You are here
Kubernetes Pod Monitoring
This Host Template is part of the Kubernetes Pod Monitoring Opspack
Host Template: Application - Kubernetes - Pod
Monitor your Kubernetes pod with detailed metrics.
This Host Template includes the following Service Checks:
| Service Check Name | Description | Default Thresholds (Warning, Critical) | UOM |
|---|---|---|---|
| Kubernetes - Pod - CPU Usage | The amount of virtual CPU resources, measured in MilliCores, currently being used by the pod. | N/A | n |
| Kubernetes - Pod - Phase | High level summary of where the pod is in its lifetime; Pending, Running, Succeeded, Failed or Unknown. | N/A | N/A |
| Kubernetes - Pod - Memory Usage | The current memory usage and capacity of the pod, in bytes. | N/A | B |
| Kubernetes - Pod - Ephemeral Storage Usage | Cumulative count of bytes read and written in the ephemeral storage for this pod. | N/A | B |
| Kubernetes - Pod - Volume Usage | Cumulative count of bytes read and written in the volumes for this pod. | N/A | B |
| Kubernetes - Pod - Network Bytes | Cumulative count of bytes received and sent. | N/A | B |
| Kubernetes - Pod - Network Errors | Cumulative count of errors encountered during network usage. | N/A | N/A |
Usage Instructions
This host template requires the Opsview READ-ONLY service account to be added to your cluster.
To access live usage metrics, you will need to install metrics-server on your cluster.
Step 1: Add this Host Template
Add the Application - Kubernetes - Pod Host Template to your Opsview Monitor host. If the resource you're monitoring has no hostname or public IP, then open the Advanced settings pane and change Host Check Command to Always assumed to be UP.
For more information, refer to Opsview Knowledge Center - Adding Host Templates to Hosts.
Step 2: Add and configure variables required for this Host Template
The Service Checks in this Host Template use the following variables, and they will be added to your Opsview Monitor instance when you import the Opspack:
Authentication variables
This Host Template supports client authentication using bearer tokens and X509 client certificates.
Authentication using bearer tokens
If authenticating using bearer tokens, specify the Kubernetes API Bearer Token argument in the KUBERNETES_CLUSTER_DETAILS variable. Optionally, to enable server certificate validation, provide the CA Certificate Path argument in the KUBERNETES_CERTIFICATES variable.
Authentication using X509 client certificates
If authenticating using client certificates, specify the Client Certificate Path and Client Key Path arguments in the KUBERNETES_CERTIFICATES variable. When authenticating using client certificates, server certificate validation is required. To enable this, provide the CA Certificate Path argument in the KUBERNETES_CERTIFICATES variable.
KUBERNETES_CLUSTER_DETAILS
The Value is not used and therefore can be set to anything. Override the arguments with your Cluster Details.Run kubectl config view from your master node shell to see the API server address.The bearer token is created when creating the Opsview read-only service account, see the 'Installing Metrics Server' section for more information.
| Parameter | Position in Variable | Name | Description |
|---|---|---|---|
| --api-server-address | Arg1 | Kubernetes API Server Address | Server address and port number of your Kubernetes API server.This will consist of https://your.server.address.number:port-number |
| --bearer-token | Arg2 | Kubernetes API Bearer Token | Bearer token of your READ-ONLY service account. |
KUBERNETES_POD_NAME
The Value is not user and therefore can be set to anything. Override the argument with the name of your pod.Run kubectl get pods --all-namespaces from your cluster master to see available pods.
| Parameter | Position in Variable | Name | Description |
|---|---|---|---|
| --pod-name | Arg1 | Kubernetes Pod Name | The name of the individual pod you wish to monitor inside your Kubernetes cluster. |
KUBERNETES_NAMESPACE
The Value is not used and therefore can be set to anything. Override the argument with the name of your Namespace.Run kubectl describe namespace from your cluster master to see available namespaces.
| Parameter | Position in Variable | Name | Description |
|---|---|---|---|
| --namespace | Arg1 | Kubernetes Namespace | The namespace you want to monitor inside your Kubernetes cluster. |
For more information, refer to Opsview Knowledge Center - Adding Variables to Hosts.
For mode-specific help, run the plugin with the -h -m <mode> flags. This will list the required and optional Variable Arguments for that mode. The appropriate mode for each Service Check is listed here:
| Service Check Name | Mode |
|---|---|
| Kubernetes - Pod - CPU Usage | K8.Pod.CPU |
| Kubernetes - Pod - Phase | K8.Pod.Phase |
| Kubernetes - Pod - Memory Usage | K8.Pod.Memory |
| Kubernetes - Pod - Ephemeral Storage Usage | K8.Pod.Storage |
| Kubernetes - Pod - Volume Usage | K8.Pod.Volumes |
| Kubernetes - Pod - Network Bytes | K8.Pod.NetworkBytes |
| Kubernetes - Pod - Network Errors | K8.Pod.NetworkErrors |
SSL Certificates
Additionally, if ssl verification is required, you can use the following variable to pass in your SSL certificates for use when connecting to the service provider to gather metrics:
KUBERNETES_CERTIFICATES
The Value is not used and therefore can be set to anything. Override the arguments with your certificate details. If you are using these certificates on a system that uses multiple clusters you can import your files by running as the opsview user /opt/opsview/orchestrator/bin/orchestratorimportscripts etc-certs /path/to/cert followed by an Apply Changes, which will set them up with the correct permissions in /opt/opsview/monitoringscripts/etc/certs on all Opsview collectors.
| Parameter | Position in Variable | Name | Description |
|---|---|---|---|
| --ca-path | Arg1 | CA Certificate Path | Path to the CA Certificate. Optional, only required if server verification is needed. |
| --client-cert | Arg2 | Client Certificate Path | Path to the Client Certificate. Optional, only required when using client certificates for authentication. |
| --client-key | Arg3 | Client Key Path | Path to the Client Key. Optional, only required when using client certificates for authentication. |
Step 3: Apply changes and the system will now be monitored
