Connect an application deployed in an open source Kubernetes cluster to ARMS Application Monitoring - Application Real-Time Monitoring Service

You can use Application Real-Time Monitoring Service (ARMS) to monitor applications that are deployed in Kubernetes clusters. ARMS allows you to monitor applications based on various performance metrics, such as the topology, API requests, abnormal transactions, slow transactions, and SQL analysis. This topic describes how to enable ARMS to monitor an application that is deployed in a Kubernetes cluster.

Note

This topic does not apply to Alibaba Cloud Container Service for Kubernetes (ACK) clusters. For information about how to install an ARMS agent in an ACK cluster, see Automatically install an ARMS agent in ACK.

Prerequisites

The version of the Kubernetes cluster is 1.18 or later.
The cluster is accessible over the Internet, or a network connection is established between an Alibaba Cloud virtual private cloud (VPC) and the cluster by using a Cloud Enterprise Network (CEN) instance.
The version of the JDK is supported by Application Monitoring. For more information, see Java components and frameworks supported by ARMS.
The maximum heap memory of the process is greater than 256 MB.

(Recommended) Method 1: Enable ARMS by using a registered Kubernetes cluster

Benefits of using a registered Kubernetes cluster:

More efficient O&M support.
More scaling capabilities, such as monitoring, logging, backup and restoration, security, and elastic resources on the cloud. For more information, see Overview of registered clusters.

Register a Kubernetes cluster in ACK One. For more information, see Create a registered cluster.
Install an ARMS agent (ack-onepilot component) for the registered Kubernetes cluster. For more information, see Enable ARMS for a registered cluster.

Method 2: Directly enable ARMS

Important

If you directly enable ARMS for the application, CPU, memory, disk, and network information of the Kubernetes cluster is not synchronized to ARMS. In addition, you cannot obtain the preceding information by installing a Prometheus agent for the cluster. The application instance details page of the ARMS console displays only the cluster data collected by ARMS. For more information, see Java application instance monitoring.

Step 1: Install Helm V3

Step 2: Install an ARMS agent

ARMS can monitor only the following two types of applications: Deployment and StatefulSet. To enable ARMS to monitor the Deployment application, perform the following steps.

Run the following wget command to download the ack-onepilot installation package.

 wget 'https://aliacs-app-catalog.oss-cn-hangzhou.aliyuncs.com/charts-incubator/ack-onepilot-3.3.2.tgz'

Run the following command to decompress the installation package.
```
tar xvf ack-onepilot-3.3.2.tgz                 
```
Edit the values.yaml file in the installation package. Modify the following parameters based on your business requirements and save the file.
```
registry: registry-__ACK_REGION_ID__.ack.aliyuncs.com/acs/
cluster_id: __ACK_CLUSTER_ID__
accessKey: __ACCESSKEY__
accessKeySecret: __ACCESSKEY_SECRET__
uid: "__ACK_UID__"
region_id: __ACK_REGION_ID__
```
- registry: the image address of the ack-onepilot component.
- cluster_id: the unique ID of the Kubernetes cluster. We recommend that you specify this parameter in the <uid>-<clusterid> format.
- accessKey and accessKeySecret: the AccessKey ID and AccessKey secret of your Alibaba Cloud account. For more information about how to obtain an AccessKey pair, see Create an AccessKey pair.
  Important
  You must make sure that the AliyunARMSFullAccess and AliyunSTSAssumeRoleAccess policies are attached to your Alibaba Cloud account.
- uid: the ID of your Alibaba Cloud account. To obtain the ID of your Alibaba Cloud account, move the pointer over the profile picture in the upper-right corner of the Alibaba Cloud Management Console.
- region_id: the region ID. For more information about the regions that support Application Monitoring, see Supported regions.
Install the ack-onepilot component.
Run the following command without opening the ack-onepilot installation package.
```
helm3 upgrade --install ack-onepilot ack-onepilot --namespace ack-onepilot --create-namespace
```

Step 3: Edit the YAML file of the application

Run the following command to view the YAML file of the Deployment application.
```
kubectl get deployment {Name of the Deployment application} -o yaml                             
```
Note
If you do not know the Name of the Deployment application, run the following command to view all Deployment applications. You can find the required Deployment application in the results. Then, view the YAML file of the application.
```
kubectl get deployments --all-namespace                
```

Run the following command to edit the YAML file of the Deployment application.

kubectl edit deployment {Name of the Deployment application} -o yaml

In the YAML file, add the following content to the spec.template.metadata parameter.

labels:
  armsPilotAutoEnable: "on"
  armsPilotCreateAppName: "<your-deployment-name>"    # Replace <your-deployment-name> with the actual application name. 
  armsSecAutoEnable: "on"    # If you want to connect the application to Application Security, you must configure this parameter.

Note

If a new version of the agent is released after the agent is installed, ack-onepilot automatically updates the agent to the latest version when the application restarts to optimize user experience. However, if you prefer to manage the agent version on your own, you can disable the automatic update feature. For more information, see Control the agent version.
For more information about Application Security, see What is Application Security?
For more information about the billing rules of Application Security, see Billing.

The following example shows a complete YAML file for creating a Deployment application in a Kubernetes cluster and enabling ARMS to monitor the application.

Show details of the YAML file

apiVersion: apps/v1beta1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
  name: arms-springboot-demo
  labels:
    app: arms-springboot-demo
spec:
  replicas: 2
  selector:
    matchLabels:
      app: arms-springboot-demo
  template:
    metadata:
      labels:
        app: arms-springboot-demo
        armsPilotAutoEnable: "on"
        armsPilotCreateAppName: "arms-k8s-demo"
    spec:
      containers:
        - resources:
            limits:
              cpu: 0.5
          image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-springboot-demo:v0.1
          imagePullPolicy: Always
          name: arms-springboot-demo
          env:
            - name: MYSQL_SERVICE_HOST
              value: "arms-demo-mysql"
            - name: MYSQL_SERVICE_PORT
              value: "3306"
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: arms-demo-mysql
  labels:
    app: mysql
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mysql
  template:
    metadata:
      labels:
        app: mysql
    spec:
      containers:
        - resources:
            limits:
              cpu: 0.5
          image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-demo-mysql:v0.1
          name: mysql
          ports:
            - containerPort: 3306
              name: mysql
---
apiVersion: v1
kind: Service
metadata:
  labels:
    name: mysql
  name: arms-demo-mysql
spec:
  ports:
    # the port that this service should serve on
    - name: arms-mysql-svc
      port: 3306
      targetPort: 3306
  # label keys and values that must match in order to receive traffic for this service
  selector:
    app: mysql
---

After the preceding configurations are saved, the application automatically restarts and then the configurations take effect.
After 2 to 5 minutes, if your application is displayed on the Application Monitoring > Application List page in the ARMS console and specific monitoring data is reported, your application is monitored by ARMS.