Monitor using New Relic

Domino uses New Relic to enable developers, operations, and tech teams to measure and monitor the health and performance of their applications and infrastructure to achieve the following:

  • Help Domino understand system load for right-sizing and upgrade planning.

  • Send proactive and reactive alerts, which trigger Domino’s paging systems.

  • Provide general visibility of real-time and historical system health.

  • Store aggregated application logs for reference and analysis.

Data storage

Telemetry from Domino-deployed New Relic agents is sent via HTTPS to newrelic.com domains. These agents will be initialized with a New Relic API key provided by Domino that will authenticate them to New Relic. The New Relic agents take a standard proxy configuration, which can be provided at install time to comply with requirements for proxied internet egress.

Official information about networks, IP addresses, domains, ports, and endpoints used by New Relic is available from New Relic.

Data is stored in Domino’s New Relic account in a dedicated project with the customer’s unique ID, and data is retained for 30 days.

New Relic monitoring

Domino deploys five types of New Relic agent resources to collect different types of data.

New Relic

Logging

New Relic Logging agents are deployed as a DaemonSet and collect Domino application logs, which are exposed via the standard Kubernetes logging architecture and available securely from the Kubernetes API.

Events

A New Relic Events agent is deployed as a Deployment and collects Kubernetes events related to Domino components. This data is available securely from the Kubernetes API.

Infrastructure

New Relic Infrastructure agents are deployed as a DaemonSet and they collect common operational metrics from the worker infrastructure, such as CPU, memory, disk utilization and performance, and active workloads. This data is used to build a picture of cluster health and provide visibility into system load.

Metrics

A single New Relic Open Metrics pod is deployed to collect time series data about application component performance via metrics endpoints available from those component services. This targets component endpoints via labels, similar to Prometheus.

Only whitelisted metrics data is transmitted to the upstream Domino New Relic account, including:

  • Cluster Autoscaler performance and configuration.

  • Custom Domino metrics.

New Relic Application Performance Monitoring (APM)

Domino application components include integrated New Relic APM agents. When enabled, these send application-specific performance metrics related to the operation and monitoring of the Domino application.

Security

Domino employees use an SSO provider, who enforces two-factor authentication, to access New Relic. New Relic is a widely used, industry-standard tool.

Read about New Relic’s security practices, including SOC2 compliance.

Privacy and compliance

All New Relic agents deployed and used by Domino only send:

  • Application performance metrics.

  • Application logs.

  • Kubernetes performance, configuration, and resource information.

New Relic agents deployed by Domino never send:

  • Data uploaded or created by users.

  • Credentials, passwords, or secrets.

  • Personally identifiable information.