Synthetics job manager configuration

This doc will guide you through configuring your synthetics job manager by showing you how to:

Use environment variables to configure your synthetics job manager.
Set up custom modules for scripted API or scripted browser monitors.
Provide user-defined variables in your configuration.

Configuration using environment variables

Environmental variables allow you to fine-tune the synthetics job manager configuration to meet your specific environmental and functional needs.

The variables are provided at startup using the -e, --env argument.

The following table shows all the environment variables that synthetics job manager supports. PRIVATE_LOCATION_KEY is required, and all other variables are optional.

Name	Description
`PRIVATE_LOCATION_KEY`	Required. Private location key, as found on the Private Location entity list.
`DOCKER_API_VERSION`	Format: `"vX.Y"` API version to be used with the given Docker service. Default: `v1.35.`
`DOCKER_HOST`	Points the synthetics job manager to a given `DOCKER_HOST`. If absent, the default value is `/var/run/docker.sock.`
`HORDE_API_ENDPOINT`	For US-based accounts, the endpoint is: `https://synthetics-horde.nr-data.net.` For EU-based accounts, the endpoint is: `https://synthetics-horde.eu01.nr-data.net/` Ensure your synthetics job manager can connect to the appropriate endpoint in order to serve your monitor.
`DOCKER_REGISTRY`	The Docker Registry domain where the runtime images are hosted. Use this to override `docker.io` as the default.
`DOCKER_REPOSITORY`	The Docker repository or organization where the runtime images are hosted. Use this to override `newrelic` as the default.
`HORDE_API_PROXY_HOST`	Proxy server host used for Horde communication. Format: `"localhost"`.
`HORDE_API_PROXY_PORT`	Proxy server port used for Horde communication. Format: `8888`.
`HORDE_API_PROXY_USERNAME`	Proxy server username used for Horde communication. Format: `"username"`.
`HORDE_API_PROXY_PW`	Proxy server password used for Horde communication. Format: `"password"`.
`HORDE_API_PROXY_ACCEPT_SELF_SIGNED_CERT`	Accept self signed proxy certificates for the proxy server connection used for Horde communication? Acceptable values: `true`
`CHECK_TIMEOUT`	The maximum amount of seconds that your monitor checks are allowed to run. This value must be an integer between 0 seconds (excluded) and 900 seconds (included) (for example, from 1 second to 15 minutes). Default: 180 seconds
`LOG_LEVEL`	Default: `INFO.` Additional options: `WARN`, `ERROR`, `DEBUG`
`HEAVYWEIGHT_WORKERS`	The number of concurrent heavyweight jobs (Browser/Scripted Browser and Scripted API) that can run at one time. Default: Available CPUs - 1.
`DESIRED_RUNTIMES`	An array that may be used to run specific runtime images. Format: ['newrelic/synthetics-ping-runtime:latest','newrelic/synthetics-node-api-runtime:latest','newrelic/synthetics-node-browser-runtime:latest'] Default: all latest runtimes.
`VSE_PASSPHRASE`	If set, enables verified script execution and uses this value as a passphrase.
`USER_DEFINED_VARIABLES`	A locally hosted set of user defined key value pairs.
`ENABLE_WASM`	If set, enables webassembly for node browser runtime. To use webassembly, your synthetics job manager minimum version should be release-367 or higher and node browser runtime version should be 2.3.21 or higher.

The variables are provided at startup using the -e, --env argument.

The following table displays all the environment variables that synthetics job manager supports. PRIVATE_LOCATION_KEY is required, and all other variables are optional. To run the synthetics job manager in a Podman environment, the minimum version should be release-418 or higher.

Name	Description
`PRIVATE_LOCATION_KEY`	Required. Private location key, as found on the Private Location entity list.
`HORDE_API_ENDPOINT`	For US-based accounts, the endpoint is: `https://synthetics-horde.nr-data.net.` For EU-based accounts, the endpoint is: `https://synthetics-horde.eu01.nr-data.net/` Ensure your synthetics job manager can connect to the appropriate endpoint in order to serve your monitor.
`PODMAN_API_SERVICE_HOST`	The host entry added to the Pod created where the SJM is going to run. Use this to override `podman.service` as the default.
`PODMAN_API_SERVICE_PORT`	The port at which the Podman LibPod RESTful API service is running in the instance. Use this to override `8000` as the default.
`PODMAN_API_VERSION`	The specific version of the Podman LibPod RESTful API being used. Use this to override `v5.0.0` as the default.
`PODMAN_POD_NAME`	The name of the pod in which the SJM container is run. Use this to override `SYNTHETICS` as the default.
`DOCKER_REGISTRY`	The Docker Registry domain where the runtime images are hosted. Use this to override `docker.io` as the default.
`DOCKER_REPOSITORY`	The Docker repository or organization where the runtime images are hosted. Use this to override `newrelic` as the default.
`HORDE_API_PROXY_HOST`	Proxy server host used for Horde communication. Format: `"localhost"`.
`HORDE_API_PROXY_PORT`	Proxy server port used for Horde communication. Format: `8888`.
`HORDE_API_PROXY_USERNAME`	Proxy server username used for Horde communication. Format: `"username"`.
`HORDE_API_PROXY_PW`	Proxy server password used for Horde communication. Format: `"password"`.
`HORDE_API_PROXY_ACCEPT_SELF_SIGNED_CERT`	Accept self signed proxy certificates for the proxy server connection used for Horde communication? Acceptable values: `true`
`CHECK_TIMEOUT`	The maximum amount of seconds that your monitor checks are allowed to run. This value must be an integer between 0 seconds (excluded) and 900 seconds (included) (for example, from 1 second to 15 minutes). Default: 180 seconds
`LOG_LEVEL`	Default: `INFO.` Additional options: `WARN`, `ERROR`, `DEBUG`
`HEAVYWEIGHT_WORKERS`	The number of concurrent heavyweight jobs (Browser/Scripted Browser and Scripted API) that can run at one time. Default: Available CPUs - 1.
`DESIRED_RUNTIMES`	An array that may be used to run specific runtime images. Format: ['newrelic/synthetics-ping-runtime:latest','newrelic/synthetics-node-api-runtime:latest','newrelic/synthetics-node-browser-runtime:latest'] Default: all latest runtimes.
`VSE_PASSPHRASE`	If set, enables verified script execution and uses this value as a passphrase.
`USER_DEFINED_VARIABLES`	A locally hosted set of user defined key value pairs.
`ENABLE_WASM`	If set, enables webassembly for node browser runtime. To use webassembly, your synthetics job manager minimum version should be release-367 or higher and node browser runtime version should be 2.3.21 or higher.

The variables are provided at startup using the --set argument.

The following list shows all the environment variables that synthetics job manager supports. synthetics.privateLocationKey is required, and all other variables are optional.

A number of additional advanced settings are available and fully documented in our Helm chart README

Name	Description
`synthetics.privateLocationKey`	Required if `synthetics.privateLocationKeySecretName` is not set. Private location key of the private location, as found on the private location web page.
`synthetics.privateLocationKeySecretName`	Required if `synthetics.privateLocationKey` is not set. Name of the Kubernetes secret that contains the key `privateLocationKey`, which contains the authentication key associated with your synthetics private location.
`imagePullSecrets`	The name of the secret object used to pull an image from a specified container registry.
`fullnameOverride`	Name override used for your Deployment, replacing the default.
`appVersionOverride`	Release version of synthetics-job-manager to use instead of the version specified in chart.yml.
`synthetics.logLevel`	Default: `INFO.` Additional options: `WARN`, `ERROR`
`synthetics.hordeApiEndpoint`	For US-based accounts, the endpoint is: `https://synthetics-horde.nr-data.net.` For EU-based accounts, the endpoint is: `https://synthetics-horde.eu01.nr-data.net/` Ensure your synthetics job manager can connect to the appropriate endpoint in order to serve your monitor.
`synthetics.minionDockerRunnerRegistryEndpoint`	The Docker Registry and Organization where the Minion Runner image is hosted. Use this to override `quay.io/newrelic` as the default (for example, `docker.io/newrelic`)
`synthetics.vsePassphrase`	If set, it enables verified script execution, and uses this value as a passphrase.
`synthetics.vsePassphraseSecretName`	If set, enables verified script execution and uses this value to retrieve the passphrase from a Kubernetes secret with a key called `vsePassphrase`.
`synthetics.enableWasm`	If set, enables webassembly for node browser runtime. To use webassembly, your synthetics job manager minimum version should be release-367 or higher and node browser runtime version should be 2.3.21 or higher.
`synthetics.apiProxyHost`	Proxy server used for Horde communication. Format: `"host"`.
`synthetics.apiProxyPort`	Proxy server port used for Horde communication. Format: `port`.
`synthetics.hordeApiProxySelfSignedCert`	Accept self signed certificates when using a proxy server for Horde communication. Acceptable values: `true`.
`synthetics.hordeApiProxyUsername`	Proxy server username for Horde communication. Format: `"username"`
`synthetics.hordeApiProxyPw`	Proxy server password for Horde communication. Format: `"password"`.
`synthetics.userDefinedVariables.userDefinedJson`	A JSON string of user-defined variables. The user may access these variables in their script. Format: `'{"key":"value","key2":"value2"}'`.
`synthetics.userDefinedVariables.userDefinedFile`	A path local to the user to a JSON file containing user-defined variables. This is passed in via `--set-file` and cannot be set in the Values file.
`synthetics.userDefinedVariables.userDefinedPath`	A path on the user's provided PersistentVolume to the user_defined_variables.json file. User must provide a PersistentVolume or PersistentVolumeClaim if this variable is populated.
`synthetics.persistence.existingClaimName`	If mounting a volume, the user may provide a name for a PersistentVolumeClaim that already exists in the cluster. Presumes the existence of an corresponding PersistentVolume.
`synthetics.persistence.existingVolumeName`	If mounting a volume and not providing a PersistentVolumeClaim, the user must at minimum provide a PersistentVolume name. Helm will generate a PersistentVolumeClaim.
`synthetics.persistence.storageClass`	The name of the StorageClass for the generated PersistentVolumeClaim. This should match the StorageClassName on the existing PV. If not providers, Kubernetes will use the default storage class if present.
`synthetics.persistence.size`	The size of the volume for the generated PersistentVolumeClaim. Format: `10Gi`. Default 2Gi.
`global.checkTimeout`	The maximum amount of seconds that your monitor checks are allowed to run. This value must be an integer between 0 seconds (excluded) and 900 seconds (included) (for example, from 1 second to 15 minutes). Default: 180 seconds
`image.repository`	The container to pull. Default: `docker.io/newrelic/synthetics-job-runner`
`image.pullPolicy`	The pull policy. Default: `IfNotPresent`
`podSecurityContext`	Set a custom security context for the synthetics-job-manager pod.
`ping-runtime.enabled`	Whether or not the persistent ping runtime should be deployed. This can be disabled if you do not use ping monitors. Default: `true`
`ping-runtime.replicaCount`	The number of ping runtime containers to deploy. Increase the replicaCount to scale the deployment based on your ping monitoring needs. Default: `1`
`ping-runtime.image.repository`	The container image to pull for the ping runtime. Default: `docker.io/newrelic/synthetics-ping-runtime`
`ping-runtime.image.pullPolicy`	The pull policy for the ping-runtime container. Default: `IfNotPresent`
`node-api-runtime.enabled`	Whether or not the Node.js API runtime should be deployed. This can be disabled if you do not use scripted API monitors. Default: `true`
`node-api-runtime.parallelism`	The number of Node.js API runtime `CronJobs` to deploy. The maximum number of concurrent Node.js API jobs that will execute at any time. Additional details. Default: `1`
`node-api-runtime.completions`	The number of Node.js API runtime `CronJobs` to complete per minute. Increase this setting along with parallelism to improve throughput. This should be increased any time parallelism is increased and completions should always be at least greater than or equal to parallelism. . Increase this setting if you notice periods of time with no API runtime jobs running. Additional details. Default: `6`
`node-api-runtime.image.repository`	The container image to pull for the Node.js API runtime. Default: `docker.io/newrelic/synthetics-node-api-runtime`
`node-api-runtime.image.pullPolicy`	The pull policy for the Node.js API runtime container. Default: `IfNotPresent`
`node-browser-runtime.enabled`	Whether or not the Node.js browser runtime should be deployed. This can be disabled if you do not use simple or scripted browser monitors. Default: `true`
`node-browser-runtime.parallelism`	The number of Chrome browser runtime `CronJobs` to deploy. The maximum number of concurrent Chrome browser jobs that will execute at any time. Additional details. Default: `1`
`node-browser-runtime.completions`	The number of Chrome browser runtime `CronJobs` to complete per minute. Increase this setting along with parallelism to improve throughput. This should be increased any time parallelism is increased and completions should always be at least greater than or equal to parallelism. Increase this setting if you notice periods of time with no browser runtime jobs running. Additional details. Default: `6`
`node-browser-runtime.image.repository`	The container image to pull for the Node.js browser runtime. Default: `docker.io/newrelic/synthetics-node-browser-runtime`
`node-browser-runtime.image.pullPolicy`	The pull policy for the Node.js browser runtime container. Default: `IfNotPresent`

The variables are provided at startup using the --set argument.

The following list shows all the environment variables that synthetics job manager supports. synthetics.privateLocationKey is required, and all other variables are optional.

A number of additional advanced settings are available and fully documented in our Helm chart README

Name	Description
`synthetics.privateLocationKey`	Required. Private location key, as found on the private location entity list.
`imagePullSecrets`	The name of the secret object used to pull an image from a specified container registry.
`fullnameOverride`	Name override used for your Deployment, replacing the default.
`appVersionOverride`	Release version of synthetics-job-manager to use instead of the version specified in chart.yml.
`synthetics.logLevel`	Default: `INFO.` Additional options: `WARN`, `ERROR`
`synthetics.hordeApiEndpoint`	For US-based accounts, the endpoint is: `https://synthetics-horde.nr-data.net.` For EU-based accounts, the endpoint is: `https://synthetics-horde.eu01.nr-data.net/` Ensure your synthetics job manager can connect to the appropriate endpoint in order to serve your monitor.
`synthetics.vsePassphrase`	If set, it enables verified script execution, and uses this value as a passphrase.
`synthetics.vsePassphraseSecretName`	If set, enables verified script execution and uses this value to retrieve the passphrase from a Kubernetes secret with a key called `vsePassphrase`.
`synthetics.enableWasm`	If set, enables webassembly for node browser runtime. To use webassembly, your synthetics job manager minimum version should be release-367 or higher and node browser runtime version should be 2.3.21 or higher.
`synthetics.apiProxyHost`	Proxy server used for Horde communication. Format: `"host"`.
`synthetics.apiProxyPort`	Proxy server port used for Horde communication. Format: `port`.
`synthetics.hordeApiProxySelfSignedCert`	Accept self signed certificates when using a proxy server for Horde communication. Acceptable values: `true`.
`synthetics.hordeApiProxyUsername`	Proxy server username for Horde communication. Format: `"username"`
`synthetics.hordeApiProxyPw`	Proxy server password for Horde communication. Format: `"password"`.
`synthetics.userDefinedVariables.userDefinedJson`	A JSON string of user-defined variables. The user may access these variables in their script. Format: `'{"key":"value","key2":"value2"}'`.
`synthetics.userDefinedVariables.userDefinedFile`	A path local to the user to a JSON file containing user-defined variables. This is passed in via `--set-file` and cannot be set in the Values file.
`synthetics.userDefinedVariables.userDefinedPath`	A path on the user's provided `PersistentVolume` to the `user_defined_variables.json` file. User must provide a `PersistentVolume` or `PersistentVolumeClaim` if this variable is populated.
`global.persistence.existingClaimName`	If mounting a volume, the user may provide a name for a `PersistentVolumeClaim` that already exists in the cluster. Presumes the existence of an corresponding `PersistentVolume`.
`global.persistence.existingVolumeName`	If mounting a volume and not providing a `PersistentVolumeClaim`, the user must at minimum provide a `PersistentVolume` name. Helm will generate a `PersistentVolumeClaim`.
`global.persistence.storageClass`	The name of the `StorageClass` for the generated `PersistentVolumeClaim`. This should match the `StorageClassName` on the existing PV. If not providers, Kubernetes will use the default storage class if present.
`global.persistence.size`	The size of the volume for the generated `PersistentVolumeClaim`. Format: `10Gi`. Default `2Gi`.
`global.checkTimeout`	The maximum amount of seconds that your monitor checks are allowed to run. This value must be an integer between 0 seconds (excluded) and 900 seconds (included) (for example, from 1 second to 15 minutes). Default: 180 seconds
`image.repository`	The container to pull. Default: `docker.io/newrelic/synthetics-job-runner`
`image.pullPolicy`	The pull policy. Default: `IfNotPresent`
`podSecurityContext`	Set a custom security context for the `synthetics-job-manager` pod.
`ping-runtime.enabled`	Whether or not the persistent ping runtime should be deployed. This can be disabled if you do not use ping monitors. Default: `true`
`ping-runtime.replicaCount`	The number of ping runtime containers to deploy. Increase the `replicaCount` to scale the deployment based on your ping monitoring needs. Default: `1`
`ping-runtime.image.repository`	The container image to pull for the ping runtime. Default: `docker.io/newrelic/synthetics-ping-runtime`
`ping-runtime.image.pullPolicy`	The pull policy for the ping-runtime container. Default: `IfNotPresent`
`node-api-runtime.enabled`	Whether or not the Node.js API runtime should be deployed. This can be disabled if you do not use scripted API monitors. Default: `true`
`node-api-runtime.parallelism`	The number of Node.js API runtime `CronJobs` to deploy. The maximum number of concurrent Node.js API jobs that will execute at any time. Additional details. Default: `1`
`node-api-runtime.completions`	The number of Node.js API runtime `CronJobs` to complete per minute. Increase this setting along with parallelism to improve throughput. This should be increased any time parallelism is increased and completions should always be at least greater than or equal to parallelism. . Increase this setting if you notice periods of time with no API runtime jobs running. Additional details. Default: `6`
`node-api-runtime.image.repository`	The container image to pull for the Node.js API runtime. Default: `docker.io/newrelic/synthetics-node-api-runtime`
`node-api-runtime.image.pullPolicy`	The pull policy for the Node.js API runtime container. Default: `IfNotPresent`
`node-browser-runtime.enabled`	Whether or not the Node.js browser runtime should be deployed. This can be disabled if you do not use simple or scripted browser monitors. Default: `true`
`node-browser-runtime.parallelism`	The number of Chrome browser runtime `CronJobs` to deploy. The maximum number of concurrent Chrome browser jobs that will execute at any time. Additional details. Default: `1`
`node-browser-runtime.completions`	The number of Chrome browser runtime `CronJobs` to complete per minute. Increase this setting along with parallelism to improve throughput. This should be increased any time parallelism is increased and completions should always be at least greater than or equal to parallelism. Increase this setting if you notice periods of time with no browser runtime jobs running. Additional details. Default: `6`
`node-browser-runtime.image.repository`	The container image to pull for the Node.js browser runtime. Default: `docker.io/newrelic/synthetics-node-browser-runtime`
`node-browser-runtime.image.pullPolicy`	The pull policy for the Node.js browser runtime container. Default: `IfNotPresent`

User-defined variables for scripted monitors

Private synthetics job managers let you configure environment variables for scripted monitors. These variables are managed locally on the SJM and can be accessed via $env.USER_DEFINED_VARIABLES. You can set user-defined variables in two ways. You can mount a JSON file or you can supply an environment variable to the SJM on launch. If both are provided, the SJM will only use values provided by the environment.

The user may create a JSON-formatted file and mount the volume where the file is located to a specified target path in the SJM container.

The file must have read permissions and contain a JSON-formatted map. Example user-defined variables file:

{
  "KEY": "VALUE",
  "user_name": "MINION",
  "my_password": "PASSW0RD123",
  "my_URL": "https://newrelic.com/",
  "ETC": "ETC"
}

Place the file in the source directory on the host. The SJM is expecting the file name to be user_defined_variables.json

Docker example:

The expected target directory is: /var/lib/newrelic/synthetics/variables/

bash

$docker run ... -v /variables:/var/lib/newrelic/synthetics/variables:rw ...

Podman example:

In case of SELinux, mount the volume additionally with :z or :Z. For more information, refer Podman documentation. The expected target directory is: /var/lib/newrelic/synthetics/variables/

bash

$podman run ... -v /variables:/var/lib/newrelic/synthetics/variables:rw,z ...

Kubernetes example:

The user has two options when providing a file to the SJM pod in Kubernetes. They may:

Pass in a local file.
Provide a PersistentVolume that includes the user_defined_variables.json.

Pass in a local file

This option creates a ConfigMap Kubernetes resource and mounts that to the SJM pod.

bash

$helm install newrelic/synthetics-job-manager ... --set-file "synthetics.userDefinedVariables.userDefinedFile=[local-path]/user_defined_variables.json" ...

Mount a `PersistentVolume`

This option requires the user to provide a PersistentVolume that includes the user_defined_variables.json file or a PersistentVolumeClaim to the same. For more details on helm chart installation using a PersistentVolume, follow the instructions at permanent data storage.

Once the user has prepared a PersistentVolume as described below, launch the SJM, setting the path where the user_defined_variables.json file is located, and set any other synthetics.persistence variables as necessary.

bash

$helm install newrelic/synthetics-job-manger ... --set synthetics.userDefinedVariables.userDefinedPath="variables"

The variables may be passed to their respective container system via environment variable.

Docker example:

Use the -e flag to set up an environment variable named USER_DEFINED_VARIABLES and give it the value of a JSON formatted map string.

bash

$docker run ... -e USER_DEFINED_VARIABLES='{"key":"value","name":"sjm"}' ...

Podman example:

Use the -e flag to set up an environment variable named USER_DEFINED_VARIABLES and give it the value of a JSON formatted map string.

bash

$podman run ... -e USER_DEFINED_VARIABLES='{"key":"value","name":"sjm"}' ...

Kubernetes example:

Use the --set-literal flag to pass in the JSON formatted string.

bash

$helm install newrelic/synthetics-job-manager ... --set-literal synthetics.userDefinedVariables.userDefinedJson='{"key":"value","name":"sjm"}' ...

Accessing user-defined environment variables from scripts

To reference a configured user-defined environment variable, use the reserved $env.USER_DEFINED_VARIABLES followed by the name of a given variable with dot notation (for example, $env.USER_DEFINED_VARIABLES.MY_VARIABLE).

Caution

User-defined environment variables are not sanitized from logs. Consider using the secure credentials feature for sensitive information.

Custom node modules

Custom node modules are provided in the SJM. They allow you to create a customized set of node modules and use them in scripted monitors (scripted API and scripted browser) for synthetic monitoring.

Set up your custom modules directory

Create a directory with a package.json file following npm official guidelines in the root folder. The SJM will install any dependencies listed in the package.json's dependencies field. These dependencies will be available when running monitors on the private synthetics job manager. See an example of this below.

Example

In this example, a custom module directory is used with the following structure:

/example-custom-modules-dir/
    ├── counter
    │   ├── index.js
    │   └── package.json
    └── package.json            ⇦ the only mandatory file

The package.json defines dependencies as both a local module (for example, counter) and any hosted modules (for example, smallest version 1.0.1):

{
    "name": "custom-modules",
    "version": "1.0.0",                                ⇦ optional
    "description": "example custom modules directory", ⇦ optional
    "dependencies": {
    "smallest": "1.0.1",                               ⇦ hosted module
    "counter": "file:./counter"                        ⇦ local module
    }
}

Add your custom modules directory to the SJM for Docker, Podman, or Kubernetes

For podman, launch SJM mounting the directory at /var/lib/newrelic/synthetics/modules. In case of SELinux, mount the volume additionally with with :z or :Z. For more information, refer Podman documentation. For example:

bash

$podman run ... -v /example-custom-modules-dir:/var/lib/newrelic/synthetics/modules:rw,z ...

For Kubernetes, the directory at /var/lib/newrelic/synthetics/modules needs to exist on a PV prior to launching the SJM with custom modules enabled.

Tip

The PV access mode should be ReadWriteMany if you need to share storage across multiple pods.

One method is to create a pod that mounts the PV just for the purpose of copying your custom modules directory to the PV. The following example uses Amazon EFS with Amazon EKS:

Create the namespace, persistent volume, and persistent volume claim

Make sure you've already set up your EFS filesystem and installed the EFS CSI driver on your cluster. You will also need your EFS filesystem ID for the PV's spec.csi.volumeHandle.

bash

$kubectl apply -f - <<EOF
$apiVersion: v1
$kind: Namespace
$metadata:
$  name: newrelic
$
$---
$kind: StorageClass
$apiVersion: storage.k8s.io/v1
$metadata:
$  name: efs-sc
$provisioner: efs.csi.aws.com
$
$---
$apiVersion: v1
$kind: PersistentVolume
$metadata:
$  name: custom-modules-pvc
$spec:
$  capacity:
$    storage: 5Gi
$  volumeMode: Filesystem
$  accessModes:
$    - ReadWriteMany
$  persistentVolumeReclaimPolicy: Retain
$  storageClassName: efs-sc
$  csi:
$    driver: efs.csi.aws.com
$    volumeHandle: <your-efs-filesystem-id>
$
$---
$apiVersion: v1
$kind: PersistentVolumeClaim
$metadata:
$  name: custom-modules-pvc
$  namespace: newrelic
$spec:
$  accessModes:
$    - ReadWriteMany
$  storageClassName: efs-sc
$  resources:
$    requests:
$      storage: 5Gi
$EOF

Switch to the newrelic namespace in your ~/.kube/config.

bash

$kubectl config get-contexts
$kubectl config set-context YOUR_CONTEXT --namespace=newrelic
$kubectl config view --minify | grep namespace:

At this point, the PVC should be bound to the PV with RWX access mode.

bash

$kubectl get pv,pvc
NAME                                  CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                         STORAGECLASS   VOLUMEATTRIBUTESCLASS   REASON   AGE
persistentvolume/custom-modules-pvc   5Gi        RWX            Retain           Bound    newrelic/custom-modules-pvc   efs-sc         <unset>                          4m46s
NAME                                       STATUS   VOLUME               CAPACITY   ACCESS MODES   STORAGECLASS   VOLUMEATTRIBUTESCLASS   AGE
persistentvolumeclaim/custom-modules-pvc   Bound    custom-modules-pvc   5Gi        RWX            efs-sc         <unset>                 4m10s

Create `mount-custom-mods-pod` to copy your custom-modules directory

bash

$kubectl apply -f - <<EOF
$apiVersion: v1
$kind: Pod
$metadata:
$  name: mount-custom-mods-pod
$spec:
$  containers:
$  - name: mount-custom-mods-pod
$    image: nginx
$    resources:
$      requests:
$        memory: "64Mi"
$        cpu: "250m"
$      limits:
$        memory: "128Mi"
$        cpu: "500m"
$    volumeMounts:
$      - mountPath: "/var/lib/newrelic/synthetics/modules"
$        name: custom-modules-storage
$  volumes:
$  - name: custom-modules-storage
$    persistentVolumeClaim:
$      claimName: custom-modules-pvc
$EOF

At this point, the mount-custom-mods-pod should be created and configured to use the volume.

bash

$kubectl describe po mount-custom-mods-pod | grep -A4 Volumes:
Volumes:
  custom-modules-storage:
    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
    ClaimName:  custom-modules-pvc
    ReadOnly:   false

Check events for any warnings related to the PV, PVC, or mount-custom-mods-pod.

bash

$kubectl get events --field-selector type=Warning --sort-by='.lastTimestamp'

Copy your custom-modules directory to the PV

It's not necessary to copy node_modules as it will be generated by the SJM on npm install.

bash

$cd custom-modules
$rm -rf node_modules && cd ..

Check that the mount-custom-mods-pod is running.

bash

$kubectl get po
NAME                    READY   STATUS    RESTARTS   AGE
mount-custom-mods-pod   1/1     Running   0          5m43s

Copy to the PV.

bash

$kubectl cp custom-modules newrelic/mount-custom-mods-pod:/var/lib/newrelic/synthetics/modules

Check that /var/lib/newrelic/synthetics/modules/custom-modules/package.json exists on the PV.

bash

$kubectl exec -it mount-custom-mods-pod -- bash
root@mount-custom-mods-pod:/# cd /var/lib/newrelic/synthetics/modules/
root@mount-custom-mods-pod:/var/lib/newrelic/synthetics/modules# ls -l
total 4
drwxr-xr-x 2 root root 6144 Jun 29 03:49 custom-modules
root@mount-custom-mods-pod:/var/lib/newrelic/synthetics/modules# ls -l custom-modules/
total 4
-rw-r--r-- 1 501 staff 299 Jun 29 03:49 package.json

Launch the SJM with custom modules feature enabled

Set values for persistence.existingClaimName and customNodeModules.customNodeModulesPath either in the command line or in a YAML file during installation. The customNodeModules.customNodeModulesPath value should specify the subpath on the Persistent Volume where your custom modules files exist. For example:

bash

$helm upgrade --install synthetics-job-manager newrelic/synthetics-job-manager -n newrelic --set global.persistence.existingClaimName=custom-modules-pvc --set global.customNodeModules.customNodeModulesPath=custom-modules --set synthetics.privateLocationKey=YOUR_PRIVATE_LOCATION_KEY
Release "synthetics-job-manager" does not exist. Installing it now.
NAME: synthetics-job-manager
LAST DEPLOYED: Fri Jun 28 16:53:28 2024
NAMESPACE: newrelic
STATUS: deployed
REVISION: 1
TEST SUITE: None

The custom-modules directory should now contain the installed packages in node_modules.

bash

$kubectl exec -it mount-custom-mods-pod -- bash
root@mount-custom-mods-pod:/# cd /var/lib/newrelic/synthetics/modules/
root@mount-custom-mods-pod:/var/lib/newrelic/synthetics/modules# ls -l custom-modules/
total 16
-rw-r--r--  1 root root   836 Jun 29 03:51 README
drwxr-xr-x 18 root root  6144 Jun 29 03:51 node_modules
-rw-r--r--  1  501 staff  299 Jun 29 03:49 package.json
-rw-r--r--  1 root root   190 Jun 29 03:51 package.json.shasum

If custom node modules are not detected, adjust permissions on the custom-modules directory and package.json file.

bash

$kubectl exec -it mount-custom-mods-pod -- bash
root@mount-custom-mods-pod:/# cd /var/lib/newrelic/synthetics/modules/
root@mount-custom-mods-pod:/var/lib/newrelic/synthetics/modules# chmod -R 777 custom-modules
root@mount-custom-mods-pod:/var/lib/newrelic/synthetics/modules# chown -R 2000:2000 custom-modules

To check if the modules were installed correctly or if any errors occurred, look for the following lines in the synthetics-job-manager container or pod logs:

2024-06-29 03:51:28,407{UTC} [main] INFO  c.n.s.j.p.options.CustomModules - Detected mounted path for custom node modules
2024-06-29 03:51:28,408{UTC} [main] INFO  c.n.s.j.p.options.CustomModules - Validating permission for custom node modules package.json file
2024-06-29 03:51:28,409{UTC} [main] INFO  c.n.s.j.p.options.CustomModules - Installing custom node modules...
2024-06-29 03:51:44,670{UTC} [main] INFO  c.n.s.j.p.options.CustomModules - Custom node modules installed successfully.

Now you can add "require('smallest');" into the script of monitors you send to this private location.

Change `package.json` for custom modules

In addition to local and hosted modules, you can utilize Node.js modules as well. To update the custom modules used by your SJM, make changes to the package.json file, and restart the SJM. During the reboot process, the SJM will recognize the configuration change and automatically perform cleanup and re-installation operations to ensure the updated modules are applied.

Caution

Local modules: While your package.json can include any local module, these modules must reside inside the tree under your custom module directory. If stored outside the tree, the initialization process will fail and you will see an error message in the docker logs after launching SJM.

Permanent data storage

Users may want to use permanent data storage to provide the user_defined_variables.json file or support custom node modules.

To set permanent data storage on Docker:

Create a directory on the host where you are launching the Job Manager. This is your source directory.
Launch the Job Manager, mounting the source directory to the target directory /var/lib/newrelic/synthetics.

Example:

bash

$docker run ... -v /sjm-volume:/var/lib/newrelic/synthetics:rw ...

To set permanent data storage on Podman:

Create a directory on the host where you are launching the Job Manager. This is your source directory.
Launch the Job Manager, mounting the source directory to the target directory /var/lib/newrelic/synthetics.

Example:

bash

$podman run ... -v /sjm-volume:/var/lib/newrelic/synthetics:rw,z ...

Kubernetes

To set permanent data storage on Kubernetes, the user has two options:

Provide an existing PersistentVolumeClaim (PVC) for an existing PersistentVolume (PV), setting the synthetics.persistence.existingClaimName configuration value. Example:
bash
```
$helm install ... --set synthetics.persistence.existingClaimName=sjm-claim ...
```
Provide an existing PersistentVolume (PV) name, setting the synthetics.persistence.existingVolumeName configuration value. Helm will generate a PVC for the user. The user may optionally set the following values as well:

synthetics.persistence.storageClass: The storage class of the existing PV. If not provided, Kubernetes will use the default storage class.
synthetics.persistence.size: The size for the claim. If not set, the default is currently 2Gi.

bash

$helm install ... --set synthetics.persistence.existingVolumeName=sjm-volume --set synthetics.persistence.storageClass=standard ...

Sizing considerations

To ensure your private location runs efficiently, you must provision enough CPU resources on your host to handle your monitoring workload. Many factors impact sizing, but you can quickly estimate your needs. You'll need 1 CPU core for each heavyweight monitor (i.e., simple browser, scripted browser, or scripted API monitor). Below are two formulas to help you calculate the number of cores you need, whether you're diagnosing a current setup or planning for a future one.

Formula 1: Diagnosing an Existing Location

If your current private location is struggling to keep up and you suspect jobs are queuing, use this formula to find out how many cores you actually need. It's based on the observable performance of your system.

C_{est} = (R_{proc} + R_{growth}) \cdot D_{avg,m}

$C_{est}$ = Estimated CPU Cores.
$R_{proc}$ = The rate of heavyweight jobs being processed per minute.
$R_{growth}$ = The rate your jobManagerHeavyweightJobs queue is growing per minute.
$D_{avg,m}$ = The average duration of heavyweight jobs in minutes.

This formula calculates your true job arrival rate by adding the jobs your system is processing to the jobs that are piling up in the queue. Multiplying this total load by the average job duration tells you exactly how many cores you need to clear all the work without queuing.

Formula 2: Forecasting a New or Future Location

If you're setting up a new private location or planning to add more monitors, use this formula to forecast your needs ahead of time.

C_{est} = N_{mon} \cdot D_{avg,m} \cdot \frac{1}P_{avg,m}

$C_{est}$ = Estimated CPU Cores.
$N_{mon}$ = The total number of heavyweight monitors you plan to run.
$D_{avg,m}$ = The average duration of a heavyweight job in minutes.
$P_{avg,m}$ = The average period for heavyweight monitors in minutes (e.g., a monitor that runs every 5 minutes has $P_{avg,m} = 5$ ).

This calculates your expected workload from first principles: how many monitors you have, how often they run, and how long they take.

Important sizing factors

When using these formulas, remember to account for these factors:

Job duration ( $D_{avg,m}$ ): Your average should include jobs that time out (often 3 minutes), as these hold a core for their entire duration.
Job failures and retries: When a monitor fails, it's automatically retried. These retries are additional jobs that add to the total load. A monitor that consistently fails and retries effectively multiplies its period, significantly impacting throughput.
Scaling out: In addition to adding more cores to a host (scaling up), you can deploy additional synthetics job managers with the same private location key to load balance jobs across multiple environments (scaling out).

It's important to note that a single Synthetics Job Manager (SJM) has a throughput limit of approximately 15 heavyweight jobs per minute. This is due to an internal threading strategy that favors the efficient competition of jobs across multiple SJMs over the raw number of jobs processed per SJM. If your calculations indicate a need for higher throughput, you must scale out by deploying additional SJMs. You can check if your job queue is growing to determine if more SJMs are needed.

Adding more SJMs with the same private location key provides several advantages:

Load balancing: Jobs for the private location are distributed across all available SJMs.
Failover protection: If one SJM instance goes down, others can continue processing jobs.
Higher total throughput: The total throughput for your private location becomes the sum of the throughput from each SJM (e.g., two SJMs provide up to 30 jobs/minute).

NRQL queries for diagnosis

You can run these queries in the query builder to get the inputs for the diagnostic formula. Make sure to set the time range to a long enough period to get a stable average.

1. Find the rate of jobs processed per minute ( $R_{proc}$ ): This query counts the number of non-ping (heavyweight) jobs completed over the last day and shows the average rate per minute.

FROM SyntheticCheck
SELECT rate(uniqueCount(id), 1 minute) AS 'job rate per minute'
WHERE location = 'YOUR_PRIVATE_LOCATION' AND type != 'SIMPLE'
SINCE 1 day ago

2. Find the rate of queue growth per minute ( $R_{growth}$ ): This query calculates the average per-minute growth of the jobManagerHeavyweightJobs queue on a time series chart. A line above zero indicates the queue is growing, while a line below zero means it's shrinking.

FROM SyntheticsPrivateLocationStatus
SELECT derivative(jobManagerHeavyweightJobs, 1 minute) AS 'queue growth rate per minute'
WHERE name = 'YOUR_PRIVATE_LOCATION'
TIMESERIES SINCE 1 day ago

Tip

Make sure to select the account where the private location exists. It's best to view this query as a time series because the derivative function can vary wildly. The goal is to get an estimate of the rate of queue growth per minute. Play with different time ranges to see what works best.

3. Find total number of heavyweight monitors ( $N_{mon}$ ): This query finds the unique count of heavyweight monitors.

FROM SyntheticCheck
SELECT uniqueCount(monitorId) AS 'monitor count'
WHERE location = 'YOUR_PRIVATE_LOCATION' AND type != 'SIMPLE'
SINCE 1 day ago

4. Find average job duration in minutes ( $D_{avg,m}$ ): This query finds the average execution duration of completed non-ping jobs and converts the result from milliseconds to minutes. executionDuration represents the time the job took to execute on the host.

FROM SyntheticCheck
SELECT average(executionDuration)/60e3 AS 'avg job duration (m)'
WHERE location = 'YOUR_PRIVATE_LOCATION' AND type != 'SIMPLE'
SINCE 1 day ago

5. Find average heavyweight monitor period ( $P_{avg,m}$ ): If the private location's jobManagerHeavyweightJobs queue is growing, it isn't accurate to calculate the average monitor period from existing results. This will need to be estimated from the list of monitors on the Synthetic Monitors page. Make sure to select the correct New Relic account and you may need to filter by privateLocation.

Tip

Synthetic monitors may exist in multiple sub accounts. If you have more sub accounts than can be selected in the query builder, choose the accounts with the most monitors.

Note about ping monitors and the `pingJobs` queue

Ping monitors are different. They are lightweight jobs that do not consume a full CPU core each. Instead, they use a separate queue (pingJobs) and run on a pool of worker threads.

While they are less resource-intensive, a high volume of ping jobs, especially failing ones, can still cause performance issues. Keep these points in mind:

Resource model: Ping jobs utilize worker threads, not dedicated CPU cores. The core-per-job calculation does not apply to them.
Timeout and retry: A failing ping job can occupy a worker thread for up to 60 seconds. It first attempts an HTTP HEAD request (30-second timeout). If that fails, it immediately retries with an HTTP GET request (another 30-second timeout).
Scaling: Although the sizing formula is different, the same principles apply. To handle a large volume of ping jobs and keep the pingJobs queue from growing, you may need to scale up and/or scale out. Scaling up means increasing cpu and memory resources per host or namespace. Scaling out means adding more instances of the ping runtime. This can be done by deploying more job managers on more hosts, in more namespaces, or even within the same namespace. Alternatively, the ping-runtime in Kubernetes allows you to set a larger number of replicas per deployment.

Each runtime used by the Kubernetes and OpenShift synthetic job manager can be sized independently by setting values in the helm chart. The node-api-runtime and node-browser-runtime are sized independently using a combination of the parallelism and completions settings.

The parallelism setting controls how many pods of a particular runtime run concurrently.
The completions setting controls how many pods must complete before the CronJob starts another Kubernetes Job for that runtime.

Best practices for sizing your deployment

It's often not possible to precisely calculate the needed parallelism and completions values because the average duration as seen in New Relic might not be accurate, especially if the existing private location is not working well. Follow this practical approach to dial in parallelism and completions. The equations below can be used to get ballpark values to start from.

1. Estimate completions and parallelism

Do your best to estimate the average execution duration and number of jobs per 5 minutes. This provides you with a ballpark starting point for the next step, which will involve trial and error to tune the parallelism and completions values in a working cluster. Make sure to scale them proportionally, for example, going from the defaults of 1 and 6 to 10 and 60.

Estimated Completions: This determines how long your 5-minute job load will take to complete.

-- Get average execution duration in minutes
FROM SyntheticCheck
SELECT average(executionDuration / 60e3) AS 'Avg Duration (min)'
WHERE type != 'SIMPLE' AND location = 'YOUR_PRIVATE_LOCATION'
SINCE 1 hour ago

Completions = \frac{5}D_{avg,m}

Where $D_{avg,m}$ is your average job execution duration in minutes.

Estimated Parallelism: This determines how many workers (pods) you need running concurrently to handle your 5-minute job load.

-- Get jobs per 5 minutes
FROM SyntheticCheck
SELECT rate(uniqueCount(id), 5 minutes) AS 'Number of monitor jobs per 5 minutes'
WHERE type != 'SIMPLE' AND location = 'YOUR_PRIVATE_LOCATION'
SINCE 1 hour ago

P_{est} = \frac{N_m}{Completions}

Where $N_m$ is your number of jobs per 5 minutes. This $P_{est}$ value is your estimated parallelism.

2. Perform a Helm deploy

Perform a Helm deploy with estimated parallelism and completions values, and your best guess for ping-runtime.replicaCount given the number of cpu cores per node and the number of ping monitors that need to run per minute.

3. Monitor queue growth

With the synthetic monitors configured to send jobs to the private location, check for queue growth on a timeseries line chart for pingJobs and jobManagerHeavyweightJobs.

If the pingJobs queue has a positive slope, increase ping-runtime.replicaCount and redeploy.
If the jobManagerHeavyweightJobs queue has a positive slope, increase parallelism and completions proportionally until the queue is no longer growing (negative slope).

A negative slope indicates that the job manager has enough parallelism to handle the job demand. It will eventually reach zero with a negative slope.

FROM SyntheticsPrivateLocationStatus
SELECT average(jobManagerHeavyweightJobs) AS 'Heavyweight Queue Growth', average(pingJobs) AS 'Ping Queue Growth'
WHERE name = 'YOUR_PRIVATE_LOCATION'
SINCE 1 day ago TIMESERIES

4. Tune based on pod running state

With the queue decreasing or at zero, check for node-api-runtime and node-browser-runtime pods that are in a "running" state for 10+ minutes. This indicates that parallelism is set too high and there are more pods than needed.

To avoid wasting resources unnecessarily, decrease parallelism and completions to reduce the age of each "running" runtime pod. If targeting a Kubernets job age of 5 minutes, runtime pods should be in a running state for less than 5 minutes, meaning the pod was created, it quickly received a job to run and completed.

5. Scale out if necessary

If the queue is not decreasing, yet there are many pods in a "running" state for 10+ minutes, it's likely that the job manager is hitting its performance bottleneck. The next thing to do is decrease parallelism and scale out with one or more additional deployments.

For example, with parallelism: 100, completions: 600 the queue is still growing yet there are many pods in a "running" state for 10+ minutes, and the Kubernetes Job age is 20 minutes ... set parallelism: 50, completions: 200 and scale horizontally (out) by adding 2 additional deployments. This yields a total of 150 parallel pods and should reduce the K8s job age to less than 20 minutes while also reducing the number of long-lived "running" pods. Aim for a K8s job age of 5-10 minutes.

For more information on adding deployments, see Scaling out with multiple SJM deployments.

Tip

You can use the following query to help determine if you need to scale out.

Note: Monitors can exist in multiple sub-accounts.

-- monitors per minute per SJM
FROM SyntheticCheck SELECT
  round(rate(uniqueCount(id), 1 minute)/uniqueCount(minionId),0.1) AS 'heavy jobs per minute per SJM',
  uniqueCount(minionId) AS 'number of SJMs (namespaces)',
  round(rate(uniqueCount(id), 1 minute),0.1) AS 'heavy jobs per minute total'
WHERE minionContainerSystem = 'KUBERNETES' AND minionDeploymentMode = 'private' AND location = 'YOUR_PRIVATE_LOCATION' AND type != 'SIMPLE' FACET location SINCE 1 hour ago TIMESERIES

Tip

Reducing the number of K8s job cycles can also improve performance. As each cycle reaches the set number of completions, there are fewer and fewer "running" pods to take on new Synthetics jobs. For example, with completions set to 200 and parallelism set to 50, we initially have 50 running pods, but this starts to decrease as we pass 150 completions. At 199 completions, only 1 running pod remains.

Setting a larger value for completions is not a bad idea, but it can lead to warning events in K8s about TooManyMissedTimes for the cronjob.

Scaling out with multiple SJM deployments

To scale beyond the 15 jobs/minute throughput of a single SJM, you must install multiple, separate SJM Helm releases.

Important

Do not use replicas to scale the job manager pod. The SJM architecture requires a 1:1 relationship between a runtime pod and its parent SJM pod. If runtime pods send results back to the wrong SJM replica (e.g., through a Kubernetes service), those results will be lost. However, ping-runtime.replicaCount is okay to use.

The correct strategy is to deploy multiple SJM instances, each as its own Helm release. Each SJM will compete for jobs from the same private location, providing load balancing, failover protection, and an increased total job throughput.

Horizontal scaling strategy

If you need to scale out, you can simplify maintenance by treating each SJM deployment as a fixed-capacity unit.

Set Parallelism: For each SJM, set parallelism to the same maximum that a single SJM can handle without creating too many long-lived "running" runtime pods. This maximizes the potential throughput of each SJM without wasting resources.
Set Completions: For each SJM, set completions to the same fixed value as well. Adjust as needed to target a 5 minute Kubernetes job age per runtime, i.e., node-browser-runtime and node-api-runtime.
Install Releases: Install as many separate Helm releases as you need to handle your total job demand, i.e., get the queue to zero or line chart to a negative slope.
Monitor and Add: Monitor the private location job queue. If it starts to grow (positive slope), simply install another Helm release (e.g., sjm-delta) using the same fixed configuration.

By fixing parallelism and completions to static values, increasing or decreasing capacity becomes a simpler process of adding or removing Helm releases. This helps to avoid wasting cluster resources on a parallelism value that is higher than the SJM can effectively utilize.

Installation example

When installing multiple SJM releases, you must provide a unique name for each release. All instances must be configured with the same private location key.

Setting the fullnameOverride is highly recommended to create shorter, more manageable resource names. For example, to install two SJMs named sjm-alpha and sjm-beta into the newrelic namespace (both using the same values.yaml with your fixed parallelism and completions):

bash

$# Install the first SJM deployment
$helm upgrade --install sjm-alpha newrelic/synthetics-job-manager \
>  -n newrelic \
>  -f values.yaml \
>  --set fullnameOverride=sjm-alpha \
>  --set ping-runtime.fullnameOverride=sjm-alpha-ping \
>  --set node-api-runtime.fullnameOverride=sjm-alpha-api \
>  --set node-browser-runtime.fullnameOverride=sjm-alpha-browser

bash

$# Install the second SJM deployment to add capacity
$helm upgrade --install sjm-beta newrelic/synthetics-job-manager \
>  -n newrelic \
>  -f values.yaml \
>  --set fullnameOverride=sjm-beta \
>  --set ping-runtime.fullnameOverride=sjm-beta-ping \
>  --set node-api-runtime.fullnameOverride=sjm-beta-api \
>  --set node-browser-runtime.fullnameOverride=sjm-beta-browser

You can continue this pattern (sjm-charlie, sjm-delta, etc.) for as many SJMs as needed to keep the job queue from growing.

Configuration using environment variables .css-21sua1{background:none;border:none;width:0;padding:0;}

Podman environment configuration

Kubernetes environment configuration

OpenShift environment configuration

User-defined variables for scripted monitors

Mounting JSON file

Passing as an environment variable

Accessing user-defined environment variables from scripts

Caution

Custom node modules

Set up your custom modules directory

Example

Add your custom modules directory to the SJM for Docker, Podman, or Kubernetes

Docker

Podman

Kubernetes

Change package.json for custom modules

Caution

Permanent data storage

For Docker

For Podman

For Kubernetes

Sizing considerations

For Docker and Podman

For Kubernetes and OpenShift

Configuration using environment variables

Change `package.json` for custom modules