k8s (Kubernetes) Prometheus version_11.5.00
“Moviri Integrator for TrueSight Capacity Optimization – k8s (Kubernetes) Prometheus” is an additional component of BMC TrueSight Capacity Optimization product. It allows extracting data from the Kubernetes cluster management system, a leading solution to manage cloud-native containerized environments. Relevant capacity metrics are loaded into BMC TrueSight Capacity Optimization, which provides advanced analytics over the extracted data in the form of an interactive dashboard, the Kubernetes View.
The integration supports the extraction of both performance and configuration data across different component of the Kubernetes system and can be configured via parameters that allow entity filtering and many other settings. Furthermore, the connector is able to replicate relationships and logical dependencies among entities such as clusters, nodes, namespaces, deployments and pods.
The documentation is targeted at BMC TrueSight Capacity Optimization administrators, in charge of configuring and monitoring the integration between BMC TrueSight Capacity Optimization and Kubernetes.
- Requirements
- Data Source Checks and Configuration
- Integration Results
- k8s Heapster to k8s Prometheus Migration
Requirements
Supported Versions of Data Source Software
• Kubernetes versions 1.5 to 1.12
• Rancher 1.6 to 2.3 (when managing a kubernetes cluster version 1.5 to 1.7)
• Openshift 3.11 to 3.12
• Prometheus 2.7 and onward
Supported Versions of BMC TrueSight Capacity Optimization
- BMC TrueSight Capacity Optimization v.11
- BMC TrueSight Capacity Optimization v.11.3.01
- BMC TrueSight Capacity Optimization v.11.5
Supported Versions of Data Source Configuration
The integrator requires the Prometheus monitoring component to be correctly monitoring the various entities supported by the integration via the kube-state-metrics service.
The connector has also the option to access to the Kubernetes API. Access to Kubernetes API is not mandatory to configure the ETL, but it is strongly suggested. Without the access to Kubernetes API, the integrator will not be able to import the following information
- Persistent volumes capacity-relevant metrics
- Kubernetes Labels for replicaset and replicasetcontroller
Downloading the Additional Package
“Moviri Integrator for TrueSight Capacity Optimization – k8s Prometheus” is available as additional component, distributed via BMC electronic distribution site (EPD).
Installing the Additional Package
To install the “Moviri Integrator for TrueSight Capacity Optimization – k8s Prometheus” as additional package, please refer to the official BMC documentation (“Performing system maintenance tasks”)
Data Source Checks and Configuration
Preparing to Connect to the Data Source Software
The Kubernetes connector adopts a specific integration strategy to be able to extract all of the key metrics of Kubernetes environments for capacity management in a scalable fashion. In particular, the connector integrates with two data sources:
- Kubernetes API: to extract entity catalogs, relationships and relevant configuration properties for selected entities
- Prometheus: to extract key entity catalogs, relationships and metrics related to the managed entities (e.g. nodes, pods, etc.)
The next sections outline the configuration required for the two data sources.
Kubernetes API
To access the Kubernetes API, the Kubernetes connector uses a Service Account. The authentication will be performed using the service account token. Additionally, in order to prevent accidental changes, the integrator service account will be granted read-only privileges and will be allowed to query a set of specific API endpoints. Here follows an example procedure to create the service account in a Kubernetes cluster using the kubectl CLI.
Create a Service Account
First of all, create the service account to be used by the Kubernetes connector:
Then, describe the service account to discover which secret is associated to it:
Namespace: default
Labels: <none>
Annotations: <none>
Image pull secrets: <none>
Mountable secrets: tsco-token-6x9vs
Tokens: tsco-token-6x9vs
Now, describe the secret to get the corresponding token:
Namespace: default
Labels: <none>
Annotations: kubernetes.io/service-account.name=tsco
kubernetes.io/service-account.uid=07bca5e7-7c3e-11e7-87bc-42010a8e0002
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 7 bytes
token: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6InRzY28tdG9rZW4tNng5dnMiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoidHNjbyIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjA3YmNhNWU3LTdjM2UtMTFlNy04N2JjLTQyMDEwYThlMDAwMiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OnRzY28ifQ.tA6c9AsVJ0QKD0s-g9JoBdWDfhBvClJDiZGqDW6doS0rNZ5-dwXCJTss97PXfCxd5G8Q_nxg-elB8rV805K-j8ogf5Ykr-JLsAbl9OORRzcUCShYVF1r7O_-ikGg7abtIPh_mE5eAgHkJ1P6ODvaZG_0l1fak4BxZMTVfzzelvHpVlLpJZObd7eZOEtEEEkcAhZ2ajLQoxLucReG2A25_SrVJ-6c82BWBKQHcTBL9J2d0iHBHv-zjJzXHQ07F62vpc3Q6QI_rOvaJgaK2pMJYdQymFff8OfVMDQhp9LkOkxBPuJPmNHmHJxSvCcvpNtVMz-Hd495vruZFjtwYYygBQ
The token data ("eyJhb ... YygBQ") will be used by the Kubernetes integrator to authenticate against the API. Save the token as it will be required at the connector creation time.
Grant the Service Account Read-only Privileges
The following section outlines an example configuration on the Kubernetes cluster that is suggested in order to allow API access to the service account used by the integrator. We provide example configurations for the two most common authorization schemes used in Kubernetes clusters, namely RBAC (Role-Based Access Control) and ABAC (Attribute-Based Access Control). To identify which mode is configured in your Kubernetes cluster, please refer to the official project documentation: https://kubernetes.io/docs/admin/authorization/
RBAC Authorization
RBAC is the authorization mode enabled by default from Kubernetes 1.6 onward. To grant read-only privileges to the connector service account, a new cluster role is created. The new cluster role allows to grant specific read-only privileges to a set of API operations and entities to the connector.
Here is an example policy file that can be used for this purpose:
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
namespace: default
name: tsco-cluster-role
rules:
- apiGroups: [""]
resources: ["pods", "nodes", "namespaces", "replicationcontrollers", "persistentvolumes", "resourcequotas", "limitranges", "persistentvolumeclaims"]
verbs: ["get", "list"]
- apiGroups: ["extensions"]
resources: ["deployments", "replicasets"]
verbs: ["get", "list"]
Now, create the cluster role and associate it to the connector service account:
kubectl create clusterrolebinding tsco-view-binding --clusterrole=tsco-cluster-role --serviceaccount=default:tsco
ABAC Authorization
ABAC authorization grants access rights to users and service accounts via policies that are configured in a policy file. Such file is then used by the Kubernetes API server via the startup parameter --authorization-policy-file.
In order to allow read-only access to the integrator service account, the following policy line need to be appended to the aforementioned policy file:
The apiserver will need to be restarted to pick up the new policy lines.
Test the Configuration
After having performed the above configuration, it is useful to verify that the service account can successfully connects to the Kubernetes API and execute the intended operations.
To verify, execute the curl Linux command from one of the TrueSight Capacity Optimization servers:
You should get a JSON document describing the nodes comprising the Kubernetes cluster.
Prometheus API
The access to Prometheus API depends on the Kubernetes distribution and the Prometheus configuration. The following sections describe the standard procedure for the supported platforms.
OpenShift
OpenShift Container Platform Monitoring ships with a Prometheus instance for cluster monitoring and a central Alertmanager cluster. You can get the addresses for accessing Prometheus, Alertmanager, and Grafana web UIs by running:
alertmanager-main alertmanager-main-openshift-monitoring.apps.url.openshift.com ...
grafana grafana-openshift-monitoring.apps.url.openshift.com ...
prometheus-k8s prometheus-k8s-openshift-monitoring.apps.url.openshift.com ...
Make sure to append https:// to these addresses. You cannot access web UIs using unencrypted connection.
Authentication is performed against the OpenShift Container Platform identity and uses the same credentials or means of authentication as is used elsewhere in OpenShift Container Platform. You need to use a role that has read access to all namespaces, such as the cluster-monitoring-view cluster role.
Rancher
When installing Prometheus from the Catalog Apps, the default configuration sets up a Layer 7 ingress using xip.io. From the Load Balancing tab, you can see the endpoint to access Prometheus.
Other Distributions
Prometheus does not directly support authentication for connections to the Prometheus expression browser and HTTP API. If you would like to enforce basic authentication for those connections, Prometheus documentation recommends using Prometheus in conjunction with a reverse proxy and applying authentication at the proxy layer. Please refer to the official Prometheus documentation for configuring a NGINX reverse proxy with basic authentication.
Test the Configuration
After having obtained the required information, it is useful to verify the access to the Prometheus API. To verify, execute the following command from one of the TrueSight Capacity Optimization servers:
When authentication is not required
When basic authentication is required
When bear token authentication is required
Connector Configuration Attributes
Property Name | Value Type | Required? | Default | Description | |
Kubernetes Connection | |||||
Prometheus – API URL | String | Yes | Prometheus API URL (http/https://hostname:port). Port can be emitted. | ||
Prometheus – API Version | String | Yes | v1 | Prometheus API version, this should be the same as the Kubernetes API version if using any. | |
Prometheus – API Authentication Method | String | Yes | Prometheus API authentication method. There are three methods that are supported: Authentication Token (Bearer), Basic Authentication (username/password) and None (no authentication). | ||
Prometheus – Username | String | No | Prometheus API username if the Authentication method is set to Basic Authentication. | ||
Prometheus – Password | String | No | Prometheus API password if the Authentication method is set to Basic Authentication. | ||
Prometheus – API Authentication Token | String | No | Prometheus API Authentication Token (Bearer Token) if the Authentication method is set to Authentication Token. | ||
Prometheus – Use Proxy Server | Boolean | No | If a proxy server is used when chose either Basic Authentication or None. Proxy sever supports HTTP. Proxy server only support Basic Authentication and None Authentication. | ||
Prometheus - Proxy Server Host | String | No | Proxy server host name. | ||
Prometheus - Proxy Server Port | Number | No | Proxy server port. Default 8080. | ||
Prometheus - Proxy Username | String | No | Proxy server username | ||
Prometheus - Proxy Password | String | No | Proxy server password | ||
Use Kubernetes API | Boolean | Yes | If use Kubernetes API or not. | ||
Kubernetes Host | String | Yes |
| Kubernetes API server host name For Openshift, use the Openshift console FQDN (e.g., console.ose.bmc.com). | |
Kubernetes API Port | Number | Yes |
| Kubernetes API server port For Openshift, use the same port as the console (typically 8443). | |
Kubernetes API Protocol | String | Yes | HTTPS | Kubernetes API protocol, "HTTPS" in most cases | |
Kubernetes Authentication Token | String | Yes |
| Token of the integrator service account (see data source configuration section). | |
Kubernetes Extraction | |||||
Data Resolution | String | Yes | Data resolution for data to be pulled from Prometheus into TSCO. Default is set to 5 minutes. any value less than 5 minutes will be set to default 5 minutes. | ||
Cluster Name | String | No | If Kubernetes API is not in use, cluster name must be specified. | ||
Default Last Counter | String | Yes | Default earliest time the connector should be pulling data from in UTC. Format as YYYY-MM-DDTHH24:MI:SS.SSSZ, for example, 2019-01-01T19:00:00.000Z. | ||
Maximum Days to Extract | String | No | 5 | Maximum days the connector can pull data from. If leave empty, using default 5 days from default last counter. | |
Extract POD metrics | Boolean | No | Yes | If Extract POD metrics. Default as “YES”, extract all POD metrics. | |
Select only PODs on the following nodes | String | No |
| Extracts information only for the pods that are currently running on the specified nodes. Multiple nodes name can be separated by semicolon (;). | |
Select only PODs on the following namespaces | String | No |
| Extracts information only for the pods that are currently running in the specified namespaces. Multiple namespaces name can be separated by semicolon (;). | |
Select only PODs on the following deployments | String | No |
| Extracts information only for the pods that are currently running in the specified deployment and namespace tuples. Namespace and deployment tuples format as namespace following colon (:) and deployment, for example: namespace-01:api-deployment will select pods under api-deployment only on namespace-01. If namespace is not specified, all pods under this deployment in all the namespaces will be selected. If namespace is emitted, start with colon (:) and follows deployment name. For example, :api-deployment will select pods under api-deployment on all namespaces in this cluster. Multiple namespace deployment tuple can be separated by semicolon (;). | |
Select only PODs with the following tags | String | No | Extracts information only for the pods that are currently running with the specified tag type (label key) namespace tuples. Namespace and tag type tuples format as namespace following colon (:) and deployment, for example: namespace-01:app will select pods with app as tag type only on namespace-01. If namespace is not specified, all pods with this tag type in all the namespaces will be selected. If namespace is emitted, start with colon (:) and follows tag type. For example, :app will select pods with tag type app on all namespaces in this cluster. Multiple namespace label tuple can be separated by semicolon (;). | ||
Exclude PODs on the following nodes | String | No |
| Does not extract information for the pods that are currently running on the specified nodes. Multiple deployments name can be separated by semicolon (;). | |
Exclude PODs on the following namespaces | String | No |
| Does not extract information for the pods that are currently running in the specified namespaces. Multiple deployments name can be separated by semicolon (;). | |
Exclude PODs on the following deployments | String | No |
| Does not extract information for the pods that are currently running in the specified deployment and namespace tuple. Namespace and deployment tuples format as namespace following colon (:) and deployment, for example: namespace-01:api-deployment will exclude pods under api-deployment only on namespace-01. If namespace is not specified, all pods under this deployment in all the namespaces will be excluded. If namespace is emitted, start with colon (:) and follows deployment name. For example, :api-deployment will exclude pods under api-deployment on all namespaces in this cluster. Multiple namespace deployment tuple can be separated by semicolon (;). | |
Exclude PODs with the following tags | String | No | Does not extract information only for the pods that are currently running with the specified tag type (label key) namespace tuples. Namespace and tag type tuples format as namespace following colon (:) and deployment, for example: namespace-01:app will exclude pods with app as tag type only on namespace-01. If namespace is not specified, all pods with this tag type in all the namespaces will be excluded. If namespace is emitted, start with colon (:) and follows tag type. For example, :app will exclude pods with tag type app on all namespaces in this cluster. Multiple namespace label tuple can be separated by semicolon (;). | ||
Import only the following tags (semi-colon separated list) | String | No | Import only tag types (Kubernetes Label key). Specify the keys of the labels. They can be in the original format appears on Kubernetes API, or they can be using underscore (_) as delimiter. For example, node_role_kubernetes_io_compute and node-role.kubernetes.io/compute are equivalent and will be imported as node_role_kubernetes_io_compute. | ||
The following image shows a Run Configuration example for the “Moviri Integrator for TrueSight Capacity Optimization – k8s Prometheus”
Integration Results
Supported Entity Types
The “Moviri Integrator for TrueSight Capacity Optimization – k8s Prometheus” supports the following entities
- Kubernetes Cluster
- Kubernetes Node
- Kubernetes Namespace
- Kubernetes Deployment
- Kubernetes Pod
- Kubernetes Persistent Volume
Supported Metrics
The following sections describe the metrics that are imported by the “Moviri Integrator for TrueSight Capacity Optimization – k8s Prometheus”.
Data Source Metrics
This section describes the metrics that are imported by the Kubernetes connector from the data source and are assigned to corresponding TrueSight Capacity Optimization entities and metrics, with minimal transformations.
Data Source | Data Source Entity Label | BMC TrueSight Capacity Optimization Entity | BMC TrueSight Capacity Optimization Metric |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | BYIMAGE_CPU_REQUEST |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | BYIMAGE_MEM_REQUEST |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | CREATION_TIME |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | DEPLOYMENT_TYPE |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | KPOD_REPLICA_UPTODATE_NUM |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | BYIMAGE_NUM |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | CPU_UTIL |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | KPOD_NUM |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | BYSTATUS_KPOD_NUM |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | CONTAINER_NUM |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | CPU_LIMIT |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | CPU_REQUEST |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | CPU_USED_NUM |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | MEM_KLIMIT |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | MEM_REQUEST |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | MEM_USED |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | MEM_ACTIVE |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | NET_IN_BYTE_RATE |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | NET_IN_ERROR_RATE |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | NET_OUT_ERROR_RATE |
Prometheus | DEPLOYMENT | Kubernetes - Deployment | NET_OUT_BYTE_RATE |
Prometheus | NAMESPACE | Kubernetes - Namespace | CPU_LIMIT |
Prometheus | NAMESPACE | Kubernetes - Namespace | CPU_LIMIT_MAX |
Prometheus | NAMESPACE | Kubernetes - Namespace | CPU_REQUEST |
Prometheus | NAMESPACE | Kubernetes - Namespace | CPU_REQUEST_MAX |
Prometheus | NAMESPACE | Kubernetes - Namespace | CPU_USED_NUM |
Prometheus | NAMESPACE | Kubernetes - Namespace | CREATION_TIME |
Prometheus | NAMESPACE | Kubernetes - Namespace | KPOD_NUM_MAX |
Prometheus | NAMESPACE | Kubernetes - Namespace | MEM_KLIMIT |
Prometheus | NAMESPACE | Kubernetes - Namespace | MEM_LIMIT_MAX |
Prometheus | NAMESPACE | Kubernetes - Namespace | MEM_REQUEST |
Prometheus | NAMESPACE | Kubernetes - Namespace | MEM_REQUEST_MAX |
Prometheus | NAMESPACE | Kubernetes - Namespace | MEM_USED |
Prometheus | NAMESPACE | Kubernetes - Namespace | MEM_ACTIVE |
Prometheus | NAMESPACE | Kubernetes - Namespace | BYIMAGE_CPU_REQUEST |
Prometheus | NAMESPACE | Kubernetes - Namespace | BYIMAGE_MEM_REQUEST |
Prometheus | NAMESPACE | Kubernetes - Namespace | BYIMAGE_NUM |
Prometheus | NAMESPACE | Kubernetes - Namespace | BYSTATUS_KPOD_NUM |
Prometheus | NAMESPACE | Kubernetes - Namespace | CONTAINER_NUM |
Prometheus | NAMESPACE | Kubernetes - Namespace | KPOD_NUM |
Prometheus | NAMESPACE | Kubernetes - Namespace | CPU_UTIL |
Prometheus | NAMESPACE | Kubernetes - Namespace | NET_IN_BYTE_RATE |
Prometheus | NAMESPACE | Kubernetes - Namespace | NET_IN_ERROR_RATE |
Prometheus | NAMESPACE | Kubernetes - Namespace | NET_OUT_ERROR_RATE |
Prometheus | NAMESPACE | Kubernetes - Namespace | NET_OUT_BYTE_RATE |
Prometheus | NODE | Kubernetes - Node | CONTAINER_NUM |
Prometheus | NODE | Kubernetes - Node | BYSTATUS_KPOD_NUM |
Prometheus | NODE | Kubernetes - Node | CPU_LIMIT |
Prometheus | NODE | Kubernetes - Node | CPU_NUM |
Prometheus | NODE | Kubernetes - Node | CPU_REQUEST |
Prometheus | NODE | Kubernetes - Node | CPU_USED_NUM |
Prometheus | NODE | Kubernetes - Node | CREATION_TIME |
Prometheus | NODE | Kubernetes - Node | KPOD_NUM_MAX |
Prometheus | NODE | Kubernetes - Node | KUBERNETES_VERSION |
Prometheus | NODE | Kubernetes - Node | MEM_ACTIVE |
Prometheus | NODE | Kubernetes - Node | MEM_KLIMIT |
Prometheus | NODE | Kubernetes - Node | MEM_PAGE_MAJOR_FAULT_RATE |
Prometheus | NODE | Kubernetes - Node | MEM_REQUEST |
Prometheus | NODE | Kubernetes - Node | MEM_USED |
Prometheus | NODE | Kubernetes - Node | NET_IN_BYTE_RATE |
Prometheus | NODE | Kubernetes - Node | NET_IN_ERROR_RATE |
Prometheus | NODE | Kubernetes - Node | NET_OUT_BYTE_RATE |
Prometheus | NODE | Kubernetes - Node | NET_OUT_ERROR_RATE |
Prometheus | NODE | Kubernetes - Node | OS_TYPE |
Prometheus | NODE | Kubernetes - Node | TOTAL_REAL_MEM |
Prometheus | NODE | Kubernetes - Node | UPTIME |
Prometheus | NODE | Kubernetes - Node | CPU_UTIL |
Prometheus | NODE | Kubernetes - Node | KPOD_NUM |
Prometheus | NODE | Kubernetes - Node | BYIMAGE_CPU_REQUEST |
Prometheus | NODE | Kubernetes - Node | BYIMAGE_MEM_REQUEST |
Prometheus | NODE | Kubernetes - Node | BYIMAGE_NUM |
Prometheus | NODE | Kubernetes - Node | MEM_UTIL |
Kubernetes API | /api/v1/persistentvolumes | Kubernetes - Persistent Volume | CREATION_TIME |
Prometheus | PERSISTENT VOLUME | Kubernetes - Persistent Volume | ST_ALLOCATED |
Kubernetes API | /api/v1/persistentvolumes | Kubernetes - Persistent Volume | ST_PATH |
Kubernetes API | /api/v1/persistentvolumeclaims | Kubernetes - Persistent Volume | ST_SIZE |
Kubernetes API | /api/v1/persistentvolumes | Kubernetes - Persistent Volume | ST_TYPE |
Prometheus | POD | Kubernetes - Pod | BYIMAGE_CPU_REQUEST |
Prometheus | POD | Kubernetes - Pod | BYIMAGE_MEM_REQUEST |
Prometheus | POD | Kubernetes - Pod | BYIMAGE_NUM |
Prometheus | POD | Kubernetes - Pod | CONTAINER_NUM |
Prometheus | POD | Kubernetes - Pod | CPU_LIMIT |
Prometheus | POD | Kubernetes - Pod | CPU_REQUEST |
Prometheus | POD | Kubernetes - Pod | CPU_USED_NUM |
Prometheus | POD | Kubernetes - Pod | CPU_UTIL |
Prometheus | POD | Kubernetes - Pod | CREATION_TIME |
Prometheus | POD | Kubernetes - Pod | HOST_NAME |
Prometheus | POD | Kubernetes - Pod | KPOD_STATUS |
Prometheus | POD | Kubernetes - Pod | MEM_ACTIVE |
Prometheus | POD | Kubernetes - Pod | MEM_KLIMIT |
Prometheus | POD | Kubernetes - Pod | MEM_PAGE_MAJOR_FAULT_RATE |
Prometheus | POD | Kubernetes - Pod | MEM_REQUEST |
Prometheus | POD | Kubernetes - Pod | MEM_USED |
Prometheus | POD | Kubernetes - Pod | NET_IN_BYTE_RATE |
Prometheus | POD | Kubernetes - Pod | NET_OUT_BYTE_RATE |
Prometheus | POD | Kubernetes - Pod | NET_IN_ERROR_RATE |
Prometheus | POD | Kubernetes - Pod | NET_OUT_ERROR_RATE |
Prometheus | CLUSTER | Kubernetes - Cluster | BYIMAGE_CPU_REQUEST |
Prometheus | CLUSTER | Kubernetes - Cluster | BYIMAGE_MEM_REQUEST |
Prometheus | CLUSTER | Kubernetes - Cluster | BYIMAGE_NUM |
Prometheus | CLUSTER | Kubernetes - Cluster | BYSTATUS_KPOD_NUM |
Prometheus | CLUSTER | Kubernetes - Cluster | CONTAINER_NUM |
Prometheus | CLUSTER | Kubernetes - Cluster | CPU_LIMIT |
Prometheus | CLUSTER | Kubernetes - Cluster | CPU_NUM |
Prometheus | CLUSTER | Kubernetes - Cluster | CPU_REQUEST |
Prometheus | CLUSTER | Kubernetes - Cluster | CPU_USED_NUM |
Prometheus | CLUSTER | Kubernetes - Cluster | CPU_UTIL |
Prometheus | CLUSTER | Kubernetes - Cluster | DEPLOYMENT_NUM |
Prometheus | CLUSTER | Kubernetes - Cluster | KPOD_NUM |
Prometheus | CLUSTER | Kubernetes - Cluster | KPOD_NUM_MAX |
Prometheus | CLUSTER | Kubernetes - Cluster | KUBERNETES_VERSION |
Prometheus | CLUSTER | Kubernetes - Cluster | MEM_ACTIVE |
Prometheus | CLUSTER | Kubernetes - Cluster | MEM_KLIMIT |
Prometheus | CLUSTER | Kubernetes - Cluster | MEM_PAGE_MAJOR_FAULT_RATE |
Prometheus | CLUSTER | Kubernetes - Cluster | MEM_REQUEST |
Prometheus | CLUSTER | Kubernetes - Cluster | MEM_USED |
Prometheus | CLUSTER | Kubernetes - Cluster | MEM_UTIL |
Prometheus | CLUSTER | Kubernetes - Cluster | SECRET_NUM |
Prometheus | CLUSTER | Kubernetes - Cluster | SERVICE_NUM |
Prometheus | CLUSTER | Kubernetes - Cluster | ST_ALLOCATED |
Prometheus | CLUSTER | Kubernetes - Cluster | TOTAL_REAL_MEM |
Prometheus | CLUSTER | Kubernetes - Cluster | JOB_NUM |
Derived Source Metrics
This section describes the metrics that are derived by the Kubernetes connector from the data source metrics for the purpose of supporting a wide range of capacity management use cases and analyses.
Data Source Entity | Data Source Metric | BMC TrueSight Capacity Optimization Metric | BMC TrueSight Capacity Optimization Entity |
Kubernetes - Pod | MEM_USED / MEM_KLIMIT | MEM_UTIL_LIMIT | Kubernetes - Pod |
Kubernetes - Pod | MEM_USED / MEM_REQUEST | MEM_UTIL_REQUEST | Kubernetes - Pod |
Kubernetes - Pod | CPU_USED_NUM / CPU_LIMIT | CPU_UTIL_LIMIT | Kubernetes - Pod |
Kubernetes - Pod | CPU_USED_NUM / CPU_REQUEST | CPU_UTIL_REQUEST | Kubernetes - Pod |
Kubernetes – Namespace | MEM_USED / MEM_KLIMIT | MEM_UTIL_LIMIT | Kubernetes - Namespace |
Kubernetes - Namespace | MEM_USED / MEM_REQUEST | MEM_UTIL_REQUEST | Kubernetes - Namespace |
Kubernetes - Namespace | CPU_USED_NUM / CPU_LIMIT | CPU_UTIL_LIMIT | Kubernetes - Namespace |
Kubernetes - Namespace | CPU_USED_NUM / CPU_REQUEST | CPU_UTIL_REQUEST | Kubernetes - Namespace |
Kubernetes - Cluster | MEM_USED / MEM_KLIMIT | MEM_UTIL_LIMIT | Kubernetes - Cluster |
Kubernetes - Cluster | ST_SIZE | ST_SIZE | Kubernetes - Cluster |
Kubernetes - Cluster | MEM_USED / MEM_REQUEST | MEM_UTIL_REQUEST | Kubernetes – Cluster |
Kubernetes - Cluster | CPU_USED_NUM / CPU_LIMIT | CPU_UTIL_LIMIT | Kubernetes - Cluster |
Kubernetes - Cluster | CPU_USED_NUM / CPU_REQUEST | CPU_UTIL_REQUEST | Kubernetes - Cluster |
Kubernetes – Node | MEM_USED / MEM_KLIMIT | MEM_UTIL_LIMIT | Kubernetes - Node |
Kubernetes - Node | MEM_USED / MEM_REQUEST | MEM_UTIL_REQUEST | Kubernetes - Node |
Kubernetes - Node | CPU_USED_NUM / CPU_LIMIT | CPU_UTIL_LIMIT | Kubernetes - Node |
Kubernetes - Node | CPU_USED_NUM / CPU_REQUEST | CPU_UTIL_REQUEST | Kubernetes - Node |
Kubernetes – Deployment | MEM_USED / MEM_KLIMIT | MEM_UTIL_LIMIT | Kubernetes - Deployment |
Kubernetes – Deployment | MEM_USED / MEM_REQUEST | MEM_UTIL_REQUEST | Kubernetes - Deployment |
Kubernetes – Deployment | CPU_USED_NUM / CPU_LIMIT | CPU_UTIL_LIMIT | Kubernetes - Deployment |
Kubernetes – Deployment | CPU_USED_NUM / CPU_REQUEST | CPU_UTIL_REQUEST | Kubernetes - Deployment |
Hierarchy
The connector is able to replicate relationships and logical dependencies among these entities as they are found configured within the Kubernetes cluster.
In particular, the following structure is applied:
- a Kubernetes Cluster is attached to the root of the hierarchy
- each Kubernetes Cluster contains its own Nodes, Namespaces and Persistent Volumes
- each Kubernetes Namespace contains its own Deployments and (standalone) Pods
The following image shows a sample hierarchy.
Lookup Consideration
The “Moviri Integrator for TrueSight Capacity Optimization – Prometheus” supports multiple lookup. The following table shows the lookup field shared for each entity type
Entity Type | Strong Lookup Fields | Others |
Cluster | KUBE_CLUSTER&&KUBE_TYPE | |
Namespace | KUBE_CLUSTER&&KUBE_TYPE&&KUBE_NS_NAME | |
Node | KUBE_CLUSTER&&KUBE_TYPE&&HOSTNAME&&NAME | _COMPATIBILITY_ |
Deployment | KUBE_CLUSTER&&KUBE_TYPE&&KUBE_NS_NAME&&KUBE_DP_NAME | |
Pod | KUBE_CLUSTER&&KUBE_TYPE&&KUBE_NS_NAME&&KUBE_POD_NAME | |
Persistent Volume | KUBE_CLUSTER&&KUBE_TYPE&&KUBE_PV_NAME |
Labels
The “Moviri Integrator for TrueSight Capacity Optimization – k8s Prometheus” supports Kubernetes Labels as Tags in TSCO TrueSight Capacity Optimization.
The keys in labels are imported as Tag types, and the values in labels are imported as Tag values. The integrator will replace special word delimiter appears in Kubernetes label key as underscore (_) in Tag type.
In particular, the entities we import labels are:
Data Source Entity | Data Source |
|
Prometheus | DAEMONSET | Kubernetes - Deployment |
Prometheus | STATEFULSET | Kubernetes - Deployment |
Kubernetes API | REPLICATSET | Kubernetes - Deployment |
Kubernetes API | REPLICATIONCONTROLLER | Kubernetes - Deployment |
Prometheus | POD | Kubernetes - Pod |
Prometheus | NODE | Kubernetes - Node |
Prometheus | NAMESPACE | Kubernetes - Namespace |
Prometheus | PERSISTENT VOLUME | Kubernetes - Persistent Volume |
Here’s a snapshot for what tag looks like:
k8s Heapster to k8s Prometheus Migration
The “Moviri Integrator for TrueSight Capacity Optimization – k8s Prometheus” supports a seamless transition from entities and metrics imported by the “Moviri Integrator for TrueSight Capacity Optimization – k8s Heapster”. Please follow these steps to migrate between the two integrators:
- Stop “Moviri Integrator for TrueSight Capacity Optimization – k8s Heapster” ETL task.
- Install and configure the “Moviri Integrator for TrueSight Capacity Optimization – k8s Prometheus”, ensuring that the lookup is shared with the “Moviri Integrator for TrueSight Capacity Optimization – k8s Heapster” ETL task.
- Start “Moviri Integrator for TrueSight Capacity Optimization – k8s Prometheus” ETL task.