Plugin openshift. Plugin to monitor openshift. Introduction Ver. 10-02-2022 With this plug-in we will be able to view data and monitor our openshift nodes and pods. Type: Server plug-in Compatibility Systems where tested CentOS 7, Fedora Systems where it should work Any linux system   Pre requisites - Have openshift CLI(oc) installed. Information about cli installation can be found in the official documentation: https://docs.openshift.com/container-platform/4.9/cli_reference/openshift_cli/getting-started-cli.html - Have a project created in openshift. - The openshift user account must have cluster-reader permissions. The cli commands to add permissions are as follows (these must be given from a privileged account) Add a role to a user : oc adm policy add-role-to-user Remove a role from a user : oc adm policy remove-role-from-user Add a role to a user for all projects: oc adm policy add-cluster-role-to-user Remove a user role for all projects: oc adm policy remove-cluster-role-from-user Example : ./crc config set enable-cluster-monitoring true Example: To be able to have enabled a minimum of 14 gb is requested, so if we have configured the environment with less, and we activate the cluster-monitoring option we will have to add more to the machine, the minimum is 14336 in mb. The command to specify the memory is : ./crc config set memory 14336 Example: - Have the perl tools plugin in a folder called PandoraFMS. - Have installed the Pandora software agent   Parameters The plugin makes use of the following parameters: cli Path of the openshift oc binary user Your user name password Your password ip Ip of your environment (complete route with port) project openshift project mode xml sending mode (leave tentacle as default) tentacle ip Ip of pandora to send data to tentacle port Tentacle port number (default: 41121) agent_openshift To enable this agent, it creates modules with the number of deployments, services...etc. Leave it to 1 to enable it. agent_node To enable one agent per node. Leave on 1 to enable it. agent_pod To enable one agent per pod. Leave on 1 to enable it. agent_pod_stats To enable an agent with the metrics of each pod. Leave on 1 to enable it. agent_deployment To enable one agent per deployment. Leave on 1 to enable it. agent_imagestreams To enable an agent with modules for each imagestreams, the number of imagestreams is determined with top_imagestreams_count. Set to 1 to enable it. agent_csv To enable an agent to create a module to monitor cluster service version. agent_component_status To enable an agent to create a module to monitor component status. agent_operators To enable an agent to create a module to monitor operators. agent_replication_controller To enable an agent that will create a module for each replication controller in our environment. Leave to 1 to enable it. agent_apiservice To enable an agent that will create a module for each service of our API. Leave to 1 to enable it. agent_services To enable an agent that will create a module for each service in our environment. Leave to 1 to enable it. top_imagestream_count Number of imagestreams to monitor in your environment. Default 11. prefix Customized name for the created agents as_server_plugin If it is to be used as a server plugin, set it to 1 to activate it, if it is used as an agent plugin, set it to 0. You will have to edit the conf by setting the required value. Example: # oc cli config cli=/home/alejandro/Descargas/cli/oc user=developer password=developer ip=https://:6443/ project=prueba # transfer configuratios mode=tentacle tentacle_ip=192.168.1.200 tentacle_port=41121 # enabled metrics block agent_openshift=1 agent_node=1 agent_pod=1 agent_pod_stats=1 agent_deployment=1 agent_imagestreams=1 agent_apiservice=1 agent_services=1 agent_replication_controller=1 agent_component_status=1 agent_csv=0 agent_operators=1 top_imagestreams_count=11 # define as_server_plugin=1 prefix=prueba Manual execution The plugin can be executed manually by calling the perl plugin and the conf file: If the conf option, as_server_plugin is set to 1 it will show a number on the screen, specifically a 9 if everything is correct. If it is executed with as_server_plugin at 0 it will not return anything by terminal, unless there is some error that will paint a module in xml with the part that fails in the description. Configuration in Pandora FMS As agent plugin To be able to monitor from Pandora FMS with the plugin, we must call it from the conf of the software agent that is in the following path : /etc/pandora/pandora_agent.conf we will call it in the last line of the conf with the command module_plugin , followed by the path of the perl plugin and the path of the conf file. module_plugin perl This can also be done from the console if remote configuration is enabled. As a server plugin Installation from console To register the plugin, from the console, go to the "register plugin" section.   Click on select file.   The .pspz2 file to be uploaded will be selected. A message will appear informing that you have successfully registered. Once the plugin is registered, we will see it in the plugins section. You can access the plugin menu by clicking on the plugin title. In parameters we will see the macro used by the plugin, this is not necessary to touch it In the Default value field, we must enter the path to our .conf file.   Manual installation Go to servers > plugins: Click on add: We put the name and description of your choice:   We enter as command the execution with the path of the plugin: /path_pandora_openshift path_pandora_openshift.conf   Modules generated by the plugin The plugin will generate : * prefix is a conf parameter that we can customize by adding any name we want. - One agent for each node of the environment with name : prefix_OS_Node_. Each node agent will have the following modules : Status Roles Age Versión cpu cores cpu % memory bytes memory % - One agent for each pod in the environment with name : prefix_OS_Pod_. Each pod agent will have the following modules: Status Restarts Ready Age - An agent with name: prefix_OS_POD_Stats It will create a cpu(cores) module and a memory module for each pod. _Cpu (cores) _Memory (bytes) - One agent for each deployment with name :prefix_ OS_Deployment_. Each Deployment agent will have the following data :   Age Avalaible Ready Up to date   - An agent named "prefix_OS_Imagestreams_stats" with modules for each imagestream in our environment (the number is configured in the .conf). The agent OS_Imagestreams_stats will contain the following modules for each Imagestream: - storage - images - An agent with name "prefix_OS_Api_service" with modules for each element of our api. Elemento API - An agent named "prefix_OS_Replication controllers with the following modules for each replication controller: Desired Current Ready Age - An agent named "prefix_OS_Services" with a module for each service in our environment. Servicio - In addition, the plugin will generate an agent called "prefix_Openshift" with modules that will indicate the number of certain elements in our environment. The Openshift agent will contain the following modules:   Services Deployments Namespaces Nodes Pods Imagestreams Replication controllers   Example of agent view after plugin execution           Possible problems Error from server (ServiceUnavailable) Error from server (ServiceUnavailable): the server is currently unable to handle the request (get nodes.metrics.k8s.io) Error from server (ServiceUnavailable): the server is currently unable to handle the request (get pods.metrics.k8s.io) This error occurs because the commands that take the metrics from the nodes and pods cannot be invoked. Most likely it is because the metric server or the monitoring option in the openshift environment is disabled, or has been disabled. Make sure the server is running, you can see more data about this error from the openshift console which will indicate if there is a problem with monitoring. Permissions The plugin has internal openshift CLI commands that need permissions to run from the pandora agent. It is recommended to give permissions to both the perl plugin and the conf with : chmod 755 pandora_openshift.pl chmod 755 pandora_openshift.conf At the same time, the cli binary must also have the correct permissions, in this case root:root so that the pandora agent can execute it.   chown root:root /path_oc chmod 755 /path_oc Error control The plugin works modularly, so if for some reason it fails to send the data, through terminal commands we can see where it is failing. We will be able to see that part of the environment that we are getting the data is having problems to send the data (pods, nodes, deployments, etc). With the parameter as_server_plugin of the conf to 0 Executing the plugin by terminal, if any part fails when sending the data it will print a module and in the description we will see which agent is the one that fails. In this example we have painted a module in xml by terminal that tells us in the description that it has had problems with the pod_stats agent. With the parameter as_server_plugin of the conf to 1 If we execute manually the plugin by terminal with the option as_server_plugin to 1, this will paint by terminal a number, this number indicates in which part the plugin has failed. 9 You have executed everything perfectly 8 Failed in openshift agent 7 Failed in replication controllers agent 6 Failed agent services 5 Agent api services failed 4 Failed in the imagestreams agent 3 Failed in deployments agents 2 You have failed in the agent pod stats 1 Failed in pod agents 0 Failed in node agents