|
| 1 | + |
| 2 | + |
| 3 | +# Chronos AWS EKS Example |
| 4 | + |
| 5 | +As an all-in-one monitoring tool for microservices, Chronos lets users add EKS clusters for viewing cost and health metrics calculated by OpenCost, collected by Prometheus, and displayed using Grafana. |
| 6 | + |
| 7 | +## Prerequisites |
| 8 | + |
| 9 | +You should install the following platforms/tools: |
| 10 | +- [Docker](https://docs.docker.com/get-docker/) |
| 11 | + - Make sure to enable Kubernetes |
| 12 | + - Go to the gear icon in the upper right corner. Go to Kubernetes and check the first box to enable. Then click 'Apply and Restart.' |
| 13 | +- [Helm](https://helm.sh/docs/intro/install/) |
| 14 | + - Make sure to run `helm repo add stable https://charts.helm.sh/stable` before installing any packages. |
| 15 | + - |
| 16 | + |
| 17 | +## Purpose and Design |
| 18 | + |
| 19 | +This example serves as a tutorial for anyone new to Chronos, EKS, or even AWS. |
| 20 | + |
| 21 | +The main steps are: |
| 22 | +- Creating an AWS account |
| 23 | +- Setting up IAM |
| 24 | +- Installing eksctl |
| 25 | +- Creating an EKS cluster |
| 26 | +- Installing the Amazon EBS CSI Driver |
| 27 | +- Deploying the sample application |
| 28 | +- Deploying Prometheus |
| 29 | +- Deploying OpenCost |
| 30 | +- Deploying and Configuring Grafana |
| 31 | +- Adding EKS cluster to Chronos dashboard using the Grafana URL |
| 32 | + |
| 33 | +This process can also be done using the AWS Command Line Interface (CLI) or the AWS User Interface (UI), but in this example we will be using the terminal. |
| 34 | + |
| 35 | +## Creating an AWS Account |
| 36 | + |
| 37 | + 1. Sign up at https://aws.amazon.com/console/. Note that you will need to input your credit card information. |
| 38 | + **Even though there are free services, setting up an EKS cluster according to this tutorial will cost you.** |
| 39 | + |
| 40 | + 2. Sign into your newly created account and change the region defined in the upper right corner to the region closest to you. |
| 41 | + |
| 42 | +## Creating an AWS Account |
| 43 | + 1. Right now you are the root user, and it's unadvisable to do anything as a root user |
| 44 | + outside of billing and setting up groups. To create a group, go to the Identity and Access Management (IAM) service. |
| 45 | + For any service, simply look it up on the search bar at the top of the page. |
| 46 | + |
| 47 | + 2. Give the group a name (such as admin) and attach the AdminstratorAccess Policy. |
| 48 | + |
| 49 | + 3. Add a user to the group. Grant the user Programmatic and Console access. |
| 50 | + Make sure to download csv file containing the user's credentials. |
| 51 | + |
| 52 | + 4. Sign out and sign back in, this time using the url in the csv file. I recommend saving the Account ID, |
| 53 | + username, and password in a secure place as you will need all three to log into this IAM role in the future. |
| 54 | + |
| 55 | + 5. Generate an access key for this user |
| 56 | + |
| 57 | +## Installing eksctl |
| 58 | + 1. To create a cluster in your terminal, you will need eksctl, a command line tool. |
| 59 | + Follow this [documentation](https://docs.aws.amazon.com/eks/latest/userguide/eksctl.html) |
| 60 | + and make sure to read up on your operating system. |
| 61 | + |
| 62 | +## Creating an EKS cluster |
| 63 | + 1. To establish a connection between your AWS account and the terminal, go to IAM --> Users --> |
| 64 | + Click a user and go to the Security Credentials tab. Click Generate Access Key. |
| 65 | + **Make sure to copy the access key and secret access key to a secure location**. |
| 66 | + |
| 67 | + 2. In the terminal, run these commands: |
| 68 | + |
| 69 | + export AWS_ACCESS_KEY_ID=<AWS Access Key> |
| 70 | + export AWS_SECRET_ACCESS_KEY=<AWS Secret Access Key> |
| 71 | + |
| 72 | + 3. Execute the command `eksctl create cluster --name=<cluster_name> --region=<cluster_region>`. |
| 73 | + Note there are more [flags](https://docs.aws.amazon.com/eks/latest/userguide/getting-started-eksctl.html) |
| 74 | + you can add to customize the cluster further. Cluster creation takes around 20 minutes. |
| 75 | + |
| 76 | +## Installing the Amazon EBS CSI Driver |
| 77 | + You need to install the Elastic Block Store (EBS) Container Storage Interface (CSI) Driver so the EKS cluster can manage Amazon EBS volumes. This is necessary if you want to run any application that has a database, such as Prometheus. |
| 78 | + 1. First, attach an OpenID Connect (OIDC) identity provider so that applications within the EKS cluster can access AWS resources. Execute the command `eksctl utils associate-iam-oidc-provider --region=<cluster_region> --cluster=<cluster_name> --approve`. |
| 79 | + 2. Next, grant the prospective EBS CSI driver IAM permissions to call the AWS APIs with this command: |
| 80 | + |
| 81 | + eksctl create iamserviceaccount \ |
| 82 | + --name ebs-csi-controller-sa \ |
| 83 | + --namespace kube-system \ |
| 84 | + --cluster <cluster_name> \ |
| 85 | + --attach-policy-arn arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy \ |
| 86 | + --approve \ |
| 87 | + --role-only \ |
| 88 | + --role-name AmazonEKS_EBS_CSI_DriverRole \ |
| 89 | + --region <cluster_region> |
| 90 | + |
| 91 | + 3. Finally, add the EBS CSI driver with this command: |
| 92 | + `eksctl create addon --name aws-ebs-csi-driver --cluster <cluster_name> --service-account-role-arn |
| 93 | + arn:aws:iam::<AWS Account ID>:role/AmazonEKS_EBS_CSI_DriverRole --region <cluster region>` |
| 94 | + Note the Account ID is the 12-digit number associated with the user you created earlier. |
| 95 | + |
| 96 | +## Deploying the sample application |
| 97 | + 1. Execute the command `cd {your_path}/Chronos/examples/AWS/AWS-EKS` so you are in the AWS-EKS directory. |
| 98 | + 2. Execute the command `kubectl apply -f knote` to deploy the sample application. |
| 99 | + 3. Run `kubectl get pods` to monitor the status of the pods. Wait until all pods go from status 'ContainerCreating' to 'Running.' |
| 100 | + 4. Run `kubectl get service knote` and visit the external IP address. Add some notes or images to your functioning application! |
| 101 | + |
| 102 | +## Deploying Prometheus |
| 103 | + 1. Exectute the command: |
| 104 | + `helm repo add prometheus-community https://prometheus-community.github.io/helm-charts` |
| 105 | + 2. Execute the command: |
| 106 | + |
| 107 | + helm install my-prometheus --repo https://prometheus-community.github.io/helm-charts prometheus \ |
| 108 | + --namespace prometheus --create-namespace \ |
| 109 | + --set pushgateway.enabled=false \ |
| 110 | + --set alertmanager.enabled=false \ |
| 111 | + -f https://raw.githubusercontent.com/opencost/opencost/develop/kubernetes/prometheus/extraScrapeConfigs.yaml |
| 112 | + |
| 113 | +## Deploying OpenCost |
| 114 | + 1. Execute the command: |
| 115 | + `kubectl apply --namespace opencost -f https://raw.githubusercontent.com/opencost/opencost/develop/kubernetes/opencost.yaml` |
| 116 | + 2. Check the UI with the command: |
| 117 | + `kubectl port-forward --namespace opencost service/opencost 9003 9090` |
| 118 | + |
| 119 | +## Deploying and Configuring Grafana |
| 120 | + 1. Execute the command: |
| 121 | + `helm repo add grafana https://grafana.github.io/helm-charts` |
| 122 | + 2. Execute the command: |
| 123 | + |
| 124 | + helm install grafana grafana/grafana \ |
| 125 | + --namespace grafana \ |
| 126 | + --set persistence.storageClassName="gp2" \ |
| 127 | + --set persistence.enabled=true \ |
| 128 | + --set adminPassword='EKS!sAWSome' \ |
| 129 | + --values ${HOME}/environment/grafana/grafana.yaml \ |
| 130 | + --set service.type=LoadBalancer |
| 131 | + |
| 132 | + 3. Execute these commands to get the URL. Login in with the username admin and the password EKS!sAWsome |
| 133 | + |
| 134 | + export ELB=$(kubectl get svc -n grafana grafana -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') |
| 135 | + echo "http://$ELB" |
| 136 | + |
| 137 | + 4. To create the dashboard for monitoring Prometheus metrics, go to the sidebar, click on the four square icon, and click '+Import.' For the ID, type in 3119. For tracking, select Prometheus. Hit Create. |
| 138 | + 5. For the Opencost dashbaord, go to the sidebar, click on the four square icon, and click '+Import.' Upload the opencostGrafana.json file, select Prometheus under tracking, and then create. |
| 139 | + 6. You need to edit the Grafana ini file to make Grafana publicly accessible. In order to do so, go to your terminal and run: |
| 140 | + `kubectl edit -n grafana configmap/grafana` |
| 141 | + 7. Press the 'i' key to start editing and add this into the Grafana ini section: |
| 142 | + |
| 143 | + documentation: |
| 144 | + [security] |
| 145 | + allow_embedding: true |
| 146 | + [auth.anonymous] |
| 147 | + enabled: true |
| 148 | + [dataproxy] |
| 149 | + timeout: 600 |
| 150 | + |
| 151 | + 8. Type ':wq' to save the file and quit the editor. |
| 152 | + 9. Execute this command: `kubectl rollout restart deployment grafana -n grafana` |
| 153 | + |
| 154 | +## Adding EKS cluster to Chronos dashboard using the Grafana URL |
| 155 | + 1. Click the add modal on the dashboard. Select Cloudbased Services. Select EKS. Input your Grafana URL (ex: xxxx.region.xxx.amazonaws.com) at the root path. |
| 156 | + 2. You should now be able to view two Grafana embedded dashboards -- the Prometheus Metrics & Opencost! Anytime you want to view the status of other microservices, whether cloudbased or locally hosted, go back to the Dashboard on the sidebar menu and click a new modal. |
| 157 | + |
| 158 | +## Cleanup |
| 159 | + To tear down your cluster, execute this command: |
| 160 | + `eksctl delete cluster --name=<cluster_name> --region=<cluster_region>` |
| 161 | + |
| 162 | +## Credit |
| 163 | + Credit for Knote application goes to the user learnK8s on [Github](https://github.com/learnk8s). Here is the source project [folder](https://github.com/learnk8s/knote-js/tree/master/04-05/kube). |
| 164 | + |
0 commit comments