Docker, Kubernetes and OpenShift – Don’t Forget the Application Monitoring

Deploying Instana APM Natively Into an OpenShift Environment to Deliver Automated Performance Management

Introduction to OpenShift and Kubernetes Orchestration

OpenShift is a packaged offering from Red Hat for container based software deployment. It combines a supported distribution of Kubernetes and DevOps tooling to aid in rapid application development and the full CI/CD process. The solution can run in any environment you desire – Public Cloud, Dedicated Cloud, Private Cloud and On-Prem deployments. For development, it can even run on a developer’s laptop.

Red Hat has taken standard Kubernetes and configured it with enhanced security, for example processes no longer run as root by default inside the containers. Therefore you may need to update the images you use to make allowances for the loss of root privilege; your web application does not have access to ports 80/443. Red Hat provides a large number of application templates available directly through the Openshift web console.

Getting Started with Instana and OpenShift

For this walkthrough, I am using minishift along with VirtualBox to run the OpenShift stack on my MacBook Pro.

I have signed into the OpenShift web console and selected Applications -> Pods, below are the pods making up my simple microservices application. It consists of:

  • Nginx hosting static resources (AngularJS web app) and a reverse proxy to the API service
  • 3 replicas of the Python Flask API service
  • Mongodb for persistent data storage
  • Redis provides some caching
Kubernetes Pods in OpenShift

List of Kubernetes Pods in OpenShift

Installing Instana in an OpenShift Environment

With the following steps it is simple to deploy the Instana agent into Openshift. Once installed, it automatically discovers all the technology stacks and services and starts tracing every request. Due to the enhanced security of OpenShift, the Instana agent requires higher privileges to perform automatic discovery.

Edit instana-agent-os.yml and add in your connection details. Get your agent key from your Instana console, then encode it via base64.

$ echo “your agent key” | base64

Set the endpoint depending on your location. Now install the agent into Openshift.

$ oc login -u system:admin
$ oc create -f instana-agent-os.yml
$ oc project instana-agent
$ oc adm policy add-scc-to-user privileged -z instana-admin

That’s a lot of commands, what did we just do?

  • Become the superuser on Openshift
  • Create the instana agent project, daemonset and admin user
  • Switch projects
  • Add privileged permissions to the Instana admin user who owns the daemonset

Now, let’s take a look at the daemonset:

$ oc get daemonset

The agent is installed as a daemonset. This mechanism enables running one instance of the agent container on each targeted node. The NODE-SELECTOR is set to “agent=instana” which tells Openshift on which nodes to run the daemonset agent (i.e., those nodes that are labeled with “agent=instana”). At the moment, there are not any nodes that match. Now label up the node(s) where you want the agent to run.

$ oc label node  agent=instana

When new nodes are added to the Openshift cluster if they are labeled with “agent=instana”, the Instana agent will be automatically started on that node.

Wait a couple of minutes for the agent to start and do its automatic discovery, then take a look at the Instana dashboard to see the results. If you want to see the instana-agent project in the Openshift console, give the developer user admin rights.

$ oc adm policy add-role-to-user admin developer -n instana-agent
Kubernetes container cluster map

Automatically discovered container topology

Conclusion: It’s Easy To Add Performance Monitoring Into OpenShift with Instana

That was easy. Now that the Instana agent is deployed to your Openshift environment, it will continuously discover all the running technology stacks and services automatically, tracing every request along the way. This is fully automatic monitoring, meaning you will no longer have to update the monitoring whenever your application environment changes. You already have invested in automation for the development and deployment steps of the application lifecycle, now you can maintain that velocity with live application monitoring.

Instana WebSite Monitoring Dashboard

Instana automatically monitors website performance

Adding performance monitoring into your orchestrated environment makes your orchestration more powerful, allowing resource allocation to be tied directly to maintaining service quality. The better the data is, the better the integration will be. With Instana, you get time series data with one second resolution; and end to end tracing of every request.

Instana Application Service Map

Automatically discovered application services and their flows

All this data enables Instana to provide AI Powered alerting that allows you to focus in on any performance or quality problems that may occur with your microservices application.

####

Steve Waterworth is a technical Marketing Manager at Instana with over a decade of experience with APM tools.