Skip to content

Latest commit

 

History

History
163 lines (137 loc) · 4.28 KB

File metadata and controls

163 lines (137 loc) · 4.28 KB

Amazon CloudWatch Agent Operator

The Amazon CloudWatch Agent Operator is software developed to manage the CloudWatch Agent on kubernetes.

This repo is based off of the OpenTelemetry Operator

Build and Deployment

  1. Build the image using make container
  2. Set environment variable to name the build image export CLOUDWATCH_AGENT_OPERATOR_IMAGE="ACCOUNT_ID.dkr.ecr.us-east-1.amazonaws.com/amazon-cloudwatch-agent-operator:latest"
  3. Push the image to your local ecr repo
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin <AWS_ACCOUNT_ID>.dkr.ecr.us-east-1.amazonaws.com

docker push <AWS_ACCOUNT_ID>.dkr.ecr.us-east-1.amazonaws.com/amazon-cloudwatch-agent-operator:latest
  1. Deploy kubernetes objects to your cluster make deploy

Pre requisites

  1. Have an existing kubernetes cluster, such as minikube

  2. Install cert-manager on your cluster

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.12.0/cert-manager.yaml

Getting started

  1. Set a shortcut for kubectl for the operator namespace
kubectl config set-context --current --namespace=amazon-cloudwatch
  1. Look at all resources created
kubectl get all
  1. Look at the manager pod logs to ensure the manager is functioning and waiting for workers
kubectl logs amazon-cloudwatch-agent-operator-controller-manager-66f67f47f78

You should see logs that look similar to below

{"level":"info","ts":"2023-06-29T01:37:36Z","msg":"Starting workers","controller":"amazoncloudwatchagent","controllerGroup":"cloudwatch.aws.amazon.com","controllerKind":"AmazonCloudWatchAgent","worker count":1}
  1. Create an AmazonCloudWatchAgent resource
kubectl apply -f - <<EOF
apiVersion: cloudwatch.aws.amazon.com/v1alpha1
kind: AmazonCloudWatchAgent
metadata:
  name: cloudwatch-agent
  namespace: amazon-cloudwatch
spec:
  mode: daemonset
  serviceAccount: cloudwatch-agent
  config: |
    {
        // insert cloudwatch agent config here
    }
  volumeMounts:
  - mountPath: /rootfs
    name: rootfs
    readOnly: true
  - mountPath: /var/run/docker.sock
    name: dockersock
    readOnly: true
  - mountPath: /run/containerd/containerd.sock
    name: containerdsock
  - mountPath: /var/lib/docker
    name: varlibdocker
    readOnly: true
  - mountPath: /sys
    name: sys
    readOnly: true
  - mountPath: /dev/disk
    name: devdisk
    readOnly: true
  volumes:
  - name: rootfs
    hostPath:
      path: /
  - hostPath:
      path: /var/run/docker.sock
    name: dockersock
  - hostPath:
      path: /var/lib/docker
    name: varlibdocker
  - hostPath:
      path: /run/containerd/containerd.sock
    name: containerdsock
  - hostPath:
      path: /sys
    name: sys
  - hostPath:
      path: /dev/disk/
    name: devdisk
  env:
    - name: K8S_NODE_NAME
      valueFrom:
        fieldRef:
          fieldPath: spec.nodeName
    - name: HOST_IP
      valueFrom:
        fieldRef:
          fieldPath: status.hostIP
    - name: HOST_NAME
      valueFrom:
        fieldRef:
          fieldPath: spec.nodeName
    - name: K8S_NAMESPACE
      valueFrom:
        fieldRef:
          fieldPath: metadata.namespace
EOF
  1. Create Instrumentation resource
kubectl apply -f - <<EOF
apiVersion: cloudwatch.aws.amazon.com/v1alpha1
kind: Instrumentation
metadata:
  name: java-instrumentation
  namespace: default # use a namespace with pods you'd like to inject
spec:
  exporter:
    endpoint: http://cloudwatch-agent.amazon-cloudwatch:4317
  propagators:
    - tracecontext
    - baggage
    - b3
    - xray
  java:
    env:
      - name: OTEL_METRICS_EXPORTER
        value: "none"
      - name: OTEL_SMP_ENABLED
        value: "true"
EOF

Helpful tools

  1. This package uses kubebuilder markers to generate kubernetes configs. Run make manifests to create crds and roles in config/crd and config/rbac
  2. Generate deepcopy.go by running make generate

Security

See CONTRIBUTING for more information.

License

This project is licensed under the Apache-2.0 License.