Connecting to Dynatrace VMs (ActiveGate)
Pre-Requisites
- Connected to the VPN
Connecting to Dynatrace VMs (ActiveGate)
Dynatrace ActiveGate VMs exist as instances of different Virtual Machine Scale Sets:
Request access and connect to one of the bastions and then connect to the one of the instances of the scale set either via its DNS name.
The following DNS records have been set up to point to the active instance in the scalesets:
- dynatrace-activegate-private-prod.platform.hmcts.net
- dynatrace-activegate-prod.platform.hmcts.net
- dynatrace-activegate-private-nonprod.platform.hmcts.net
- dynatrace-activegate-nonprod.platform.hmcts.net
If you need to connect to a non-active instance, you can use it’s DNS name which will be something like:
- dynatrace-activegate-private-prod-vmss000000.platform.hmcts.net
- dynatrace-activegate-prod-vmss000000.platform.hmcts.net
- dynatrace-activegate-private-nonprod-vmss000000.platform.hmcts.net
- dynatrace-activegate-nonprod-vmss000000.platform.hmcts.net
You can also connect to it via it’s IP address, which can be found in the Azure portal by clicking on the instance.
SSH requires a private key for authentication, which can be found in this keyvault.
You can also use your Microsoft Entra ID login credentials with Just In Time Access.
Request access via the dynatrace access package from the My Access page.
SSH to the appropriate bastion and run az login.
Use the az ssh --ip command followed by the IP address of the VM to connect to it using your own account.
If you are getting permission denied, try upgrading the instance in the portal.