Provided by: pcp_4.0.1-1_amd64 
NAME
pmproxy - proxy for performance metrics collector daemon
SYNOPSIS
pmproxy [-Af] [-C dirname] [-i ipaddress] [-l logfile] [-L bytes] [-M certname] [-p
port[,port ...] [-P passfile] [-U username] [-x file]
DESCRIPTION
pmproxy acts as a protocol proxy for pmcd(1), allowing Performance Co-Pilot (PCP)
monitoring clients to connect to one or more pmcd(1) instances via pmproxy.
Normally pmproxy is deployed in a firewall domain, or on a ``head'' node of a cluster
where the IP (Internet Protocol) address of the hosts where pmcd(1) is running may be
unknown to the PCP monitoring clients, although the IP address of the host where pmproxy
is running is known to these clients. Similarly, the clients may have network
connectivity only to the host where pmproxy is running, while there is network
connectivity from that host to the hosts of interest where pmcd(1) is running.
The behaviour of the PCP monitoring clients is controlled by either the PMPROXY_HOST
environment variable or through the extended hostname specification (see PCPIntro(1) for
details). If neither of these mechanisms is used, clients will make their connections
directly to pmcd(1). If the proxy hostname syntax is used or PMPROXY_HOST is set, then
this should be the hostname or IP address of the system where pmproxy is running, and the
clients will connect to pmcd(1) indirectly through the protocol proxy services of pmproxy.
The options to pmproxy are as follows.
-A Disable service advertisement. By default, pmproxy will advertise its presence on
the network using any available mechanisms (such as Avahi/DNS-SD), assisting remote
monitoring tools with finding it. These mechanisms are disabled with this option.
-C dirname
Specify the path to the Network Security Services certificate database, for
(optional) secure connections. The default is /etc/pki/nssdb. Refer also to the
-P option. If it does not already exist, this database can be created using the
certutil utility. This process and other certificate database maintenance
information is provided in the PCPIntro(1) manual page and the online PCP
tutorials.
-f By default pmproxy is started as a daemon. The -f option indicates that it should
run in the foreground. This is most useful when trying to diagnose problems with
establishing connections.
-i ipaddress
This option is usually only used on hosts with more than one network interface
(very common for firewall and ``head'' node hosts where pmproxy is most likely to
be deployed). If no -i options are specified pmproxy accepts PCP client
connections on any of its host's IP addresses. The -i option is used to specify
explicitly an IP address that PCP client connections should be accepted on.
ipaddress should be in the standard dotted form (e.g. 100.23.45.6). The -i option
may be used multiple times to define a list of IP addresses. When one or more -i
options is specified, attempted connections made on any other IP addresses will be
refused.
-l logfile
By default a log file named pmproxy.log is written in the current directory. The
-l option causes the log file to be written to logfile instead of the default. If
the log file cannot be created or is not writable, output is written to the
standard error instead.
-L bytes
PDUs received by pmproxy from PCP monitoring clients are restricted to a maximum
size of 65536 bytes by default to defend against Denial of Service attacks. The -L
option may be used to change the maximum incoming PDU size.
-M certname
By default, pmproxy will try to use a certificate called PCP Collector certificate
in its server role. The -M option allows this to be changed.
-P passfile
Specify the path to a file containing the Network Security Services certificate
database password for (optional) secure connections, and for databases that are
password protected. Refer also to the -C option. When using this option, great
care should be exercised to ensure appropriate ownership ("pcp" user, typically)
and permissions on this file (0400, so as to be unreadable by any user other than
the user running the pmproxy process).
-U username
Assume the identity of username before starting to accept incoming packets from PCP
monitoring clients.
-x file
Before the pmproxy logfile can be opened, pmproxy may encounter a fatal error which
prevents it from starting. By default, the output describing this error is sent to
/dev/tty but it may redirected to file.
STARTING AND STOPPING PMPROXY
Normally, pmproxy is started automatically at boot time and stopped when the system is
being brought down. Under certain circumstances it is necessary to start or stop pmproxy
manually. To do this one must become superuser and type
# $PCP_RC_DIR/pmproxy start
to start pmproxy, or
# $PCP_RC_DIR/pmproxy stop
to stop pmproxy. Starting pmproxy when it is already running is the same as stopping it
and then starting it again.
Normally pmproxy listens for PCP client connections on TCP/IP port number 44322
(registered at http://www.iana.org/). Either the environment variable PMPROXY_PORT -p
command line option may be used to specify alternative port number(s) when PMPROXY_PORT or
the -p command line option may be used to specify alternative port number(s) when pmproxy
is started; in each case, the specification is a comma-separated list of one or more
numerical port numbers. Should both methods be used or multiple -p options appear on the
command line, pmproxy will listen on the union of the set of ports specified via all -p
options and the PMPROXY_PORT environment variable. If non-default ports are used with
pmproxy care should be taken to ensure that PMPROXY_PORT is also set in the environment of
any client application that will connect to pmproxy, or that the extended host
specification syntax is used (see PCPIntro(1) for details).
FILES
PCP_PMPROXYOPTIONS_PATH
command line options for pmproxy when launched from $PCP_RC_DIR/pmproxy All the
command line option lines should start with a hyphen as the first character.
$PCP_SYSCONFIG_DIR/pmproxy
additional environment variables that will be set when pmproxy executes. Only
settings of the form "PMPROXY_VARIABLE=value" will be honoured.
./pmproxy.log
(or $PCP_LOG_DIR/pmproxy/pmproxy.log when started automatically)
All messages and diagnostics are directed here
/etc/pki/nssdb
default Network Security Services (NSS) certificate database directory, used for
optional Secure Socket Layer connections. This database can be created and queried
using the NSS certutil tool, amongst others.
ENVIRONMENT
In addition to the PCP environment variables described in the PCP ENVIRONMENT section
below, there are several environment variables that influence the interactions between a
PCP monitoring client, pmcd and pmcd(1).
PMCD_PORT
For the PCP monitoring client this (or the default port number) is passed to
pmproxy and used to connect to pmcd(1). In the environment of pmproxy PMCD_PORT is
not used.
PMPROXY_HOST
For the PCP monitoring client this is the hostname or IP address of the host where
pmproxy is running. In recent versions of PCP (since version 3) this has been
superseded by the extended hostname syntax (see PCPIntro(1) for details).
PMPROXY_PORT
For the PCP monitoring client this is the port on which pmproxy will accept
connections. The default is 44322.
PMCD_CONNECT_TIMEOUT, PMCD_RECONNECT_TIMEOUT and PMCD_REQUEST_TIMEOUT
(see PCPIntro(1)) For the PCP monitoring client, setting these environment
variables will modify the timeouts used for interactions between the client and
pmproxy (independent of which pmcd(1) is being used). For pmproxy these same
environment variables control the timeouts between pmproxy and all pmcd(1)
instances (independent of which monitoring client is involved).
If set to the value 1, the PMPROXY_LOCAL environment variable will cause pmproxy to run in
a localhost-only mode of operation, where it binds only to the loopback interface.
The PMPROXY_MAXPENDING variable can be set to indicate the maximum length to which the
queue of pending client connections may grow.
PCP ENVIRONMENT
Environment variables with the prefix PCP_ are used to parameterize the file and directory
names used by PCP. On each installation, the file /etc/pcp.conf contains the local values
for these variables. The PCP_CONF variable may be used to specify an alternative
configuration file, as described in pcp.conf(5).
SEE ALSO
PCPIntro(1), pmcd(1), pmdbg(1), pcp.conf(5) and pcp.env(5).
DIAGNOSTICS
If pmproxy is already running the message "Error: OpenRequestSocket bind: Address already
in use" will appear. This may also appear if pmproxy was shutdown with an outstanding
request from a client. In this case, a request socket has been left in the TIME_WAIT
state and until the system closes it down (after some timeout period) it will not be
possible to run pmproxy.
In addition to the standard PCP debugging options, see pmdbg(1), pmproxy currently
supports the debugging option context for tracing client connections and disconnections.