You are here
Host Template: Application - Kubernetes - Cluster
Monitor your Kubernetes cluster with collective metrics for nodes and pods.
This Host Template includes the following Service Checks:
Service Check Name | Description | Default Thresholds (Warning, Critical) | UOM |
---|---|---|---|
Kubernetes - Cluster - File Descriptors | Summary of the open file descriptors against the total number available. | file_descriptor_usage=70,90 | % |
Kubernetes - Cluster - HTTP Stats | Summary of the HTTP requests made, divided based on their status codes. | N/A | N/A |
Kubernetes - Cluster - Process Time | Total amount of user and system CPU time spent in seconds. | N/A | s |
Kubernetes - Cluster - ETCD Helper Stats | Number of ETCD Cache hits and misses. | cache_hit_percentage=25:,10: | % |
Kubernetes - Cluster - Namespaces | High level summary of the namespaces in the Active state on this cluster. | namespaces_inactive=0,0 | N/A |
Kubernetes - Cluster - Nodes | High level summary of the of the nodes in Ready status on this cluster. | nodes_not_running=0,0 | N/A |
Usage Instructions
This host template requires the Opsview READ-ONLY service account to be added to your cluster.
To access live usage metrics, you will need to install metrics-server on your cluster.
Step 1: Add this Host Template
Add the Application - Kubernetes - Cluster Host Template to your Opsview Monitor host. If the resource you're monitoring has no hostname or public IP, then open the Advanced settings pane and change Host Check Command to Always assumed to be UP.
For more information, refer to Opsview Knowledge Center - Adding Host Templates to Hosts.
Step 2: Add and configure variables required for this Host Template
The Service Checks in this Host Template use the following variables, and they will be added to your Opsview Monitor instance when you import the Opspack:
Authentication variables
This Host Template supports client authentication using bearer tokens and X509 client certificates.
Authentication using bearer tokens
If authenticating using bearer tokens, specify the Kubernetes API Bearer Token argument in the KUBERNETES_CLUSTER_DETAILS variable. Optionally, to enable server certificate validation, provide the CA Certificate Path argument in the KUBERNETES_CERTIFICATES variable.
Authentication using X509 client certificates
If authenticating using client certificates, specify the Client Certificate Path and Client Key Path arguments in the KUBERNETES_CERTIFICATES variable. When authenticating using client certificates, server certificate validation is required. To enable this, provide the CA Certificate Path argument in the KUBERNETES_CERTIFICATES variable.
KUBERNETES_CLUSTER_DETAILS
The Value is not used and therefore can be set to anything. Override the arguments with your Cluster Details.Run kubectl config view
from your master node shell to see the API server address.The bearer token is created when creating the Opsview read-only service account, see the 'Installing Metrics Server' section for more information.
Parameter | Position in Variable | Name | Description |
---|---|---|---|
--api-server-address | Arg1 | Kubernetes API Server Address | Server address and port number of your Kubernetes API server.This will consist of https://your.server.address.number:port-number |
--bearer-token | Arg2 | Kubernetes API Bearer Token | Bearer token of your READ-ONLY service account. |
For more information, refer to Opsview Knowledge Center - Adding Variables to Hosts.
For mode-specific help, run the plugin with the -h -m <mode>
flags. This will list the required and optional Variable Arguments for that mode. The appropriate mode for each Service Check is listed here:
Service Check Name | Mode |
---|---|
Kubernetes - Cluster - File Descriptors | K8.Cluster.FileDescriptors |
Kubernetes - Cluster - HTTP Stats | K8.Cluster.HTTP |
Kubernetes - Cluster - Process Time | K8.Cluster.ProcessTime |
Kubernetes - Cluster - ETCD Helper Stats | K8.Cluster.ETCD |
Kubernetes - Cluster - Namespaces | K8.Cluster.Namespaces |
Kubernetes - Cluster - Nodes | K8.Cluster.Nodes |
SSL Certificates
Additionally, if ssl verification is required, you can use the following variable to pass in your SSL certificates for use when connecting to the service provider to gather metrics:
KUBERNETES_CERTIFICATES
The Value is not used and therefore can be set to anything. Override the arguments with your certificate details. If you are using these certificates on a system that uses multiple clusters you can import your files by running as the opsview user /opt/opsview/orchestrator/bin/orchestratorimportscripts etc-certs /path/to/cert
followed by an Apply Changes, which will set them up with the correct permissions in /opt/opsview/monitoringscripts/etc/certs
on all Opsview collectors.
Parameter | Position in Variable | Name | Description |
---|---|---|---|
--ca-path | Arg1 | CA Certificate Path | Path to the CA Certificate. Optional, only required if server verification is needed. |
--client-cert | Arg2 | Client Certificate Path | Path to the Client Certificate. Optional, only required when using client certificates for authentication. |
--client-key | Arg3 | Client Key Path | Path to the Client Key. Optional, only required when using client certificates for authentication. |