• /
  • ログイン
  • 無料アカウント

Managing the 'ktranslate' Docker container

This page outlines the options for management of the ktranslate container used by New Relic NPM.

Container requirements

We recommend the following resources for the ktranslate container image:

Disk

  • 100MB available disk space

CPU

  • SNMP Polling/Trap Collection: 1 CPU core dedicated for every ~1,000 devices
  • Device Flow Collection: 1 CPU core dedicated for every ~2,000 flows per second (fps)
  • Syslog Message Collection: 1 CPU core dedicated for every ~2,000 messages per second

Memory

  • ktranslate is not generally constrained by memory resources. The amount of memory on your host should be driven by the types of applications/containers you plan to run. For a general idea, we commonly see success with image sizes as small as the AWS t2.micro which has 1 vCPU and 1.0 GB of available RAM.

ヒント

The ktranslate container image runs a single "job type" at a time. For instance, a container deployed for SNMP polling and trap collection will not be used for flow collection. Furthermore, containers deployed for flow collection are limited to a single -nf.source type per container. This means that it is common to have multiple containers deployed to a single Docker host at any given time. They can also share a common configuration file, but do not have to.

Updating the container

Keeping the ktranslate container image up to date is good practice to both receive the latest updates and resolve common problems through various bug fixes applied during the development lifecycle. It is recommended to always pull the latest available image when redeploying your containers.

  1. Pull the latest container image available
bash
$
docker pull kentik/ktranslate:v2
  1. Collect the IDs and names of any existing containers
bash
$
docker ps -a --filter ancestor=kentik/ktranslate:v2 --format "{{.ID}} - {{.Names}}"

Output Example:

3297b134a352 - ktranslate-snmp
4962a854b386 - ktranslate-sflow
  1. Remove any pre-existing containers
bash
$
docker rm -f $CONTAINER_ID
  1. Redeploy your ktranslate container using the original settings you deployed with from either SNMP, flow data, or syslog collection.

重要

The configuration file used by ktranslate is applied to the container at runtime. Changes to this file require you to remove and restart your running container(s) to apply the edits.

Container runtime options

Below are the various options available during Docker runtime for the ktranslate container image:

Option name

Type

Required

Description

-snmp

Flag

Sets the path to the snmp-base.yaml file on the Docker container, based on the volume mount from the Docker host passed as an option during runtime.

-nr_account_id

Flag

The New Relic One account ID that ktranslate will ship data to.

-log_level

Flag

Overrides the default info log level for ktranslate. The available options are debug, info, warn, or error.

-snmp_discovery

Flag

Used to setup the container in SNMP discovery mode.

-snmp_poll_now

Flag

Used to setup the container to poll a target device on-demand.

-tee_logs

Flag

Forwards Docker logs from ktranslate into New Relic One Logs.

-metrics=jchf

Flag

Forwards health metrics from ktranslate into New Relic One.

-service_name

Flag

Appended to the container name in Docker logs to help isolate logs from various containers in New Relic One Logs.

-nr_region

Flag

Sets the regional API endpoints for ktranslate to forward telemetry to New Relic One. Options are US, EU, and GOV (FedRAMP).

-max_threads

Flag

Lets you process higher volumes of data. We recommend one CPU core available for every 2,000 flows per second (fps) of network flow data sent, or every 1,000 SNMP devices being monitored, or every 2,000 syslog messages per second collected by a container. The default is 1.

-sample_rate

Flag

Changes the default sample rate value at which flows are passed to New Relic One Events. This does not speed up the local configuration of flow sample rate on a device, but it can slow it down. Setting this to 1 will enable capturing all flows sent to the container. The default is 1000.

-nf.workers

Flag

Overrides the number of workers used in processing network packets. Use one worker for every 4,000 of flows per second (fps) of network flow data sent. The default is 1.

-nf.port

Flag

Overrides the listening port for incoming flow packets. The default is 9995.

-nf.source

Flag

✓ (For flow containers)

Sets up the type of flow this container will process. Options are ipfix, netflow5, netflow9, and sflow.

-application_map

Flag

Sets the path to an application map file on the Docker container, based on a volume mount from the Docker host passed as an option during runtime.

-dns

Flag

Sets the IP:Port for ktranslate to use during DNS resolution of IP addresses. Setting this affects the results for the dst_host and src_host fields.

nr1.flow

Argument

✓ (For flow containers)

This argument statically sets the following flags: compression: gzip, sink: new_relic, format: new_relic, max_before_sample: 100, flow_only:true.

nr1.snmp

Argument

✓ (For SNMP containers)

This argument statically sets the following options: compression: gzip, sink: new_relic, format: new_relic_metric, max_flows_per_message: 100.

nr1.syslog

Argument

✓ (For syslog containers)

This argument statically sets the following flags: compression: gzip, sink: new_relic, format: new_relic_metric, syslog:"0.0.0.0:5143".

NEW_RELIC_API_KEY

Environment Variable

Environment variable that must be used during Docker runtime to hold the New Relic license key for ktranslate to send data to the New Relic APIs. Ex: -e NEW_RELIC_API_KEY=$LICENSE_KEY.

HTTPS_PROXY

Environment Variable

Environment variable that can be used during Docker runtime to setup ktranslate to ship data to New Relic via proxy. Ex: -e HTTPS_PROXY=https://user:password@hostname:port.

AWS_ACCESS_KEY_ID

Environment Variable

Environment variable that can be used during Docker runtime to setup ktranslate's SNMPv3 configuration to use AWS Secrets Manager. Specifies the AWS access key used as part of the credentials to authenticate the user.

AWS_SECRET_ACCESS_KEY

Environment Variable

Environment variable that can be used during Docker runtime to setup ktranslate's SNMPv3 configuration to use AWS Secrets Manager. Specifies the AWS secret key used as part of the credentials to authenticate the user.

AWS_DEFAULT_REGION

Environment Variable

Environment variable that can be used during Docker runtime to setup ktranslate's SNMPv3 configuration to use AWS Secrets Manager. Specifies the AWS Region to send requests to for commands requested using this profile.

問題を作成する
Copyright © 2022 New Relic Inc.