Container Service for Kubernetes (ACK) allows you to use Application Real-Time Monitoring Service (ARMS) to monitor Java and PHP applications that are deployed in clusters. ARMS can automatically discover application topologies, generate 3D topologies, discover and monitor API endpoints, and detect abnormal and slow transactions. ARMS provides an efficient method to diagnose and troubleshoot application issues.

Prerequisites

Background information

ARMS is an application performance management (APM) service of Alibaba Cloud. After you install the ARMS application monitoring agent in an ACK cluster, you can use ARMS to monitor Java applications in the cluster without code modifications. ARMS allows you to quickly locate abnormal and slow transactions, reproduce the parameters of API calls, detect memory leaks, and discover system bottlenecks. This significantly improves the efficiency of diagnosing and troubleshooting application issues. For more information, see Overview.

Install the ARMS application monitoring agent

  1. Log on to the ACK console.
  2. In the left-side navigation pane, choose Marketplace > App Catalog. On the Alibaba Cloud Apps tab, find and click ack-arms-pilot.
  3. On the App Catalog - ack-arms-pilot page, select the cluster that you want to monitor in the Deploy section and click Create.

Authorize ACK to access ARMS

Perform the following steps to grant ACK the permissions to access ARMS.

  1. Log on to the ACK console.
  2. In the left-side navigation pane of the ACK console, click Clusters.
  3. On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
  4. On the details page of the cluster, click the Cluster Resources tab and then click the name of the Resource Access Management (RAM) role of worker nodes.
  5. You are redirected to the RAM Roles page in the RAM console. On the RAM Roles page, click the policy name on the Permissions tab.
  6. On the Policy Document tab, click Modify Policy Document. In the Modify Policy Document panel, copy the following content to the Policy Document field and click OK.
    {
        "Action": "arms:*",
        "Resource": "*",  
        "Effect": "Allow"
        }   

Enable ARMS to monitor Java applications

The following steps describe how to enable ARMS to monitor newly created Java applications and existing Java applications.

To enable ARMS when you create an application, perform the following steps:

  1. Log on to the ACK console.
  2. In the left-side navigation pane of the ACK console, click Clusters.
  3. On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
  4. In the left-side navigation pane of the details page, choose Workloads > Deployments.
  5. On the Deployments page, click Create from YAML in the upper-right corner.
  6. On the Create page, select a template from the Sample Template drop-down list and add the following annotations to the spec/template/metadata section in Template.
    Note Replace <your-deployment-name> with the name of your application.
    annotations:
      armsPilotAutoEnable: "on"
      armsPilotCreateAppName: "<your-deployment-name>"                                
    YAML Example

    The following YAML template shows how to create a stateless application and enable ARMS for the application:

    apiVersion: v1
    kind: Namespace
    metadata:
      name: arms-demo
    ---
    apiVersion: apps/v1beta1 # for versions before 1.8.0 use apps/v1beta1
    kind: Deployment
    metadata:
      name: arms-springboot-demo
      namespace: arms-demo
      labels:
        app: arms-springboot-demo
    spec:
      replicas: 2
      selector:
        matchLabels:
          app: arms-springboot-demo
      template:
        metadata:
          annotations:
            armsPilotAutoEnable: "on"
            armsPilotCreateAppName: "arms-k8s-demo"
          labels:
            app: arms-springboot-demo
        spec:
          containers:
            - resources:
                limits:
                  cpu: 0.5
              image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-springboot-demo:v0.1
              imagePullPolicy: Always
              name: arms-springboot-demo
              env:
                - name: SELF_INVOKE_SWITCH
                  value: "true"
                - name: COMPONENT_HOST
                  value: "arms-demo-component"
                - name: COMPONENT_PORT
                  value: "6666"
                - name: MYSQL_SERVICE_HOST
                  value: "arms-demo-mysql"
                - name: MYSQL_SERVICE_PORT
                  value: "3306"
    ---
    apiVersion: apps/v1beta1 # for versions before 1.8.0 use apps/v1beta1
    kind: Deployment
    metadata:
      name: arms-springboot-demo-subcomponent
      namespace: arms-demo
      labels:
        app: arms-springboot-demo-subcomponent
    spec:
      replicas: 2
      selector:
        matchLabels:
          app: arms-springboot-demo-subcomponent
      template:
        metadata:
          annotations:
            armsPilotAutoEnable: "on"
            armsPilotCreateAppName: "arms-k8s-demo-subcomponent"
          labels:
            app: arms-springboot-demo-subcomponent
        spec:
          containers:
            - resources:
                limits:
                  cpu: 0.5
              image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-springboot-demo:v0.1
              imagePullPolicy: Always
              name: arms-springboot-demo-subcomponent
              env:
                - name: SELF_INVOKE_SWITCH
                  value: "false"
                - name: MYSQL_SERVICE_HOST
                  value: "arms-demo-mysql"
                - name: MYSQL_SERVICE_PORT
                  value: "3306"
    ---
    apiVersion: v1
    kind: Service
    metadata:
      labels:
        name: arms-demo-component
      name: arms-demo-component
      namespace: arms-demo
    spec:
      ports:
        # the port that this service should serve on
        - name: arms-demo-component-svc
          port: 6666
          targetPort: 8888
      # label keys and values that must match in order to receive traffic for this service
      selector:
        app: arms-springboot-demo-subcomponent
    ---
    apiVersion: apps/v1beta1 # for versions before 1.8.0 use apps/v1beta1
    kind: Deployment
    metadata:
      name: arms-demo-mysql
      namespace: arms-demo
      labels:
        app: mysql
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: mysql
      template:
        metadata:
          labels:
            app: mysql
        spec:
          containers:
            - resources:
                limits:
                  cpu: 0.5
              image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-demo-mysql:v0.1
              name: mysql
              ports:
                - containerPort: 3306
                  name: mysql
    ---
    apiVersion: v1
    kind: Service
    metadata:
      labels:
        name: mysql
      name: arms-demo-mysql
      namespace: arms-demo
    spec:
      ports:
        # the port that this service should serve on
        - name: arms-mysql-svc
          port: 3306
          targetPort: 3306
      # label keys and values that must match in order to receive traffic for this service
      selector:
        app: mysql
    ---
    

Enable ARMS to monitor PHP applications

The following steps describe how to enable ARMS to monitor newly created PHP applications and existing PHP applications.

To enable ARMS when you create an application, perform the following steps:

  1. Log on to the ACK console.
  2. In the left-side navigation pane of the ACK console, click Clusters.
  3. On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
  4. In the left-side navigation pane of the details page, choose Workloads > Deployments.
  5. On the Deployments tab, click Create from Template in the upper-right corner.
  6. On the Create page, select a template from the Sample Template drop-down list and add the following annotations to the spec/template/metadata section in Template.
    Note Replace <your-deployment-name> with the name of your application.
    annotations:
      armsPilotAutoEnable: "on"
      armsPilotCreateAppName: "<your-deployment-name>"
      armsAppType: PHP                                
  7. If you install the ARMS application monitoring agent for the first time, you must modify the arms-php.ini ConfigMap in the arms-pilot namespace. The content of the file is the same as that of the php.ini file of the PHP application.
    Note In the extension=/usr/local/arms/arms-php-agent/arms-7.2.so configuration, arms-7.2.so indicates that the version of the PHP application is V7.2. You can change the version value to 5.4, 5.5, 5.6, 7.0, 7.1, or 7.2.
  8. Copy the content of the arms-php.ini ConfigMap to the spec/template/spec/containers section in the php.ini file. Set mountPath to the path of the php.ini file.
    volumeMounts:
            - name: php-ini
              mountPath: /etc/php/7.2/fpm/php.ini
              subPath: php.ini
    volumes:
          - name: php-ini
            configMap:
              name: arms-php.ini

    The following YAML template shows how to create a stateless application and enable ARMS for the application:

    apiVersion: v1
    kind: Namespace
    metadata:
      name: arms-php-demo
    ---
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: mysql-deployment
      namespace: arms-php-demo
      labels:
        app: mysql
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: mysql
      template:
        metadata:
          labels:
            app: mysql
        spec:
          containers:
          - image: mysql:5.7
            name: mysql
            env:
            - name: MYSQL_ROOT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mysql-secret
                  key: password
            ports:
            - containerPort: 3306
              name: mysql
    ---
    apiVersion: v1
    kind: Secret
    metadata:
      name: mysql-secret
      namespace: arms-php-demo
    type: Opaque
    data:
      # root base64
      username: cm9vdA==
      # 123456 base64
      password: MTIzNDU2
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: mysql-service
      namespace: arms-php-demo
      labels:
        app: mysql
    spec:
      ports:
        - port: 3306
          targetPort: 3306
      selector:
        app: mysql
    ---
    apiVersion: v1
    kind: ConfigMap
    metadata:
        name: nginx-config
        namespace: arms-php-demo
    data:
        default.conf: |
            server {
                listen       80;
                server_name  localhost;
    
                location / {
                            try_files $uri $uri/ /index.php?$query_string;
                    }
    
                error_page   500 502 503 504  /50x.html;
                location = /50x.html {
                    root   /usr/share/nginx/html;
                }
    
                location ~ \.php$ {
                    fastcgi_pass   localhost:9000;
                    fastcgi_index  index.php;
                    fastcgi_param  SCRIPT_FILENAME  /var/www/html/public/$fastcgi_script_name;
                    include        fastcgi_params;
                }
    
            }
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: nginx-service
      namespace: arms-php-demo
    spec:
      ports:
        - port: 80
          protocol: TCP
          targetPort: 80
      selector:
        app: php-server
      type: LoadBalancer
    ---
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: php-deployment
      namespace: arms-php-demo
      labels:
        name: php-server
    spec:
      replicas: 2
      selector:
        matchLabels:
          app: php-server
      template:
        metadata:
          labels:
            app: php-server
          annotations:
            armsPilotAutoEnable: "on"
            armsPilotCreateAppName: PHP-ACSK8S-DEMO-3
            armsAppType: PHP
        spec:
          containers:
          - name: nginx-php
            image: nginx:stable
            ports:
            - containerPort: 80
            volumeMounts:
            - name: nginx-conf
              mountPath: /etc/nginx/conf.d/
          - name: php-server
            image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-php-demo:v1
            imagePullPolicy: Always
            ports:
            - containerPort: 9000
            env:
              - name: DB_HOST
                value: mysql-service
            volumeMounts:
            - name: php-ini
              mountPath: /etc/php/7.2/fpm/php.ini
              subPath: php.ini
          volumes:
          - name: php-ini
            configMap:
              name: arms-php.ini
          - name: nginx-conf
            configMap:
              name: nginx-config
    

To enable ARMS to monitor existing applications, perform the following steps:

  1. Log on to the ACK console.
  2. In the left-side navigation pane of the ACK console, click Clusters.
  3. On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
  4. In the left-side navigation pane of the details page, choose Workloads > Deployments.
  5. Select a namespace from the Namespace drop-down list. In the Deployments list, find the application that you want to monitor and then choose More > View in YAML in the Actions column.
  6. In the Edit YAML dialog box, add the following annotations to the spec/template/metadata section and click Update.
    Note Replace <your-deployment-name> with the name of your application.
    annotations:
      armsPilotAutoEnable: "on"
      armsPilotCreateAppName: "<your-deployment-name>"
      armsAppType: PHP                                
  7. Copy the content of the arms-php.ini ConfigMap to the spec/template/spec/containers section in the php.ini file. Set mountPath to the path of the php.ini file.
    volumeMounts:
            - name: php-ini
              mountPath: /etc/php/7.2/fpm/php.ini
              subPath: php.ini
    volumes:
          - name: php-ini
            configMap:
              name: arms-php.ini

Result

On the Deployments page or the StatefulSets page, find the application and check whether the ARMS Console button appears in the Actions column.

Note If the ARMS Console button does not appear in the Actions column, check whether ACK is authorized to access ARMS.

What to do next

After you complete the preceding steps, ARMS Alibaba Cloud Container Service for Kubernetes is enabled for the application that is deployed in application monitoring. In the target application's Action Column click ARMS console . The Application Monitoring page of the ARMS console appears. ARMS application monitoring have the following capabilities:

1. Displays the overall application performance through key metrics. Automatically discovers the application topology.

2. The 3D topology shows the health status of applications, services, and hosts, as well as the upstream and downstream dependencies of the applications. It helps you quickly locate the services that induce faults, the applications affected by the faults, and the associated hosts, and comprehensively diagnose the root cause of the fault.

3. Capture abnormal and slow transactions, and obtain slow SQL statements, MQ accumulation analysis reports, or exception classification reports of the interface. Then, analyze common problems such as right or wrong and slow in more detail.

4. Automatically discovers and monitors common Web frameworks and RPC frameworks in application code, and automatically collects statistics on metrics such as the call volume, response time, and number of errors of Web interfaces and RPC interfaces.