This page describes how to configure Network Visibility to monitor applications running on Kubernetes.
Network Visibility monitors an application's network interactions and reports key performance metrics. These metrics isolate an application's network issues from its application issues.
The Network Agent uses a REST API to open a TCP port in each node for the application containers to communicate with the Network DaemonSet container. This communication enables monitoring between pods and nodes. You can deploy the agent as a DaemonSet in each node that has the host mode enabled.
Before you create a Docker image for the DaemonSet and configure the agent, verify the following requirements:
The TCP port 3892 is not already used by the node. The application pods use port 3892 to communicate with the DaemonSet.
To configure Network Visibility with Kubernetes, you must first create a Docker image for the Network Visibility DaemonSet and push the image to your Docker Trusted Registry.
Paste this sample Dockerfile into a text file and save the file.
FROM ubuntu:14.04 ARG NETVIZ_ZIP_PKG RUN groupadd -r appd-netviz && useradd -r -g appd-netviz appd-netviz RUN apt-get update && apt-get install -y \ net-tools \ tcpdump \ curl \ unzip \ ssh-client \ binutils \ build-essential WORKDIR /netviz-agent # copy NetViz agent contents COPY $NETVIZ_ZIP_PKG . # run the agent install script and disable netlib RUN unzip $NETVIZ_ZIP_PKG && ./install.sh \ && sed -i -e "s|enable_netlib = 1|enable_netlib = 0|g" ./conf/agent_config.lua \ && sed -i -e "s|WEBSERVICE_IP=.*|WEBSERVICE_IP=\"0.0.0.0\"|g" ./conf/agent_config.lua RUN chown -R appd-netviz:appd-netviz /netviz-agent RUN setcap cap_net_raw=eip /netviz-agent/bin/appd-netagent USER appd-netviz # default command to run for the agent CMD ./bin/appd-netagent -c ./conf -l ./logs -r ./run |
Navigate to the directory where you saved the Dockerfile and build the Docker image by entering the following command:
$ docker build --build-arg NETVIZ_ZIP_PKG=/path/to/netviz-agent-pkg.zip -t appd-netviz . |
Push the Docker image to your Docker Trusted Registry.
Create a yaml
file with the following configuration:
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2 kind: DaemonSet metadata: name: appd-netviz-agent spec: selector: matchLabels: name: appd-netviz-agent template: metadata: name: appd-netviz-agent labels: name: appd-netviz-agent spec: hostIPC: true hostNetwork: true containers: - name: appd-netviz-agent image: path/to/your/Docker/image # docker registry image resources: requests: memory: "250Mi" cpu: "0.5" limits: memory: "2Gi" cpu: "1" securityContext: capabilities: add: ["NET_RAW"] ports: - containerPort: 3892 hostPort: 3892 imagePullSecrets: - name: your-registry-key # add the registry key, kubectl create secret ... |
image
(under containers
): the file path to the DaemonSet image in your Docker Trusted Registry.name
(under imagePullSecrets
): the key for your Docker Trusted Registry.Deploy the Network Agent in Kubernetes by entering the following command:
$ kubectl apply -f MyConfigFile.yaml |
After deploying Network Visibility in Kubernetes, you must deploy at least one pod with a Java Agent >= 4.4 to the same cluster as the Network Agent. This allows you to map network metrics to application flows.
Open the application's deployment configuration yaml
file with Kubernetes in a text editor and set the APPDYNAMICS_NETVIZ_AGENT_HOST
and APPDYNAMICS_NETVIZ_AGENT_PORT
values:
- name: APPDYNAMICS_NETVIZ_AGENT_HOST valueFrom: fieldRef: fieldPath: status.hostIP - name: APPDYNAMICS_NETVIZ_AGENT_PORT value: 3892 |
If you are using a version of the Java Agent that is <= 4.5.2, you must open the |