5.11 Monitoring Outside the Firewall with an SSH Tunnel

If you run an SSH server on the machine that hosts the MySQL Enterprise Service Manager and an SSH client on the machine that hosts the agent, you can create an SSH tunnel so that the agent can bypass your firewall. First, you need to make an adjustment to the agent-mgmt-hostname value specified in the etc/bootstrap.properties configuration file. For more information about the contents and location of the configuration file, see Section D.2.1, “MySQL Enterprise Monitor Agent Configurable Options”. Stop the agent and change the hostname value as shown in the following:

agent-mgmt-hostname = https://agent_name:password@localhost:18443/

Replace the agent_name and password with suitable values. Likewise replace port 18443 if you are not running the Monitor UI on this port. Use localhost for the host name, since the agent is connecting through an SSH tunnel.

Next, execute the following command on the machine where the agent is running:

shell> ssh -L 18443:Monitor_UI_Host:18443 -l user_name -N Monitor_UI_Host

When prompted, enter the password for user_name.

If you are not running the MySQL Enterprise Service Manager on port 18443, substitute the appropriate port number. Likewise, replace Monitor_UI_Host with the correct value. user_name represents a valid operating system user on the machine that hosts the MySQL Enterprise Service Manager.

Be sure to restart the agent so that the new value for the hostname takes effect. For instructions on restarting the agent see: