Install the ARMS agent for an application deployed in an open source Kubernetes environment - Application Real-Time Monitoring Service

You can use Application Real-Time Monitoring Service (ARMS) to monitor applications that are deployed in open source Kubernetes environments. ARMS allows you to monitor applications based on various performance metrics, such as the topology, API requests, abnormal transactions, slow transactions, and SQL analysis. This topic describes how to enable ARMS to monitor an application that is deployed in an open source Kubernetes environment.

Prerequisites

The version of your Kubernetes api-server is 1.10 or later.
Your cluster is accessible over the Internet.
The version of the JDK is supported by Application Monitoring. ARMS supports the following JDK versions:
- JDK 1.7.0+
- JDK 1.8.0_25+
  Note
  - If you deploy applications in Kubernetes clusters, we recommend that you use JDK V1.8.0_191 or later.
  - Make sure that the JDK version is not 1.8.0_25 or 1.8.0_31. Otherwise, the ARMS agent may fail to be installed. In this case, we recommend that you upgrade JDK to the latest 1.8.X.
- JDK 11.0.8+
- JDK 17
Note JDKs V11 and V1.8, and other JDKs earlier than V1.8 have different agent installation packages from JDK V17. You need to download an agent installation package based on the JDK version or adjust the configurations of the ARMS agent ack-onepilot.

Method 1: Connect to ARMS by using a registered Kubernetes cluster

Register an open source Kubernetes cluster in ACK One. For more information, see Register an external Kubernetes cluster.
Install the ack-onepilot component for the registered Kubernetes cluster. For more information, see Enable ARMS for a registered Kubernetes cluster.

Method 2: Directly connect the open source Kubernetes cluster to ARMS

Step 1: Install Helm V3

Step 2: Install the ARMS agent

ARMS can monitor only the following two types of applications: Deployment and StatefulSet. In this topic, a Deployment application that is deployed in an open source Kubernetes environment is used as an example. To enable ARMS to monitor the Deployment application, perform the following steps:

Run the following wget command to download the ack-onepilot installation package:

 wget 'https://arms-apm-cn-hangzhou.oss-cn-hangzhou.aliyuncs.com/ack-onepilot/ack-onepilot-3.0.6.tgz'

Run the following command to decompress the ack-onepilot installation package:
```
tar xvf ack-onepilot-3.0.6.tgz                 
```
Edit the values.yaml file in the installation package. Modify the following parameters based on your business requirements and save the file.
```
image: registry-vpc.__ACK_REGION_ID__.aliyuncs.com/ack-onepilot
cluster_id: __ACK_CLUSTER_ID__
accessKey: __ACCESSKEY__
accessKeySecret: __ACCESSKEY_SECRET__
uid: "__ACK_UID__"
region_id: __ACK_REGION_ID__
```
- image: the image address of the ack-onepilot component.
  Note In the preceding example, the image address is used for virtual private clouds (VPCs). If your application is deployed on the Internet, use the following image address:
  registry.__ACK_REGION_ID__.aliyuncs.com/ack-onepilot
- __ACK_REGION_ID__: the region ID. For more information about the regions that support Application Monitoring, see Regions where Application Monitoring is supported.
- __ACK_CLUSTER_ID__: the unique ID of the Kubernetes cluster. We recommend that you specify this parameter in the <uid>-<clusterid> format.
- ___ACCESSKEY__ and __ACCESSKEY_SECRET__: the AccessKey ID and AccessKey secret of your Alibaba Cloud account. For more information, see Obtain an AccessKey pair.
- __ACK_UID__: the ID of your Alibaba Cloud account. To obtain the ID of your Alibaba Cloud account, you can move the pointer over the profile picture in the upper-right corner of the Alibaba Cloud Management Console.
Install the ack-onepilot component.
Run the following command without opening the ack-onepilot installation package:
```
helm3 upgrade --install ack-onepilot ack-onepilot --namespace ack-onepilot --create-namespace
```

Step 3: Edit the YAML file of the application

Run the following command to view the YAML file of the Deployment application:
```
kubectl get deployment {Name of the Deployment application} -o yaml                            
```
Note If you do not know the name of the Deployment application, run the following command to view all Deployment applications. You can find the required Deployment application in the results. Then, view the YAML file of the application.
```
kubectl get deployments --all-namespace                
```

Run the following command to edit the YAML file of the Deployment application:

kubectl edit deployment {Name of the Deployment application} -o yaml

In the YAML file, go to the spec.template.metadata directory and add the following content:

labels:
  armsPilotAutoEnable: "on"
  armsPilotCreateAppName: "<your-deployment-name>"    # Replace <your-deployment-name> with the actual application name. 
  one-agent.jdk.version: "OpenJDK17"    # If the application uses JDK 17, you must configure this parameter. 
  armsSecAutoEnable: "on"    # If you want to connect the application to Application Security, you must configure this parameter.

Note

For information about Application Security, see What is Application Security?
For information about the billing of Application Security, see Billing rules.

The following example shows a complete YAML file for creating a Deployment application in an open source Kubernetes environment and enabling ARMS to monitor the application:

Show details of the YAML file

apiVersion: apps/v1beta1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
  name: arms-springboot-demo
  labels:
    app: arms-springboot-demo
spec:
  replicas: 2
  selector:
    matchLabels:
      app: arms-springboot-demo
  template:
    metadata:
      labels:
        app: arms-springboot-demo
        armsPilotAutoEnable: "on"
        armsPilotCreateAppName: "arms-k8s-demo"
    spec:
      containers:
        - resources:
            limits:
              cpu: 0.5
          image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-springboot-demo:v0.1
          imagePullPolicy: Always
          name: arms-springboot-demo
          env:
            - name: MYSQL_SERVICE_HOST
              value: "arms-demo-mysql"
            - name: MYSQL_SERVICE_PORT
              value: "3306"
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: arms-demo-mysql
  labels:
    app: mysql
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mysql
  template:
    metadata:
      labels:
        app: mysql
    spec:
      containers:
        - resources:
            limits:
              cpu: 0.5
          image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-demo-mysql:v0.1
          name: mysql
          ports:
            - containerPort: 3306
              name: mysql
---
apiVersion: v1
kind: Service
metadata:
  labels:
    name: mysql
  name: arms-demo-mysql
spec:
  ports:
    # the port that this service should serve on
    - name: arms-mysql-svc
      port: 3306
      targetPort: 3306
  # label keys and values that must match in order to receive traffic for this service
  selector:
    app: mysql
---

After the preceding configurations are saved, the application automatically restarts and then the configurations take effect.
After 2 to 5 minutes, if your application is displayed on the Application Monitoring > Applications page in the ARMS console and specific monitoring data is reported, your application is monitored by ARMS.

Uninstall the ARMS agent

If you no longer want to use ARMS to monitor a Java application deployed in an open source Kubernetes environment, perform the following steps to uninstall the ack-onepilot component:

Run the following command to uninstall the ack-onepilot component:
```
helm3 uninstall --namespace ack-onepilot ack-onepilot
```
Restart the pod of your applications.