Network Visibility with Kubernetes

You can use Network Visibility to monitor applications running on Kubernetes. Network Visibility isolates an application's network issues from its application issues. It monitors an application's network interactions and reports key performance metrics in the context of application performance monitoring.

How It Works

To monitor the communication between pods and between nodes, the agent opens up a TCP port in each node for app containers to communicate with the Network DaemonSet container using a REST API. The agent is deployed as a DaemonSet in each node that has host mode enabled. Follow the steps on this page to create a Docker image for the DaemonSet and configure the agent.

Before You Begin

• Ensure that you have at least one pod with a Java Agent (version 4.4 or higher) deployed to the same cluster as the Network Agent.

• Ensure that TCP port 3892 is not already used by the node. Port 3892 will be used by the application pods to communicate with the DaemonSet.

Creating a Docker Image

To deploy Network Visibility with Kubernetes, you must first create a Docker image for the Network Visibility DaemonSet and push the image to your Docker Trusted Registry.

1. Paste the sample Dockerfile below into a text file and save the file.

   FROM centos:centos7
   
   RUN yum update -y && yum install -y \
     net-tools \
     tcpdump \
     curl  \
     unzip   \
     sysvinit-tools \
     iproute2 \
     openssh-clients
   
   WORKDIR /netviz-agent
   
   ARG NETVIZ_ZIP_PKG
   
   # copy NetViz agent contents
   ADD ${NETVIZ_ZIP_PKG} .
   
   # run the agent install script
   RUN unzip *.zip && ./install.sh \
       && sed -i -e "s|enable_netlib = 1|enable_netlib = 0|g" ./conf/agent_config.lua \
       && sed -i -e "s|WEBSERVICE_IP=.*|WEBSERVICE_IP=\"0.0.0.0\"|g" ./conf/agent_config.lua
   # default command to run for the agent
   CMD  ./bin/appd-netagent -c ./conf -l ./logs -r ./run

   CODE

2. Navigate to the directory where you saved the Dockerfile. Build the Docker image by running the following command:
   
   

   $ docker build --build-arg NETVIZ_ZIP_PKG=/path/to/netviz-agent-pkg.zip -t appd-netviz .

   CODE

3. Push the Docker image to your Docker Trusted Registry.

Configuring Network Visibility with Kubernetes

1. Paste the configuration below into a yaml file. This configuration file is used for deploying the Network Visibility agent.

   apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
   kind: DaemonSet
   metadata:
     name: appd-netviz-agent
   spec:
     selector:
       matchLabels:
         name: appd-netviz-agent
     template:
       metadata:
         name: appd-netviz-agent
         labels:
           name: appd-netviz-agent
       spec:
         hostIPC: true
         hostNetwork: true
         containers:
         - name: appd-netviz-agent
           image: path/to/your/Docker/image # docker registry image
           resources:
             requests:
               memory: "250Mi"
               cpu: "0.5"
             limits:
               memory: "2Gi"
               cpu: "1"
           securityContext:
             capabilities:
               add: ["NET_ADMIN", "NET_RAW"]
           ports:
           - containerPort: 3892
             hostPort: 3892
         imagePullSecrets:
           - name: your-registry-key # add the registery key, kubectl create secret ...

   CODE
2. In the configuration file, update these fields:
   • image (under containers): The file path to the DaemonSet image in your Docker Trusted Registry.
   • name (under imagePullSecrets): The key for your Docker Trusted Registry.

3. Deploy the Network Visibility agent for Kubernetes by running the following command:
   $ kubectl apply -f MyConfigFile.yaml 

Configure Network Visibility to Monitor Application Pods

After installing Network Visibility for Kubernetes, you'll need to correlate Network Visibility with a Java agent. This allows you to map network metrics to application flows. To do this, deploy at least one pod with a Java Agent (version 4.4 or higher) to the same cluster as the Network Agent.

1. Open the application's deployment configuration yaml file with Kubernetes in a text editor and set the APPDYNAMICS_NETVIZ_AGENT_HOST and APPDYNAMICS_NETVIZ_AGENT_PORT values, as shown:

   - name: APPDYNAMICS_NETVIZ_AGENT_HOST
     valueFrom:
       fieldRef:
         fieldPath: status.hostIP
   - name: APPDYNAMICS_NETVIZ_AGENT_PORT
     value: 3892

   CODE

   
   

   

   If you are using an app agent that is 4.5.2 or older, you must open the <app-agent-install-dir>/<version-number>/external-services/netviz/netviz-service.properties file to set these values.

2. In the Controller UI, enable socket instrumentation so that you can to map network metrics to application flows. For instructions on enabling socket instrumentation, see Set Up the Network and App Agents.