You are here

Kubernetes Cluster Monitoring

Requires Opsview Cloud or Opsview Monitor 6.3

This Host Template is part of the Kubernetes Cluster Monitoring Opspack

check_circle
Opsview Supported

Host Template: Application - Kubernetes - Cluster

Monitor your Kubernetes cluster with collective metrics for nodes and pods.

This Host Template includes the following Service Checks:

Service Check Name Description Default Thresholds (Warning, Critical) UOM
Kubernetes - Cluster - File Descriptors Summary of the open file descriptors against the total number available. file_descriptor_usage=70,90 %
Kubernetes - Cluster - HTTP Stats Summary of the HTTP requests made, divided based on their status codes. N/A N/A
Kubernetes - Cluster - Process Time Total amount of user and system CPU time spent in seconds. N/A s
Kubernetes - Cluster - ETCD Helper Stats Number of ETCD Cache hits and misses. cache_hit_percentage=25:,10: %
Kubernetes - Cluster - Namespaces High level summary of the namespaces in the Active state on this cluster. namespaces_inactive=0,0 N/A
Kubernetes - Cluster - Nodes High level summary of the of the nodes in Ready status on this cluster. nodes_not_running=0,0 N/A

Usage Instructions

This host template requires the Opsview READ-ONLY service account to be added to your cluster.

To access live usage metrics, you will need to install metrics-server on your cluster.

Step 1: Add this Host Template

Add the Application - Kubernetes - Cluster Host Template to your Opsview Monitor host. If the resource you're monitoring has no hostname or public IP, then open the Advanced settings pane and change Host Check Command to Always assumed to be UP.

For more information, refer to Opsview Knowledge Center - Adding Host Templates to Hosts.

Step 2: Add and configure variables required for this Host Template

The Service Checks in this Host Template use the following variables, and they will be added to your Opsview Monitor instance when you import the Opspack:

Authentication variables

This Host Template supports client authentication using bearer tokens and X509 client certificates.

Authentication using bearer tokens

If authenticating using bearer tokens, specify the Kubernetes API Bearer Token argument in the KUBERNETES_CLUSTER_DETAILS variable. Optionally, to enable server certificate validation, provide the CA Certificate Path argument in the KUBERNETES_CERTIFICATES variable.

Authentication using X509 client certificates

If authenticating using client certificates, specify the Client Certificate Path and Client Key Path arguments in the KUBERNETES_CERTIFICATES variable. When authenticating using client certificates, server certificate validation is required. To enable this, provide the CA Certificate Path argument in the KUBERNETES_CERTIFICATES variable.

KUBERNETES_CLUSTER_DETAILS

The Value is not used and therefore can be set to anything. Override the arguments with your Cluster Details.Run kubectl config view from your master node shell to see the API server address.The bearer token is created when creating the Opsview read-only service account, see the 'Installing Metrics Server' section for more information.

Parameter Position in Variable Name Description
--api-server-address Arg1 Kubernetes API Server Address Server address and port number of your Kubernetes API server.This will consist of https://your.server.address.number:port-number
--bearer-token Arg2 Kubernetes API Bearer Token Bearer token of your READ-ONLY service account.

For more information, refer to Opsview Knowledge Center - Adding Variables to Hosts.

For mode-specific help, run the plugin with the -h -m <mode> flags. This will list the required and optional Variable Arguments for that mode. The appropriate mode for each Service Check is listed here:

Service Check Name Mode
Kubernetes - Cluster - File Descriptors K8.Cluster.FileDescriptors
Kubernetes - Cluster - HTTP Stats K8.Cluster.HTTP
Kubernetes - Cluster - Process Time K8.Cluster.ProcessTime
Kubernetes - Cluster - ETCD Helper Stats K8.Cluster.ETCD
Kubernetes - Cluster - Namespaces K8.Cluster.Namespaces
Kubernetes - Cluster - Nodes K8.Cluster.Nodes

SSL Certificates

Additionally, if ssl verification is required, you can use the following variable to pass in your SSL certificates for use when connecting to the service provider to gather metrics:

KUBERNETES_CERTIFICATES

The Value is not used and therefore can be set to anything. Override the arguments with your certificate details. If you are using these certificates on a system that uses multiple clusters you can import your files by running as the opsview user /opt/opsview/orchestrator/bin/orchestratorimportscripts etc-certs /path/to/cert followed by an Apply Changes, which will set them up with the correct permissions in /opt/opsview/monitoringscripts/etc/certs on all Opsview collectors.

Parameter Position in Variable Name Description
--ca-path Arg1 CA Certificate Path Path to the CA Certificate. Optional, only required if server verification is needed.
--client-cert Arg2 Client Certificate Path Path to the Client Certificate. Optional, only required when using client certificates for authentication.
--client-key Arg3 Client Key Path Path to the Client Key. Optional, only required when using client certificates for authentication.

Step 3: Apply changes and the system will now be monitored

Kubernetes Cluster Service Checks