 29, 2009 at 5:14 AM, David Harrison <david.harrison at stress-free.co.nz
> > wrote:
> If there was a vote I'd go with not including monitoring.
>
> Monitoring means different things to different people, which makes
> it a moving target in terms of a feature-set.
>
> Also people who feel monitoring is important either already have a
> solution in place, or are investigating a suite (like Hyperic or
> OpenNMS) to satisfy this need.
>
> I have setup Hyperic to monitor CAS in a few organisations and it
> does a very good job.
> It goes well beyond simple system monitoring and lets you drill down
> to specific Tomcat/JBoss resources to ensure they are running within
> defined conditions.
> Yes this does require a separate Hyperic server instance, but in the
> age of virtualisation this isn't a big issue.
> Not to mention if you are running CAS in a cluster you almost
> certainly want your monitoring consolidated.
>
> SpringSource also provide a monitoring suite (based on Hyperic) that
> is very powerful when it comes to CAS internals:
> http://www.springsource.com/products/suite/ams
> Their tools allow you drill down into the specific Spring beans
> defined within CAS to track performance and other analytics.
>
> So in short I feel the monitoring of CAS is already very strong, and
> an internal effort would only add complexity with little gain.
>
>
> David
>
>
>
> On 15/01/2009, at 5:51 PM, Scott Battaglia wrote:
>
> We're going to have to make some decisions pretty soon about CAS4 if
> we're looking to include monitoring in CAS4, so please continue to
> post anything that you guys can think of to this thread.
> Suggestions are always welcome :-) We don't currently have any huge
> requirements for monitoring so we're gong to be relying on you guys
> (no pressure ;-)).
>
> Thanks
> -Scott
>
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>
>
> On Wed, Jan 14, 2009 at 1:58 PM, J. David Beutel
> <jbeutel at hawaii.edu> wrote:
> Yes, it looks generic (i.e., complicated) and requires a Hyperic
> server,
> which will take resources (JBoss + database), although it's FOSS (for
> the non-enterprise edition).
>
> The local Hyperic agent can monitor JVMs via JMX, like JConsole/
> VisualVM
> can, but through the Hyperic server to record in the database and
> view.
> Also, it has app-specific plugins, e.g., for Tomcat, which can
> provide
> app-specific stats and auto-discovery. So, a CAS-monitoring plugin
> for
> Hyperic seems possible, especially if you are already running a
> Hyperic
> server.
>
> However, I'm still just trying out Hyperic, so I don't know yet if
> I'd
> recommend it for this kind of monitoring.
>
>
>
> Andrew Feller wrote:
> > Isn't Hyperic a generic machine monitoring tool? I believe we
> use that on
> > our servers to keep track of whether they are up. I am
> interested in how
> > this can be applied to an application. The only downside is
> whether you
> > need to setup the Hyperic server or not and what costs are
> associated.
> >
> >
> > On 1/13/09 10:03 PM, "J. David Beutel" <jbeutel at hawaii.edu> wrote:
> >
> >
> >> Looking at using Hyperic for this. No conclusions yet, however...
> >>
> >>
> >> Scott Battaglia wrote:
> >>
> >>> We already keep track of statistics via Inspektr (min, max,
> average,
> >>> and time response time I believe).
> >>>
> >>> Right now, I'm attempting to mostly gather
> >>> feedback/requirements/recommendations on monitoring and find
> out some
> >>> available libraries. If you have any info, please feel free to
> share :-)
> >>>
> >>> -Scott
> >>>
> >>> -Scott Battaglia
> >>> PGP Public Key Id: 0x383733AA
> >>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> >>>
> >>>
> >>> On Mon, Jan 12, 2009 at 9:54 AM, Andrew Feller <afelle1 at lsu.edu
> >>> <mailto:afelle1 at lsu.edu>> wrote:
> >>>
> >>> I am glad to hear that CAS monitoring is being considered
> for CAS4! =)
> >>>
> >>> How were you thinking about incorporating this into CAS4?
> What
> >>> areas of CAS performance should be monitored? Tickets
> granted?
> >>> Cleaning / expiration of tickets? Activity related to
> individual
> >>> services or users? I ask because Java Simon seems pretty
> >>> simplistic and have trouble seeing how it would be used. I
> notice
> >>> Java Simon mention JMX in a number of places, which I
> assume means
> >>> they register themselves with the Mbean server and you can
> view
> >>> this information via jconsole.
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> On 1/12/09 8:39 AM, "Scott Battaglia" <scott.battaglia at gmail.com
> >>> <mailto:scott.battaglia at gmail.com>> wrote:
> >>>
> >>> has anyone looked at Java Simon before as a potential
> tool for
> >>> offering some monitoring of CAS servers? (i.e. for CAS4):
> >>>
> >>> http://code.google.com/p/javasimon/
> >>>
> >>> If you have any thoughts or opinions on this or any other
> >>> tool, please let me know.
> >>>
> >>> -Scott
> >>>
> >>> -Scott Battaglia
> >>> PGP Public Key Id: 0x383733AA
> >>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> >>>
> >>>
> >>>
> ------------------------------------------------------------------------
> >>> _______________________________________________
> >>> cas-dev mailing list
> >>> cas-dev at tp.its.yale.edu <mailto:cas-dev at tp.its.yale.edu>
> >>> http://tp.its.yale.edu/mailman/listinfo/cas-dev
> >>>
> >>>
> >>> --
> >>> Andrew Feller, Analyst
> >>> LSU University Information Services
> >>> 200 Frey Computing Services Center
> >>> Baton Rouge, LA 70803
> >>> Office: 225.578.3737
> >>> Fax: 225.578.6400
> >>>
> >>> _______________________________________________
> >>> cas-dev mailing list
> >>> cas-dev at tp.its.yale.edu <mailto:cas-dev at tp.its.yale.edu>
> >>> http://tp.its.yale.edu/mailman/listinfo/cas-dev
> >>>
> >>>
> >>>
> ------------------------------------------------------------------------
> >>>
> >>> _______________________________________________
> >>> cas-dev mailing list
> >>> cas-dev at tp.its.yale.edu
> >>> http://tp.its.yale.edu/mailman/listinfo/cas-dev
> >>>
> >>>
> >> _______________________________________________
> >> cas-dev mailing list
> >> cas-dev at tp.its.yale.edu
> >> http://tp.its.yale.edu/mailman/listinfo/cas-dev
> >>
> >
> >
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
> --
> Andrew Feller, Analyst
> LSU University Information Services
> 200 Frey Computing Services Center
> Baton Rouge, LA 70803
> Office: 225.578.3737
> Fax: 225.578.6400
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20090130/b9e4af4e/attachment-0001.html
More information about the cas-dev
mailing list