Configuring Kubernetes monitoring profile
Use the Add Monitoring Configuration page to configure PATROL for Kubernetes and monitor your Kubernetes cluster.
From the Kubernetes Cluster Details page, you can achieve the following goals:
- Configure Kubernetes cluster for monitoring
- Include or exclude the Kubernetes cluster namespaces from monitoring
To configure Kubernetes cluster for monitoring
- Access the Infrastructure Policies tab
- From the Configuration menu, select Infrastructure Policies.
The Infrastructure Policies page is displayed. - Click Create Policy.
The Create Monitoring Policy page is displayed. - Enter the policy details as described in the Defining-a-monitoring-policy section.
- From the Configuration menu, select Infrastructure Policies.
Define the configuration for the Kubernetes cluster.
Specify the values for the following fields to configure the cluster.Field
Description
Kubernetes Cluster Details
Master Node
Type the host name or the IP address of the Kubernetes master node. Run the kubectl cluster-info command on the cluster to get the master (api server) hostname or IP address.
Port Number
Type the port number to connect to the Kubernetes master. The default port number is 6443. Run the kubectl cluster-info command on the cluster to get the port number of the master node.
Authentication Type
Select the authentication type to connect to the Kubernetes cluster.
- Certificate based
- Token based
Client Certificate File Path (.pfx)
(Certificate based authentication)
Type the absolute path of the client certificate file on the PATROL Agent server. The certificate file must be in .pfx format.
Use to create the .pfx client certificate for kubernetes monitoring.
Note: The client certificate file must reside on the host where the PATROL agent is running.
BMC PATROL default account must have read permission for the client certificate file.
For example:
- C:\cert\client-cert.pfx
- /opt/bmc/cert/client-cert.pfx
Client Certificate Password
(Certificate based authentication) Type the password to access the client certificate file.
Authentication Token
(Token based authentication) Type the bearer token to connect to the Kubernetes cluster. Use to create a service account and get the bearer token.
Configure the Proxy Server
Specify the values for the following fields to configure the proxy settings.
Field
Description
Use Proxy Configuration
Select this option to enable the proxy configuration.
Server Name
Type the name or the IP address of the proxy server that is being used to route the HTTP requests.
Port
Type the proxy server port number that is being used to connect to the specified proxy server.
User Name
Type the username to log in to the proxy server.
Password
Type the password to the specified proxy server.
Configure Namespace filter
Include or exclude Kubernetes cluster namespace from monitoring
Field
Description
Namespace Filter Type
Select whether to Include or Exclude the Kubernetes cluster namespaces from monitoring.
Namespace Filter
Type the Kubernetes cluster namespace name that you want to include or exclude from monitoring.
You can enter the exact Kubernetes cluster namespace name or a regular expression matching multiple namespaces. To add multiple entries, enter a pipe-separated list of the namespaces.
Filtering examples:
Example 1
To filter a single namespace MyNamespace, enter the name as MyNamespace
Example 2
To filter namespaces ProdNamespace and QANamespace enter the regular expression as ProdNamespace|QANamespace
Example 3
To filter all the namespaces that start with the word Test, enter the regular expression as Test.*
Enable Containers Monitoring
Select this option if you want to monitor Containers. The KM discovers the Containers below the Pod instances. This option is disabled by default.
Administration
Field
Description
JVM Arguments
Type the additional Java Virtual Machine arguments for the Java collector. For example: For java memory settings: -Xms256m -Xmx1024m
Enable Logging
Select this option to enable the debug. The log files are located at <PATROL_HOME>/k8s/log location on the PATROL Agent server.
Log Level
Select the debug log level. These levels are used to control the logging output.
- FINE
- FINER
- FINEST
FINEST level logs each debug log record.
Note: If debug is disabled, the log file contains only warning level log records.
Device Mapping
- Node - Select one of the following options to enable device mapping of nodes. The KM creates the node device based on the selection. If device mapping is disabled by selecting None, then the nodes are displayed as instances in their respective hierarchy below the PATROL Agent device.
- Node name: Name of the node set in Kubernetes Cluster.
- Host name: Name of the host returned by the API.
- Reverse DNS lookup: FQDN by resolving the DNS from its IP address.
- None: Disable Node device mapping.
- Pod - Select this option to enable device mapping of pods. The KM creates the device by using the name and the IP address of the pod. If device mapping is disabled for pods, the pods are displayed as instances in TrueSight in their respective hierarchy below the PATROL Agent device.
- Container - Select this option to enable device mapping of containers. The KM creates the container device by concatenating pod and container names. For example: <pod-name>-<container-name>. If device mapping is disabled for containers, the containers are displayed as instances in TrueSight in their respective hierarchy below the PATROL Agent device.
Note: If you modify this field, restart the PATROL Agent to apply the changes.
JAVA Home
Type the path to the JRE directory on the PATROL Agent server.
For example, if the JAVA location on the PATROL Agent server is /usr/java/jdk1.8.0_45/jre/bin/java path, specify /usr/java/jdk1.8.0_45/jre as the value in this field.
If the specified path does not exist or if this field is left blank, the KM searches for the JRE in the following order:
- <PATROL_HOME>/openjdk directory
- <PATROL_HOME>/jre64 directory