Pivotal Cloud Cache Operator Guide
This document describes how a Pivotal Cloud Foundry (PCF) operator can install, configure, and maintain Pivotal Cloud Cache (PCC).
You must have access to a Service Network in order to install PCC.
With an Ops Manager role (detailed in Understand Roles in Ops Manager) that has the proper permissions to install and configure, follow these steps to install PCC on PCF:
- Download the tile from the Pivotal Network.
- Click Import a Product to import the tile into Ops Manager.
- Click the + symbol next to the uploaded product description.
- Click on the Cloud Cache tile.
- Complete all the configuration steps in the Configure Tile Properties section below.
- Return to the Ops Manager Installation Dashboard and click Apply Changes to complete the installation of the PCC tile.
Configure the sections listed on the left side of the page.
After you complete a section, a green check mark appears next to the section name. Each section name must show this green check mark before you can complete your installation.
- Assign AZs and Networks
- Service Plans, including the Dev Plan
- Resource Config
To select AZs and networks for VMs used by PCC, do the following:
Click Assign AZs and Networks.
Configure the fields on the Assign AZs and Networks pane as follows:
Field Instructions Place singleton jobs in Select the region that you want for singleton VMs. Balance other jobs in Select the AZ(s) you want to use for distributing other GemFire VMs. Pivotal recommends selecting all of them. Network Select your PAS (or Elastic Runtime) network. Service Network Select the network to be used for GemFire VMs.
The smoke-tests errand that runs after tile installation.
The errand verifies that your installation was successful.
By default, the
smoke-test errand runs on the
system org and the
Note: Smoke tests will fail unless you enable global default application security groups (ASGs). You can enable global default ASGs by binding the ASG to the
system org without specifying a space. To enable global default ASGs, use
To select which plan you want to use for smoke tests, do the following:
Select a plan to use when the
Ensure the selected plan is enabled and configured. For information about configuring plans, see Configure Service Plans below. If the selected plan is not enabled, the
Pivotal recommends that you use the smallest four-server plan for smoke tests. Because smoke tests create and later destroy this plan, using a very small plan reduces installation time.
Settings: Allow Outbound Internet Access
By default, outbound internet access is not allowed from service instances.
If BOSH is configured to use an external blob store, you need allow outbound internet access from service instances. Log forwarding and backups, which require external endpoints, might also require internet access.
To allow outbound internet access from service instance, do the following:
Select Allow outbound internet access from service instances (IaaS-dependent).
Note: Outbound network traffic rules also depend on your IaaS settings. Consult your network or IaaS administrator to ensure that your IaaS allows outbound traffic to the external networks you need.
By default, syslog forwarding is not enabled in PCC. However, PCC supports forwarding syslog to an external log management service (for example, Papertrail, Splunk, or your custom enterprise log sink). The broker logs are useful for debugging problems creating, updating, and binding service instances.
To enable remote syslog for the service broker, do the following:
- Click Syslog.
Configure the fields on the Syslog pane as follows:
Field Instructions Enable Remote Syslog Select to enable. External Syslog Address Enter the address or host of the syslog server for sending logs, for example,
External Syslog Port Enter the port of the syslog server for sending logs, for example,
Enable TLS for Syslog Select to enable secure log transmission through TLS. Without this, remote syslog sends unencrypted logs. We recommend enabling TLS, as most syslog endpoints such as Papertrail and Logsearch require TLS. Permitted Peer for TLS Communication. This is required if TLS is enabled. If there are several peer servers that can respond to remote syslog connections, then provide a regex, such as
CA Certificate for TLS Communication If the server certificate is not signed by a known authority, for example, an internal syslog server, provide the CA certificate of the log management service endpoint. Send service instance logs to external By default, only the broker logs are forwarded to your configured log management service. If you want to forward server and locator logs from all service instances, select this. This lets you monitor the health of the clusters, although it generates a large volume of logs.
If you don’t enable this, you get only the broker logs which include information about service instance creation, but not about on-going cluster health.
You can configure five individual plans for your developers. Select the Plan 1 through Plan 5 tabs to configure each of them.
The Plan Enabled option is selected by default. If you do not want to add this plan to the CF service catalog, select Plan Disabled. You must enable at least one plan.
The Plan Name text field allows you to customize the name of the plan. This plan name is displayed to developers when they view the service in the Marketplace.
The Plan Description text field allows you to supply a plan description. The description is displayed to developers when they view the service in the Marketplace.
The Enable metrics for service instances checkbox enables metrics for service instances created using the plan. Once enabled, the metrics are sent to the Loggregator Firehose.
The CF Service Access drop-down menu gives you the option to display or not display the service plan in the Marketplace. Enable Service Access displays the service plan the Marketplace. Disable Service Access makes the plan unavailable in the Marketplace. If you choose this option, you cannot make the plan available at a later time. Leave Service Access Unchanged makes the plan unavailable in the Marketplace by default, but allows you to make it available at a later time.
The Service Instance Quota sets the maximum number of PCC clusters that can exist simultaneously.
When developers create or update a service instance, they can specify the number of servers in the cluster. The Maximum servers per cluster field allows operators to set an upper bound on the number of servers developers can request. If developers do not explicitly specify the number of servers in a service instance, a new cluster has the number of servers specified in the Default Number of Servers field.
The Availability zones for service instances setting determines which AZs are used for a particular cluster. The members of a cluster are distributed evenly across AZs.
WARNING! After you’ve selected AZs for your service network, you cannot add additional AZs; doing so causes existing service instances to lose data on update.
The remaining fields control the VM type and persistent disk type for servers and locators. The total size of the cache is directly related to the number of servers and the amount of memory of the selected server VM type. We recommend the following configuration:
- For the VM type for the Locator VMs field, select a VM that has at least 2 CPUs, 1 GB of RAM and 4 GB of disk space.
- For the Persistent disk type for the Locator VMs field, select 10 GB or higher.
- For the VM type for the Server VMs field, select a VM that has at least 2 CPUs, 4 GB of RAM and 8 GB of disk space.
- For the Persistent disk type for the server VMs field, select 10 GB or higher.
When you finish configuring the plan, click Save to save your configuration options.
A Dev Plan is a type of service plan. Use a Dev Plan for development and testing. The plan provides a single locator and server, which are colocated within a single VM.
The page for configuring a Dev Plan is similar to the page for configuring other service plans. To configure the Dev Plan, input information in the fields and make selections from the options on the Plan for test development page.
If you have enabled post-deploy scripts in your Ops Manager Director, a region is automatically created. To confirm that post-deploy scripts are enabled, navigate to the Director Config pane of Ops Manger Director and verify that Enable Post Deploy Scripts is selected.
By default, post-deploy and pre-delete errands always run. Pivotal recommends keeping these defaults. However, if necessary, you can change these defaults as follows.
For general information about errands in PCF, see Managing Errands in Ops Manager
Change the setting for the errands.
Ensure you import the correct type of stemcell indicated on this tab.
You can download the latest available stemcells from the Pivotal Network.
PCC clusters and brokers emit service metrics. You can use any tool that has a corresponding Cloud Foundry nozzle to read and monitor these metrics in real time.
The table below shows the metrics emitted through the CF Nozzle and their corresponding Key Performance Indicator (KPI) guidelines.
|Metric Name||Description||Metric Type||Suggested Measurement||Measurement Type||Warning Threshold||Critical Threshold||Suggested Actions||Why a KPI?|
||RAM being consumed||percent||Average over last 10 minutes||avg||75%||85%|
||Returns the number of members in the distributed system.||number||Every second||count||< manifest member count||This depends on the expected member count, which is available in the BOSH manifest. If the number expected is different from the number emitted, this is a critical situation that may lead to data loss, and the reasons for node failure should be investigated by examining the service logs.||Member loss due to any reason can cause potential data loss.|
||Returns the total available heap (in megabytes) across all distributed members.||number||Every second||pulse||If the total heap size and used heap size are too close, the system might see thrashing due to GC activity. This increases latency.|
||Returns the total heap used on all members.||number||Every second||pulse||If the total heap size and used heap size are too close, the system might see thrashing due to GC activity. This increases latency.|
||Returns the number of times garbage collection has occurred.||number||Sum over 10 minutes||sum||Dependent on IaaS and app use case.||Dependent on IaaS and app use case.||Check the number of queries run against the system, which increases the deserialization of objects and increases garbage.||If the frequency of GC is high, the system might see high CPU usage, which causes delays in the cluster.|
||Amount of CPU utilization||percent||Average over 10 minutes||avg||85%||95%||If this is not happening with high GC activity, the system is reaching its limits. Horizontal scaling might help.||High CPU usage causes delayed responses and can also make the member non-responsive. This eventually causes it to be kicked out of the cluster, potentially leading to data loss.|
||Returns the cache get average latency.||number||Average over 10 minutes||avg||Dependent on IaaS and app use case.||Dependent on IaaS and app use case.||If this is not happening with high GC activity, the system is reaching its limit. Horizontal scaling might help.||A good indicator of the overall responsiveness of the system. If this number is high, the service administrator should diagnose the root cause.|
||Returns the cache put average latency.||number||Average over 10 minutes||avg||Dependent on IaaS and app use case.||Dependent on IaaS and app use case.||If this is not happening with high GC activity, the system is reaching its limit. Horizontal scaling might help.||A good indicator of the overall responsiveness of the system. If this number is high, the service administrator should diagnose the root cause.|
||Returns the number JVM pauses||number||Sum over 2 seconds||sum||Dependent on IaaS and app use case.||Dependent on IaaS and app use case.||Check the cached object size; if it is greater than >1 MB, you may be hitting the limitation on JVM to garbage collect this object. Otherwise, you may be hitting the utilization limit on the cluster, and will need to scale up to add more memory to the cluster.||Due to a JVM pause, the member stops responding to “are-you-alive” messages, which may cause this member to be kicked out of the cluster.|
||Returns the maximum number of open file descriptors allowed for the member’s host operating system.||number||Every second||pulse||If total FD open is higher than total FD available, it causes the member to stop responding and crash.|
||Returns the current number of open file descriptors.||number||Every second||pulse||If total FD open is higher than total FD available, it causes the member to stop responding and crash.|
||Returns the proportion of available heap size as a percentage||percent||Every second||compound metric||40%||10%||If this is a spike due to eviction catching up with insert frequency, then customers need to keep a close watch that it should not hit the RED marker. If there is no eviction, then horizontal scaling is suggested||If the total heap size and used heap size are too close, system might see thrashing due to GC activity. This increases the latency|
||Returns the number of available File Descriptors||number||Every second||compound metric||1000||100||You need to scale horizontally to increase capacity||If total FD open is higher than total FD available, it causes the member to stop responding and crash.|
This table shows the metrics emitted through the CF Nozzle for gateway senders and gateway receivers.
|Metric Name||Description||Metric Type||Measurement Type|
||The current size of the gateway sender queue.||number||count|
||A count of the events coming from the region to which the gateway sender is attached. It is the count since the last time the metric was checked. The first time it is checked, the count is of the number of events since the gateway sender was created.||number||count|
||A count of the events queued on the gateway sender from the region. This quantity of events might be lower than the quantity of events received, as not all received events are queued. It is a count since the last time the metric was checked. The first time it is checked, the count is of the number of events since the gateway sender was created.||number||count|
||A count of the events received from the gateway sender which will be applied to the region on the gateway receiver’s site. It is the count since the last time the metric was checked. The first time it is checked, the count is of the number of events since the gateway receiver was created.||number||count|
This table shows the metrics emitted through the CF Nozzle for disks.
|Metric Name||Description||Metric Type||Measurement Type|
||The average latency of disk writes in nanoseconds.||number||time in nanoseconds|
||The total number of bytes on the attached disk.||number||count|
||The total number of bytes of available space on the attached disk.||number||count|
Prometheus is one of various tools you can use to monitor services instances. It is a monitoring and alerting toolkit that allows for metric scraping. You can use the Firehose exporter to export all the metrics from the Firehose, which you can then graph with Grafana to monitor your PCC cluster.
Follow the instructions here to deploy Prometheus alongside your PCF cluster.
Prometheus can be deployed on any IaaS. You need to verify that the Firehose exporter job can talk to your UAA VM. This might involve opening up firewall rules or enabling your VM to allow outgoing traffic.
You can run queries on, and build a custom dashboard of, specific metrics that are important to you.
Follow the steps below to upgrade PCC:
- Download the new version of the tile from the Pivotal Network.
- Upload the product to Ops Manager.
- Click Add next to the uploaded product.
- Click on the Cloud Cache tile and review your configuration options.
- Click Apply Changes.
Follow the steps below to update plans in Ops Manager.
- Click on the Cloud Cache tile.
- Click on the plan you want to update under the Information section.
- Edit the fields with the changes you want to make to the plan.
- Click Save button on the bottom of the page.
- Click on the PCF Ops Manager to navigate to the Installation Dashboard.
- Click Apply Changes.
Plan changes are not applied to existing services instances until you run the
upgrade-all-service-instances BOSH errand. You must use the BOSH CLI to run this errand. Until you run this errand, developers cannot update service instances.
Changes to fields that can be overridden by optional parameters, for example
new_size_percentage, change the default value of these instance properties, but do not affect existing service instances.
If you change the allowed limits of an optional parameter, for example the maximum number of servers per cluster, existing service instances in violation of the new limits are not modified.
When existing instances are upgraded, all plan changes are applied to them.
To uninstall PCC, follow the steps from below from the Installation Dashboard:
- Click the trash can icon in the bottom-right-hand corner of the tile.
- Click Apply Changes.
You can visualize the performance of your cluster by downloading the statistics files from your servers. These files are located in the persistent store on each VM. To copy these files to your workstation, run the following command:
`bosh2 -e BOSH-ENVIRONMENT -d DEPLOYMENT-NAME scp server/0:/var/vcap/store/gemfire-server/statistics.gfs /tmp`
See the Pivotal GemFire Installing and Running VSD topic for information about loading the statistics files into Pivotal GemFire VSD.
Error: “Creating p-cloudcache SERVICE-NAME failed”
The smoke tests could not create an instance of GemFire. To troubleshoot why the deployment failed, use the cf CLI to create a new service instance using the same plan and download the logs of the service deployment from BOSH.
Error: “Deleting SERVICE-NAME failed”
The smoke test attempted to clean up a service instance it created and failed to delete the service using the
cf delete-service command. To troubleshoot this issue, run BOSH
logs to view the logs on the broker or the service instance to see why the deletion may have failed.
Error: Cannot connect to the cluster SERVICE-NAME
The smoke test was unable to connect to the cluster.
To troubleshoot the issue, review the logs of your load balancer, and review the logs of your CF Router to ensure the route to your PCC cluster is properly registered.
You also can create a service instance and try to connect to it using the gfsh CLI. This requires creating a service key.
Error: “Could not perform create/put on Cloud Cache cluster”
The smoke test was unable to write data to the cluster. The user may not have permissions to create a region or write data.
Error: “Could not retrieve value from Cloud Cache cluster”
The smoke test was unable to read back the data it wrote. Data loss can happen
if a cluster member improperly stops and starts again or if the member machine
crashes and is resurrected by BOSH. Run BOSH
logs to view the logs on the
broker to see if there were any interruptions to the cluster by a service
PCC Clients communicate to PCC servers on port 40404 and with locators on port 55221. Both of these ports must be reachable from the PAS (or Elastic Runtime) network to service the network.
Membership Port Range
PCC servers and locators communicate with each other using UDP and TCP. The current port range for this communication is
If you have a firewall between VMs, ensure this port range is open.