Container Service for Kubernetes (ACK) allows you to use Application Real-Time Monitoring Service (ARMS) to monitor Java applications that are deployed in clusters. ARMS can automatically discover application topologies, generate 3D topologies, discover and monitor API endpoints, and detect abnormal and slow transactions. ARMS provides an efficient method to diagnose and troubleshoot application issues.
Prerequisites
- An ACK cluster is created. For more information, see Create an ACK managed cluster or Create an ACK dedicated cluster.
- A namespace is created in the cluster. For more information, see Manage namespaces and resource quotas. In this example, the namespace is named
arms-demo. - The Java Development Kit (JDK) is installed. For more information about the supported
JDK versions, see JDK versions supported by ARMS.
Note The JDK version is not 1.8.0_25 or 1.8.0_31. Otherwise, the ARMS agent may fail to be installed. If the installation fails, update the JDK version to 1.8.191 or a later version.
- For more information, see Activate ARMS.
Background information
ARMS is an application performance management (APM) service of Alibaba Cloud. After you install the ARMS application monitoring agent in an ACK cluster, you can use ARMS to monitor Java applications in the cluster without code modifications. ARMS allows you to quickly locate abnormal and slow transactions, reproduce the parameters of API calls, detect memory leaks, and discover system bottlenecks. This significantly improves the efficiency of diagnosing and troubleshooting application issues. For more information, see Overview.
Step 1: Install the ARMS application monitoring agent
- Log on to the ACK console.
- In the left-side navigation pane, choose . On the App Catalog tab, perform a keyword search for ack-onepilot, and then click the agent card.
- On the ack-onepilot page, click Deploy in the upper-right corner.
- In the Deploy panel, select the cluster and namespace where you want to install the agent, enter the release name for the agent, and then click Next.
- Click OK.
Step 2: Grant the cluster the permissions to access ARMS
- To monitor applications in an ASK cluster or applications in a Kubernetes cluster connected to Elastic Container Instance (ECI), you must first authorize the cluster to access ARMS on the Cloud Resource Access Authorization page. Then, restart all pods on which the ack-onepilot agent is deployed.
- If you want to monitor applications in an ACK cluster but the ACK cluster has no ARMS
Addon Token, perform the following operations to authorize the ACK cluster to access
ARMS.
Note
For more information about how to check whether a ARMS Addon Token exists, see Check whether a cluster has ARMS Addon Token.
If a cluster has ARMS Addon Token, ARMS performs password-free authorization on the cluster. ARMS Addon Token may not exist in some ACK managed clusters. We recommend that you check whether an ACK managed cluster has ARMS Addon Token before you use ARMS to monitor applications in the cluster. If the cluster has no ARMS Addon Token, you must manually authorize the cluster to access ARMS.
- Log on to the ACK console.
- In the left-side navigation pane, click Clusters. On the Clusters page, find the cluster in which your application is deployed . Click the cluster name or click Details in the Actions column.
- On the details page of the cluster, click the Cluster Resources tab. On the Cluster Resources tab, click the hyperlink next to Worker RAM Role.
- You are redirected to the Roles page in the RAM console. On the Roles page, click the policy name on the Permissions tab.
- On the Policy Document tab, click Modify Policy Document.
- On the Modify Policy page, add the following content and click Next to edit basic information.
{ "Action": "arms:*", "Resource": "*", "Effect": "Allow" }
- Check the policy content and click OK.
Step 3: Enable ARMS to monitor Java applications
To enable ARMS when you create an application, perform the following steps:
- On the Create page, select a template from the Sample Template drop-down list and add the following
labelsto the spec.template.metadata section in the Template code editor.labels: armsPilotAutoEnable: "on" armsPilotCreateAppName: "<your-deployment-name>" // Replace <your-deployment-name> with the name of your application. one-agent.jdk.version: "OpenJDK11" armsSecAutoEnable: "on" // If you want to connect the application to Application Security, you must configure this parameter.Note- For more information about Application Security, see What is Application Security?.
- For more information about the billing rules of Application Security, see Billing rules.
The following YAML template shows how to create a stateless application and enable ARMS for the application:
apiVersion: v1 kind: Namespace metadata: name: arms-demo --- apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1 kind: Deployment metadata: name: arms-springboot-demo namespace: arms-demo labels: app: arms-springboot-demo spec: replicas: 2 selector: matchLabels: app: arms-springboot-demo template: metadata: labels: app: arms-springboot-demo armsPilotAutoEnable: "on" armsPilotCreateAppName: "arms-k8s-demo" one-agent.jdk.version: "OpenJDK11" spec: containers: - resources: limits: cpu: 0.5 image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-springboot-demo:v0.1 imagePullPolicy: Always name: arms-springboot-demo env: - name: SELF_INVOKE_SWITCH value: "true" - name: COMPONENT_HOST value: "arms-demo-component" - name: COMPONENT_PORT value: "6666" - name: MYSQL_SERVICE_HOST value: "arms-demo-mysql" - name: MYSQL_SERVICE_PORT value: "3306" --- apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1 kind: Deployment metadata: name: arms-springboot-demo-subcomponent namespace: arms-demo labels: app: arms-springboot-demo-subcomponent spec: replicas: 2 selector: matchLabels: app: arms-springboot-demo-subcomponent template: metadata: labels: app: arms-springboot-demo-subcomponent armsPilotAutoEnable: "on" armsPilotCreateAppName: "arms-k8s-demo-subcomponent" one-agent.jdk.version: "OpenJDK11" spec: containers: - resources: limits: cpu: 0.5 image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-springboot-demo:v0.1 imagePullPolicy: Always name: arms-springboot-demo-subcomponent env: - name: SELF_INVOKE_SWITCH value: "false" - name: MYSQL_SERVICE_HOST value: "arms-demo-mysql" - name: MYSQL_SERVICE_PORT value: "3306" --- apiVersion: v1 kind: Service metadata: labels: name: arms-demo-component name: arms-demo-component namespace: arms-demo spec: ports: # the port that this service should serve on - name: arms-demo-component-svc port: 6666 targetPort: 8888 # label keys and values that must match in order to receive traffic for this service selector: app: arms-springboot-demo-subcomponent --- apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1 kind: Deployment metadata: name: arms-demo-mysql namespace: arms-demo labels: app: mysql spec: replicas: 1 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: containers: - resources: limits: cpu: 0.5 image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-demo-mysql:v0.1 name: mysql ports: - containerPort: 3306 name: mysql --- apiVersion: v1 kind: Service metadata: labels: name: mysql name: arms-demo-mysql namespace: arms-demo spec: ports: # the port that this service should serve on - name: arms-mysql-svc port: 3306 targetPort: 3306 # label keys and values that must match in order to receive traffic for this service selector: app: mysql ---
Verify the result
On the Deployments page, find the application that you want to monitor, and check whether the ARMS Console button appears in the Actions column.
Uninstall the ARMS agent
- Log on to the ACK console.
- In the left-side navigation pane, click Clusters. On the Clusters page, find the cluster that contains the Java application from which you want to uninstall the ARMS agent, and click Applications in the Actions column.
- In the left-side navigation pane, choose .
- On the Helm page, find the release named ack-onepilot of the ARMS agent, and click Delete in the Actions column.
- In the Delete message, click OK.
- Restart your business pod.
What to do next
After you complete the preceding steps, you enable ARMS application monitoring for the application deployed in the Alibaba Cloud Container Service for Kubernetes. Click ARMS Console in the Actions column of the target application. The application monitoring page of the ARMS console appears. ARMS application monitoring have the following capabilities:
1. Display the key indicators of the overall performance of the application and automatically discover the application topology.
2. The 3D topology can display the health status of applications, services, and hosts, as well as the upstream and downstream dependencies of applications, help you quickly locate the services that cause faults, applications affected by faults, and associated hosts, and diagnose the root causes of faults in all directions, so as to quickly troubleshoot faults.
3. Capture abnormal transactions and slow transactions, obtain the slow SQL, MQ accumulation analysis report or exception classification report of the interface, correct errors, slow and other common problems for more detailed analysis.
4. Automatically discover and monitor common Web frameworks and RPC frameworks in application code, and automatically count the number of calls, response time, and number of errors of Web interfaces and RPC interfaces.