How Does eG Enterprise Monitor Azure Kubernetes Service Cluster?

eG Enterprise monitors Azure Kubernetes Service cluster in an agentless manner.

Note:

eG Enterprise provides monitoring support to Azure Kubernetes Service cluster on Linux platforms only, and not on Windows.

A single remote agent deployed on a Windows/Linux host in the environment uses the Kubernetes API on the Azure Kubernetes Service cluster to pull useful metrics on cluster performance.

To enable the eG agent to use the Kubernetes API, you need to:

  1. Configure the eG agent to connect to the Azure Kubernetes Service cluster

  2. Configure the eG agent with an authentication bearer token

Each of these requirements have been discussed in detail below.

Configuring the eG Agent to Connect to the Azure Kubernetes API

To connect to the Kubernetes API, you first need to configure the eG agent with the IP address/host name of Kubernetes API of the Azure Kubernetes Service cluster, thus enabling the agent to connect with the Azure Kubernetes Service cluster, run API commands on it, and pull metrics.

To determine the IP address of the Kubernetes API, do the following:

  1. Go to the Kubernetes API shell in the Azure Kubernetes Service cluster.

  2. Issue the below command to obtain the Azure Kubernetes Service cluster information:

    kubectl cluster-info

    Make a note of the IP address displayed against 'Kubernetes control plane is running at', in the output of the above command. This is the IP address of the Kubernetes API.

Then, you can provide this IP address when adding a Azure Kubernetes Service cluster for monitoring using the eG administrative interface. Refer to How to Monitor the Azure Kubernetes Service Cluster Using eG Enterprise? to know how.

Configuring the eG Agent with an Authentication Bearer Token

To access the Kubernetes API, run API commands on it, and pull metrics, the eG agent has to be configured with a valid authentication bearer token. To generate this token, follow the steps below:

  1. Go to the Kubernetes API shell in the Kubernetes cluster.

  2. Type the below command to create the "eginnovations" service account

    kubectl create -f https://raw.githubusercontent.com/eGInnovationsInc/kubernetes/master/eginnovations.yaml

  1. Type the below command to get the secret name associated with "eginnovations" service account. Usually, the secret name is in the format "eginnovations-token-xxxxx".

    kubectl get secrets -n default | grep "eginnovations-token"

  1. Type the below command and replace the <xxxxx> with the secret name token from step 3 to get the authentication bearer token.

    kubectl describe secrets <xxxxx> -n default | grep -I "token:"

  1. Copy the token from step 4 and paste to the AUTHENTICATION TOKEN field in the monitoring information section of the Azure Kubernetes Service Preferences page that appears when managing a Azure Kubernetes Service cluster using the eG admin interface. To know how to manage a cluster using the eG admin interface, refer to How to Monitor the Azure Kubernetes Service Cluster Using eG Enterprise?