After you install ack-onepilot, Application Real-Time Monitoring Service (ARMS) monitors your Java application deployed in Container Service for Kubernetes (ACK) or Container Compute Service (ACS). You can view the monitoring data, such as the application topology, interface calls, and abnormal and slow transactions. This topic describes how to install an ARMS agent for a Java application deployed in ACK or ACS.
Introduction to ack-onepilot
The Application Monitoring component ack-onepilot is an agent installation assistant which installs the ARMS agents for various languages. It automatically prepares ARMS agent packages and sets up the environment for agents to report data in a container environment. For information about the working principles of ack-onepilot, see Working principles of the ack-onepilot component.
To ensure your optimal user experience, after you install the ARMS agent, the ack-onepilot component automatically updates the agent to the latest version when your application restarts, following the release of a new agent version. If you do not want to automatically update the agent with each new release, you can manually control the agent version.
The old component arms-pilot is no longer maintained. You can install the new component ack-onepilot to monitor your application. The ack-onepilot component is fully compatible with arms-pilot. You can seamlessly install ack-onepilot without the need to modify application configurations. For more information, see How do I uninstall arms-pilot and install ack-onepilot?
Prerequisites
An ACK or ACS cluster is created.
ACK cluster: You can create an ACK managed cluster, ACK dedicated cluster, or ACK Serverless cluster, or a registered cluster, based on your business requirements.
ACS cluster: For information about how to create an ACS cluster, see Create an ACS cluster.
A namespace is created in the cluster. For more information, see Manage namespaces and resource quotas. The namespace used in this example is arms-demo.
The version of the JDK is supported by Application Monitoring. For more information, see Java components and frameworks supported by ARMS.
The maximum heap memory of the process is greater than 256 MB.
Procedure
The procedure for installing an ARMS agent on an application deployed in ACK is the same as that for an application deployed in ACS. The following uses the ACK environment as an example.
Step 1: Install ack-onepilot
Log on to the ACK console. On the Clusters page, click the name of the cluster.
In the left-side navigation pane, choose . On the Add-ons page, search for ack-onepilot.
Click Install on the ack-onepilot card.
NoteBy default, the ack-onepilot component supports 1,000 pods. For every additional 1,000 pods in the cluster, you need to add 0.5 CPU cores and 512 MB memory for the component.
In the dialog box that appears, configure the parameters and click OK. We recommend that you use the default values.
NoteAfter you install ack-onepilot, you can upgrade, configure, or uninstall it on the Add-ons page.
Step 2: Grant access permissions on ARMS resources
ACK managed cluster
If ARMS Addon Token does not exist in your ACK managed cluster, perform the following steps to authorize the cluster to access ARMS. If ARMS Addon Token exists, go to Step 3.
If a cluster has ARMS Addon Token, ARMS performs password-free authorization on the cluster. ARMS Addon Token may not exist in some ACK managed clusters. We recommend that you check whether an ACK managed cluster has ARMS Addon Token before you use ARMS to monitor applications in the cluster. If the cluster has no ARMS Addon Token, you must manually authorize the cluster to access ARMS.
ACK dedicated cluster/registered cluster
To monitor an application deployed in an ACK dedicated cluster or registered cluster, make sure that the AliyunARMSFullAccess and AliyunSTSAssumeRoleAccess permissions are granted to the Alibaba Cloud account. For more information about how to grant permissions to a RAM user, see Grant permissions to a RAM user.
After you install the ack-onepilot component, you must enter the AccessKey ID and AccessKey secret of the Alibaba Cloud account in the configuration file of ack-onepilot.
In the left-side navigation pane, choose
. Then, click Update next to ack-onepilot.Replace
accessKey
andaccessKeySecret
with the AccessKey ID and AccessKey secret of the Alibaba Cloud account and click OK.NoteFor more information about how to obtain an AccessKey pair, see Create an AccessKey pair.
The AccessKey secret of an Alibaba Cloud account is displayed only when you create the AccessKey pair for the Alibaba Cloud account. You cannot query the AccessKey secret in subsequent operations. This helps reduce the risks of AccessKey pair leaks. Record the AccessKey secret and keep it confidential.
Restart the Deployment.
ASK/ECI cluster
To monitor applications in an ACK Serverless (ASK) cluster or applications in a Kubernetes cluster connected to Elastic Container Instance, you must first authorize the cluster to access ARMS on the Cloud Resource Access Authorization page. Then, restart all pods on which the ack-onepilot component is deployed.
Step 3: Enable Application Monitoring for the application
The following YAML template shows how to create a Deployment and enable Application Monitoring for the application:
Log on to the ACK console. In the left-side navigation pane, click Clusters.
On the Clusters page, find the cluster that you want to manage and click its name. In the left-side pane, choose .
On the Deployments page, choose in the Actions column of the deployment that you want to manage.
In the YAML file, add the following labels to
spec.template.metadata
:labels: armsPilotAutoEnable: "on" armsPilotCreateAppName: "<your-deployment-name>" # Replace <your-deployment-name> with the actual application name. armsSecAutoEnable: "on" # If you want to connect the application to Application Security, you must configure this parameter.
NoteFor information about Application Security, see What is Application Security?
For information about the billing rules of Application Security, see Billing.
Click Update.
On the Deployments page, find the application, and check whether the ARMS Console button appears in the Actions column.
FAQs
Why is the monitoring data abnormal after I change the cluster or namespace of an application?
How do I use ack-onepilot when a VPC connection cannot be established?
Why does an ARMS agent fail to be installed for an application in an ACK cluster?
Why are the suffixes of application names missing after I update the applications?