K8s Replication Controller By Namespace Test
A Replication Controller in Azure Kubernetes Service (AKS) is a legacy Kubernetes resource used to manage the lifecycle of pods and ensure that a specified number of identical pod replicas are running at any given time. If any pod fails or is deleted, the Replication Controller automatically creates a new pod to replace it and maintain the desired replica count.
This test auto-discovers the replication controllers in each namespace, and for each replication controller, reports the age, count of replicas (including ready replica and available replica) ensuring that the application is fully functional and can handle the load with the expected number of healthy pods. This test also reports the under-utilization of allocated memory and CPU by the pods in the replication controller that leads to potential performance issues.
Target of the test : Azure Kubernetes Service Cluster
Agent deploying the test : A remote agent
Outputs of the test : One set of results for each Replication Controller in every namespace configured in the Azure Kubernetes Service Cluster being monitored.
| Parameter | Description |
|---|---|
|
Test Period |
How often should the test be executed. |
|
Host |
The IP address of the host for which this test is to be configured. |
|
Port |
Specify the port at which the specified Host listens. By default, this is 6443. |
|
Load Balancer / Master Node IP |
To run this test and report metrics, the eG agent needs to connect to the Kubernetes API on the master node and run API commands. To enable this connection, the eG agent has to be configured with either of the following:
By default, this parameter will display the Load Balancer / Master Node IP that you configured when manually adding the Kubernetes/OpenShift cluster for monitoring, using the Kubernetes Cluster Preferences page in the eG admin interface (see Figure 3). The steps for managing the cluster using the eG admin interface are discussed elaborately in How to Monitor the Kubernetes/OpenShift Cluster Using eG Enterprise? Whenever the eG agent runs this test, it uses the IP address that is displayed (by default) against this parameter to connect to the Kubernetes API. If there is any change in this IP address at a later point in time, then make sure that you update this parameter with it, by overriding its default setting. |
|
SSL |
By default, the Kubernetes/OpenShift cluster is SSL-enabled. This is why, the eG agent, by default, connects to the Kubernetes API via an HTTPS connection. Accordingly, this flag is set to Yes by default. If the cluster is not SSL-enabled in your environment, then set this flag to No. |
|
K8s Cluster API Prefix |
By default, this parameter is set to none. Do not disturb this setting if you are monitoring a Kubernetes/OpenShift Cluster. To run this test and report metrics for Rancher clusters, the eG agent needs to connect to the Kubernetes API on the master node of the Rancher cluster and run API commands. The Kubernetes API of Rancher clusters is of the default format: http(s)://{IP Address of kubernetes}/{api endpoints}. The Server section of the kubeconfig.yaml file downloaded from the Rancher console helps in identifying the Kubernetes API of the cluster. For e.g., https://{IP address of Kubernetes}/k8s/clusters/c-m-bznxvg4w/ is usually the URL of the Kubernetes API of a Rancher cluster. For the eG agent to connect to the master node of a Rancher cluster and pull out metrics, the eG agent should be made aware of the API endpoints in the Kubernetes API of the Rancher cluster. To aid this, you can specify the API endpoints available in the Kubernetes API of the Rancher cluster against this parameter. In our example, this parameter can be specified as: /k8s/clusters/c-m-bznxvg4w/. |
|
Authentication Token |
The eG agent requires an authentication bearer token to access the Kubernetes API, run API commands on the cluster, and pull metrics of interest. The steps for generating this token have been detailed in How Does eG Enterprise Monitor a Kubernetes/OpenShift Cluster? Typically, once you generate the token, you can associate that token with the target Kubernetes/OpenShift cluster, when manually adding that cluster for monitoring using the eG admin interface. The steps for managing the cluster using the eG admin interface are discussed elaborately in How to Monitor the Kubernetes/OpenShift Cluster Using eG Enterprise? By default, this parameter will display the Authentication Token that you provided in the Kubernetes Cluster Preferences page of the eG admin interface, when manually adding the cluster for monitoring (see Figure 3). Whenever the eG agent runs this test, it uses the token that is displayed (by default) against this parameter for accessing the API and pulling metrics. If for any reason, you generate a new authentication token for the target cluster at a later point in time, then make sure you update this parameter with the change. For that, copy the new token and paste it against this parameter. |
|
Namespace to Monitor |
To enable the eG agent to monitor a specific Namespace on Kubernetes/OpenShift cluster, specify the name of that Namespace against this parameter. For instance, eshop. Doing so will enable the eG agent to monitor and report metrics specific to this Namespace. |
|
Proxy Host |
If the eG agent connects to the Kubernetes API on the master node via a proxy server, then provide the IP address of the proxy server here. If no proxy is used, then the default setting -none - of this parameter, need not be changed, |
|
Proxy Port |
If the eG agent connects to the Kubernetes API on the master node via a proxy server, then provide the port number at which that proxy server listens here. If no proxy is used, then the default setting -none - of this parameter, need not be changed, |
|
Proxy Username, Proxy Password, Confirm Password |
These parameters are applicable only if the eG agent uses a proxy server to connect to the Kubernetes/OpenShift cluster, and that proxy server requires authentication. In this case, provide a valid user name and password against the Proxy Username and Proxy Password parameters, respectively. Then, confirm the password by retyping it in the Confirm Password text box. If no proxy server is used, or if the proxy server used does not require authentication, then the default setting - none - of these parameters, need not be changed. |
|
Kubernetes version |
The Version text box indicates the version of the Kubernetes/OpenShift cluster to be managed. The default value is none. If the value of this parameter is not "none", the test uses the value provided (e.g., 28.1) as the Kubernetes version. |
|
Timeout |
Specify the duration (in seconds) for which this test should wait for a response from the Kubernetes/OpenShift cluster. If there is no response from the cluster beyond the configured duration, the test will timeout. By default, this is set to 5 seconds. |
|
Measurement |
Description |
Measurement Unit |
Interpretation |
|---|---|---|---|
|
Replication controller age |
Indicates the age of this Replication Controller. |
Minutes |
A Replication Controller (RC) ensures that a specific number of pod replicas are running. It predates ReplicaSets but is still used in legacy Kubernetes setups. |
|
Replicas |
Indicates the number of replicas in this Replication Controller. |
Number |
The ideal count of replicas for a Replication Controller in AKS depends on the application’s availability, traffic load, and resource capacity. For production applications, a minimum of 3 replicas is recommended for fault tolerance and availability. |
|
Ready replicas |
Indicates the number of ready replicas in this Replication Controller. |
Number |
The desirable count for ready replicas should be equal to the number of replicas specified in the Replication Controller. This ensures that the application has the desired number of pods fully initialized and ready to serve requests. For example, if the number of replicas specified in the Replication Controller is 3, then desirable ready replica count should be 3. |
|
Fully labeled replicas |
Indicates the number of fully labeled replicas in this Replication Controller. |
Number |
The ideal value for fully labeled replicas in a Replication Controller of AKS should be equal to the desired number of replicas, as long as all pods have the correct labels as per the selector field in the Replication Controller specification. For example, if the number of replicas specified in the Replication Controller is 3, then there should be 3 fully labeled replicas that matches the label selector. |
|
Available replicas |
Indicates the number of available replicas in this Replication Controller. |
Number |
The ideal value for available replicas should be equal to the number of replicas specified in the Replication Controller's specification, representing that all pods are healthy and passing the readiness checks. For example, if the Replication Controller is configured to have 3 replicas, then the ideal value for available replicas should also be 3. This means that all 3 replicas are running, healthy, and ready to serve traffic. |
|
Observed generations |
Indicates the number of observed generations in this Replication Controller. |
Number |
Generation denotes the version of the Replication Controller's specification, incremented when changes occur (such as modifying the number of replicas, the pod template, or other configuration details). Observed generation denotes the generation number that represents the version of the Replication Controller's specification that Kubernetes has successfully applied. This helps track the progress of updates to the Replication Controller, ensuring that the specification changes made are correctly applied and that the system is in sync with the current configuration. The ideal value for the observed generation in a Replication Controller in AKS is equal to the current generation. This ensures that the Replication Controller's specification changes have been fully processed by Kubernetes and that the system is in the desired state. |
|
CPU usage |
Indicates the amount of CPU resources used by the containers in this Replication Controller. |
Millicpu |
|
|
CPU limits |
Indicates the total amount of CPU resources that containers in this Replication Controller are allowed to use, as per the resource quota. |
Millicpu |
Resource requests/limits set using the ResourceQuota object govern the aggregate resource consumption of a namespace - i.e., the total resources that can be consumed/requested across all pods/containers in a namespace. A resource quota is violated only when the total consumption of a resource, across pods/containers in the namespace, exceeds the limits defined in the resource quota. For instance, say that the resource quota of a namespace enforces a CPU usage limit of 2 cores and a memory usage limit of 500Gi. In this case, Kubernetes will allow you to create 2 containers with a CPU core each and 100Gi of memory each. However, if an attempt is made to create another container configured with 1 CPU core and 200Gi of memory, then such an addition operation will fail. This is because, the addition increases the total CPU usage of the namespace to 3 CPU cores, which violates the 2 core limit set by the resource quota.
|
|
CPU requests |
Indicates the minimum amount of CPU resources that is guaranteed to the containers in this Replication Controller, as per the resource quota. |
Millicpu |
|
|
Memory limits |
Indicates the total amount of memory resources that containers in this Replication Controller are allowed to use, as per the resource quota. |
GB |
|
|
Memory requests |
Indicates the minimum amount of memory resources that is guaranteed to the containers in this Replication Controller, as per the resource quota. |
GB |
|
|
CPU throttled as percent of Node CPU configured |
Indicates the percentage of CPU throttled in this Replication Controller when Node CPU is configured. |
Percent |
The ideal value for CPU throttling as a percentage of node CPU configured in a Replication Controller should be as low as possible, ideally 0%. If CPU throttling is higher than ideal value, it indicates that the CPU limits are too low or that the pod is experiencing unexpected resource demand. |
|
CPU slack |
Indicates the amount of CPU slack in this Replication Controller. |
Millicpu |
CPU slack in Replication Controller refers to the amount of unused CPU capacity available to a pod or container that is below its CPU limit. A high value of this measure indicates that the pod or container is under-utilizing the allocated CPU. |
|
Memory usage |
Indicates the amount of memory resources used by the containers in this Replication Controller. |
GB |
|
|
Memory slack |
Indicates the amount of memory slack in this Replication Controller. |
GB |
Memory slack in Replication Controller refers to the amount of unused memory available to a pod or container that is below its memory limit. A high value of this measure indicates that the pod or container is under-utilizing the allocated memory. |
|
CPU throttled |
Indicates the amount of CPU throttled in this Replication Controller. |
Millicpu |
CPU throttling in a Replication Controller occurs when a container exceeds the CPU limits set in its resource configuration. Kubernetes applies throttling to restrict the CPU usage of a container that has surpassed its defined CPU limit. A high value of this measure indicates that the containers or pods exceed the allocated CPU resources, leading to performance issues. |
