1. Support
  2. Knowledge base
  3. Checkpoints
  4. Private Checkpoints (Docker containers)

Private Checkpoints (Docker containers)

We’re changing our user interface. Some info may not yet be up to date. Please check From classic to new UI.
Note: Uptrends' Docker Private Checkpoints are available in beta. If you would like to participate, feel free to open a support ticket on our website.

Uptrends features a vast network of over 229 global monitoring checkpoints, which can be configured to monitor your websites, servers, and web services so you can determine where a problem originates from. External checkpoints help you protect the user experience outside your firewall, and a Docker Private Checkpoint Beta helps you protect the user experience behind the firewall.

Overview

To conduct tests of your private infrastructure, Uptrends provides a container app with an Uptrends checkpoint on your network behind your firewall. You get full Uptrends functionality on the Private Checkpoint. Using the Uptrends application, you choose where each monitors' tests run: internal on your Private Checkpoint, external using Uptrends' global network of checkpoints, or on both.

The Private Checkpoint is visible and available to conduct tests for your monitors only. While the tests take place on your network, all other activity such as scheduling, alerting, and reporting happens in the Uptrends cloud application, and Uptrends stores your monitor definitions and test data in one of two data centers located in the Netherlands.

Your Private Checkpoint is exclusive to your Uptrends account and for your use only. You can run the same types of monitors internally to check your non-Internet facing infrastructure such as:

  • Intranet
  • Internal web-enabled business applications
  • Web services (APIs)
  • Acceptance and other preproduction environments
  • Basic infrastructure uptime monitoring for servers including database servers, email servers, and SFTP servers

How does a Private Checkpoint work?

A Private Checkpoint uses at least two Windows Docker container applications running on your container platform connected to your network. These applications only have access to the monitored infrastructure on your network, and you’ll need to isolate the Docker apps from the rest of your network. Uptrends provides the software running on these containerized checkpoints, while you keep the supporting hardware and infrastructure running.

The Uptrends monitoring system uses a central command and control system, the cloud platform. The cloud platform has your monitoring definitions, and it decides where and when the next monitor check should take place based on your checkpoint choice. When you configure a monitor to use a Private Checkpoint, Uptrends picks one of the container applications to conduct the monitor check. The container app runs the tests and reports back to Uptrends. Uptrends processes and stores the resulting data from the test ran on your Private Checkpoint. If Uptrends detects an error, it immediately tests again on the other Docker app. If the monitor detects an error the second time, Uptrends issues an alert from the cloud (See Private checkpoint architecture below).

If your checkpoint becomes completely unavailable for any reason, Uptrends issues an error to let you know that your Private Checkpoint has gone down. Some reasons downtime may happen include:

  • The Private Checkpoint loses its internet connection.
  • All your container apps use the same hosting platform, and that platform experiences an outage.

  1. Outbound HTTPS (including WebSockets) connectivity to the Uptrends cloud platform for command and control, to retrieve monitor definitions and sending back results. The outbound WebSockets connection will be used to receive commands and will be open for a long period of time. Whitelisted for four Uptrends locations.
  2. Outbound HTTPS connectivity to retrieve container updates with checkpoint and browser updates.
  3. Outbound internet connectivity to validate the revocation status of used certificates.
  4. Connectivity from the Uptrends Private Checkpoint to the monitored infrastructure, with blocked connectivity to all other parts of the platform.

How do I get a Private Checkpoint?

Once you’ve decided to monitor your internal infrastructure with a Docker Private Checkpoint Beta you need to do two things:

  • Contact your Monitoring Consultant to discuss your needs. You can open a support ticket on our website for a fast response.
  • Provide Uptrends with a single point of contact who takes care of setup and configuration on your side.

Once the infrastructure is in place, it will take Uptrends up to five working days to set up and test your new Private Checkpoint.

If you have any questions along the way, please don’t hesitate to ask using our support ticket system at our contact page.

Discussions with you and the decisions made will be logged in our support ticketing system. You can review the discussions, make comments, and ask questions directly to the support engineer assigned to your ticket.

Security concerns?

Although Uptrends applies industry best practices and due diligence for security matters, the responsibility for the impact of the Private Checkpoint on the client’s network falls on the customer.

Uptrends' requirements and responsibility

  • Provides Private Checkpoints containers with up-to-date software.
  • Encrypts all traffic to and from the customer’s platform.
  • Keep the software and external components (like Windows and web browsers) up to date.
  • Provides information for whitelisting

The customer’s responsibility

  • Use up-to-date Private Checkpoint containers.
  • Apply firewall rules to allow access to the infrastructure that needs monitoring only.
  • Use accounts in their monitoring with limited exposure to the platform.
  • Use virus scanning etc. where applicable.
  • Apply, when needed, extra safeguards (e.g., when a transaction does a repeated money transfer).
  • Update the Docker host and containers preferably every day but at least every two weeks to make sure the most recent browser versions are in use and the latest security patches have been applied.

Required capacity

Uptrends only uses your Private Checkpoint for your monitors. The required capacity depends on the sort of monitoring running on the Private Checkpoint.

Non-browser-based monitoring, like HTTPS, connect, ping, and Multi-step API mainly have an impact on the available network capacity. Browser-based monitors mainly have an impact on server capacity (CPU, memory, disk I/O).

Typical capacity for a recommended Private Checkpoint setup is:

  • 20 Transactions at 5-minute intervals,
  • 20 Full Page Checks at 5-minute intervals, and
  • 100 Basic Monitors at 1-minute intervals.

Please note that this leaves room for:

  • Confirming unconfirmed errors, and
  • Maintenance of the Docker host and the containers.

Host configuration

Set up your hosting system to run our Windows-based Docker containers. In our knowledge base article How to install a Docker Private Checkpoint, you will find a manual for setting up Windows 2019 server as a host operating system. Other hosting options include Azure or AWS.

Container configuration

The steps to set up and start a Docker Private Checkpoint are also described in this knowledge base article on our Support website: How to install a Docker Private Checkpoint.Beta

By using the Uptrends website, you consent to the use of cookies in accordance with our Cookie Policy.