By default, PHP Agent and Java proxy communicate with each other using Inter-Process Communication (IPC). However, using Transmission Control Protocol (TCP) communication is beneficial in these scenarios:

  • When you want the Java proxy and PHP Agent to run over different host operating systems. 
  • In containers (such as Docker and Kubernetes), where mounting the same volume for all the containers is possible but not recommended.

To enable TCP communication, set -tcp-comm-port to a valid port value while installing the agent. Also, set -tcp-port-range to a valid port range (3000-3005). The PHP Agent and Java proxy can now communicate using TCP.

The Java proxy listens to the incoming connection requests from agents over the -tcp-comm-port. The communication occurs for each agent over these two unique ports:

  • Reporting port
  • Request port

These ports can be set during the agent installation or proxy configuration.

TCP Mode Environmental Variables

This table lists the TCP mode configuration environment variables:

Variable Name       DescriptionConfiguration Notes

-tcp-comm-host

  • For Java Proxy - Defines the host over which the proxy listens to the incoming connections.
  • For PHP Agent - Defines the host over which the agent tries to communicate with the proxy.

It is an optional variable. By default, it is set to 127.0.0.1 (localhost).

-tcp-comm-port

  • For Java Proxy - Defines the port over which the proxy listens to the incoming connections inside the host where proxy is running.
  • For PHP Agent - Defines the port over which the agent tries to communicate with the proxy at the host specified.

You must define this variable.


-tcp-port-range

Defines the port range over which the proxy allocates ports (request / reporting) to communicate with the agent

You must define this variable.

-tcp-request-port

Defines the port for reporting transport between the agent and proxy.

It is an optional variable. If not defined, proxy allocates a port in the defined range.

-tcp-reporting-port

Defines the port for request and configuration transport between the agent and proxy.

It is an optional variable. If not defined, proxy allocates a port in the defined range.

Sample Installation Command

The following is a sample command to install the agent with the TCP mode enabled.

install.sh -a PHPCust@XC6v2n8m2$543 --tcp-comm-port=3000 --tcp-port-range=3000-3010 controller1.appdynamics.com 8818 myApp myTier myNode
PHP

Set Up CurveZMQ to Encrypt the Agent-Proxy Communication

By default, the communication between Java Proxy and the PHP Agent is not encrypted. This section describes how to encrypt the communication between the proxy and the agent using CurveZMQ. CurveZMQ is an authentication and encryption protocol for ZeroMQ.

 To enable the curve encryption, use the -curve-enabled flag while installing the agent. The following is a sample command to install the agent with CurveZMQ enabled.

install.sh -a PHPCust@XC6v2n8m2$543 --tcp-comm-port=3000 —tcp-port-
range=3000-3010 —curve-enabled controller1.appdynamics.com 8818 myApp
PHP

Configure Proxy and Agent in Separate Containers

  1. Use the following sample command to deploy the agent in a container.
    ./install.sh -a e2e-customer@59b661ac-720f-43ce-9b07-9d3bdf1cdb17
--auto-launch-proxy=0 —tcp-comm-host=PROXY_HOST --tcp-comm-
port=3000 --tcp-port-range=3000-3010 --curve-enabled
CONTROLLER_HOST_NAME CONTROLLER_PORT APP_NAME TIER_NAME NODE_NAME 8090
    CODE
  2. Perform the following steps to deploy proxy in a container than the agent container.
    1. Download the proxy artifact and unzip it.
    2. Make a copy of the runProxy.template file and rename it as runProxy.
    3. Run the following command.
      bash /proxy/runProxy /tmp/proxy.communication /tmp/agentLogs
-Dappdynamics.proxy.curveenabled=yes
-Dappdynamics.proxy.curvesecretfile=/home/appdynamics-php-agent-
linux_x64/certs/secret/proxy.key_secret
-Dappdynamics.proxy.curvepublicfile=/home/appdynamics-php-agent-
linux_x64/certs/public/proxy.key -Dcommtcp=3000
-Dappdynamics.proxy.commtcphost=$(hostname -I)
-Dappdynamics.proxy.commportrange=3000-3005
-Dappdynamics.agent.ssl.protocol=TLSv1.2
      CODE

  1. Ensure that agent and proxy are part of the same network to allow agent-proxy communication. You can use Docker Compose to achieve this.

  2. If you are using Docker Compose, you can set proxy host value as proxy container name.

Deploy PHP Agent with Shared Proxy in a Kubernetes Cluster

This section describes how to deploy PHP Agent with shared Java proxy on Kubernetes.

Proxy Pod Configuration

Make a note of the following points while configuring the pod for proxy:

  • Expose a continuous range of ports in the proxy service for the proxy-agent communication.
  • Run the proxy pod with spec type for proxy service set to ClusterIP.
  • Make sure to set the following environment variables for running proxy in TCP mode: 
VariableValueRequired

APPDYNAMICS_TCP_COMM_PORT

TCP Port for proxy, for example, 3000.

Yes

APPDYNAMICS_TCP_COMM_HOST

TCP Host where agents make the request.

It is recommended to set it as the IP Address where pod is running. In the proxy-deployment.yaml file, you can find the IP address at:

valueFrom:

    fieldRef:

       fieldPath: status.podIP
CODE


Yes

APPDYNAMICS_TCP_PORT_RANGE

Specify the port range for proxy to allocate request/reporting ports. For example, 3000-3010.

Make sure to provide enough ports in the port range. The total number of ports must be at least double the number of agents.

Yes

APPDYNAMICS_CURVE_ENABLED

Set to true to enable CurveZMQ encryption. If set to true, copy the proxy public key available at /tmp/appd/certs/public/proxy.key and paste it in certs/public folder available in the agent directory for all the agents.

Optional

  • Applications that run with PHP Agent must run in pods. You can scale up or scale down the PHP Agent pods.
  • The proxy runs as a single and separate pod. It is exposed to the PHP Agents through a service. You should not scale or replicate the proxy pod.

Sample Proxy Deployment Specification for Kubernetes

##Proxy Deployment
apiVersion: apps/v1 
kind: Deployment
metadata: 
  name: proxy-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      app: proxy
  template:
    metadata:
      labels:
        app: proxy
    spec:
      containers:
        - name: proxy
          image: appdynamics/php-proxy-x64:latest
          env:
            - name: APPDYNAMICS_CURVE_ENABLED
              value: "true"
            - name: APPDYNAMICS_TCP_COMM_PORT
              value: "3000"
            - name: APPDYNAMICS_TCP_COMM_HOST
              valueFrom:
                fieldRef:
                  fieldPath: status.podIP
            - name: APPDYNAMICS_TCP_PORT_RANGE
              value: "3000-3010"

##Proxy Service

apiVersion: v1
kind: Service
metadata:
  name:  proxy-service
spec:
  selector:
    app: proxy
  type: ClusterIP
  ports:
  - protocol: TCP
    name: port-1
    port:  3000
    targetPort:  3000
  - protocol: TCP
    name: port-2
    port:  3001
    targetPort:  3001
  - protocol: TCP
    name: port-3
    port:  3002
    targetPort:  3002
  - protocol: TCP
    name: port-4
    port:  3003
    targetPort:  3003
CODE

Sample Command for Agent Installation in a Pod

./install.sh -a e2e-customer@59b661ac-720f-43ce-9b07-9d3bdf1cdb17 --auto-launch-proxy=0 --tcp-comm-host=proxy-service.default --tcp-comm-port=3000 --tcp-port-range=3000-3010 --curve-enabled CONTROLLER_HOST_NAME CONTROLLER_PORT APP_NAME TIER_NAME NODE_NAME 8090
CODE
  1. If you are using Kubernetes, set the tcp comm host = proxy-service.default parameter in the agent installation command. In this parameter, proxy-service is the name of the proxy service and .default is the default namespace.
  2. A single proxy can send data to Controller only when the application name for the agent reporting to it is same.