/
Setting up K8S resource collection (inventory)

Setting up K8S resource collection (inventory)

Container Resource Collection Configuration Guide

This is a guide to setting up Kubernetes-based inventory collection to coincide with the DCX Open (October 23).
We are also developing collection for each CSP's own containers, such as Fargate, and will continue to supplement the content as it is confirmed.

1. Download the yaml file

yaml file for setting up K8S resource collection

This is the yaml file from October 23rd. (Right click and save as)

agent_prd.yaml

 

2. Request to collect K8S resources

  1. Request agent ID and password from cmpadmin.cloudxper@lgcns.com

  2. IP forwarding of K8S using cmpadmin.cloudxper@lgcns.com - Agent → Cloudxper firewall needs to be disabled

3. Change the issued agent ID and password in the yaml file.

  1. Change the yarm file by encoding the issued ID and pawword to base64.

ex)

COLLECTOR_USER_NAME: YWtyZW9ybDg1
COLLECTOR_PASSWORD: cXdlcjEyMzQhQCMk


4. Apply the changed yaml file

  1. $ kubectl apply -f agent_prd.yaml

5. Resources created

  1.  Namespace

    • Create a Namespace where the Agent exists "cloudxper-agent"

  2.  ClusterRole

    • Create a Cluster Role to give the Namespace collection permissions on resources.

  3.  ClusterRoleBinding

    • Binding Service Account and Cluster Role

  4. ConfigMap

    • COLLECTOR_HOST (Required): Domain information to send collected data to cloudxper

    • FIXED_RATE(Optional) : Collection cycle

      • Default: 1 hour (not recommended to change)

      • Collect all collectable resources when commenting out values (recommended)

      • Can be changed at least every 10 minutes

    • COLLECT_RESOURCES(Optional) : Resources to collect

      • Default - Collect all resources

      • Collect all collectable resources when commenting out values
        ex) COLLECT_RESOURCES: "Pod,Node" - no space

      • Only collect the resources you need

      • The value is the kind value that appears when kubectl api-resources is used.

      • If you enter a blank string, the entire collection will not be done ex) COLLECT_RESOURCES: ""

      • If you enter an incorrect kind string, it will not be collected (check agent log)

      • Resources to be collected are listed when the agent first runs (check agent log)

  5.  Secret

    • COLLECTOR_USER_NAME: (Required change) ID to authenticate to the collection server - Save the ID issued by the cloudxper manager through base64 encoding.

    • COLLECTOR_PASSWORD: (Required change) PASSWORD to authenticate to the collection server - Save the PASSWORD issued by the cloudxper manager through base64 encoding.

  6.  Deployment

    • Deployment for collection containers

    • name : k8s-resource-agent

    • replicas : 1

    • cpu : 128m, mem : 256Mi

  • (Important) For app logs, only 10 days' worth of data is stored in the container's /var/log table, up to a maximum of 350Mb.

  • It is recommended to modify the agent_prd.yaml file to mount the corresponding volume on the pv (if an agent error occurs, the corresponding log needs to be forwarded to the cloudxper manager for action)