After you install the Application Real-Time Monitoring Service (ARMS) agent (ack-onepilot) for a Java application that is deployed in Container Service for Kubernetes (ACK), ARMS starts to monitor the Java application. You can view the monitoring data of application topology, API requests, abnormal transactions, and slow transactions. This topic describes how to install the ARMS agent for Java applications that are deployed in ACK.

Prerequisites

Step 1: Install the ARMS agent

  1. Log on to the ACK console.
  2. In the left-side navigation pane, choose Marketplace > Marketplace. On the App Catalog tab, perform a keyword search for ack-onepilot, and then click the agent card.
  3. On the ack-onepilot page, click Deploy in the upper-right corner.
  4. In the Deploy panel, select the cluster and namespace where you want to install the agent, enter the release name for the agent, and then click Next.
  5. Click OK.

Step 2: Grant the cluster the permissions to access ARMS

  • To monitor applications in a Serverless Kubernetes (ASK) cluster or applications in a Kubernetes cluster connected to Elastic Container Instance (ECI), you must first authorize the cluster to access ARMS on the Cloud Resource Access Authorization page. Then, restart all pods on which the ack-onepilot agent is deployed.
  • If you want to monitor applications in an ACK cluster but the ACK cluster has no ARMS Addon Token, perform the following operations to authorize the ACK cluster to access ARMS.
    Note

    For more information about how to check whether a cluster has ARMS Addon Token, see How do I check whether ARMS Addon Token exists in a cluster?

    If a cluster has ARMS Addon Token, ARMS performs password-free authorization on the cluster. ARMS Addon Token may not exist in some ACK managed clusters. We recommend that you check whether an ACK managed cluster has ARMS Addon Token before you use ARMS to monitor applications in the cluster. If the cluster has no ARMS Addon Token, you must manually authorize the cluster to access ARMS.

    1. Log on to the ACK console.
    2. In the left-side navigation pane, click Clusters. On the Clusters page, find the cluster in which your application is deployed . Click the cluster name or click Details in the Actions column.
    3. On the details page of the cluster, click the Cluster Resources tab. On the Cluster Resources tab, click the hyperlink next to Worker RAM Role. Worker RAM Link
    4. You are redirected to the Roles page in the RAM console. On the Roles page, click the policy name on the Permissions tab.
    5. On the Policy Document tab, click Modify Policy Document.
    6. On the Modify Policy page, add the following content and click Next to edit basic information.
      {
         "Action": "arms:*",
         "Resource": "*",
         "Effect": "Allow"
      }
      Modify RAM Authorization
    7. Ensure that the policy content is updated and correct, and click OK.

Step 3: Enable ARMS to monitor a Java application

To enable ARMS when you create an application, perform the following steps.

  1. Log on to the ACK console. In the left-side navigation pane, click Clusters. On the Clusters page, click Applications in the Actions column of the cluster where your application is deployed.
  2. On the Deployments page, click Create from YAML in the upper-right corner of the page.
  3. On the page that appears, select a template from the Sample Template drop-down list, and add the following labels to the spec > template > metadata section in the Template code editor.
    labels:
      armsPilotAutoEnable: "on"
      armsPilotCreateAppName: "<your-deployment-name>"     # Replace <your-deployment-name> with the actual application name. 
      one-agent.jdk.version: "OpenJDK11"     # If the application uses JDK 11, you must configure this parameter.  
    YAML Example

    The following YAML template shows how to create a stateless application and enable ARMS for the application:

    apiVersion: v1
    kind: Namespace
    metadata:
      name: arms-demo
    ---
    apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
    kind: Deployment
    metadata:
      name: arms-springboot-demo
      namespace: arms-demo
      labels:
        app: arms-springboot-demo
    spec:
      replicas: 2
      selector:
        matchLabels:
          app: arms-springboot-demo
      template:
        metadata:
          labels:
            app: arms-springboot-demo
            armsPilotAutoEnable: "on"
            armsPilotCreateAppName: "arms-k8s-demo"
            one-agent.jdk.version: "OpenJDK11"
        spec:
          containers:
            - resources:
                limits:
                  cpu: 0.5
              image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-springboot-demo:v0.1
              imagePullPolicy: Always
              name: arms-springboot-demo
              env:
                - name: SELF_INVOKE_SWITCH
                  value: "true"
                - name: COMPONENT_HOST
                  value: "arms-demo-component"
                - name: COMPONENT_PORT
                  value: "6666"
                - name: MYSQL_SERVICE_HOST
                  value: "arms-demo-mysql"
                - name: MYSQL_SERVICE_PORT
                  value: "3306"
    ---
    apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
    kind: Deployment
    metadata:
      name: arms-springboot-demo-subcomponent
      namespace: arms-demo
      labels:
        app: arms-springboot-demo-subcomponent
    spec:
      replicas: 2
      selector:
        matchLabels:
          app: arms-springboot-demo-subcomponent
      template:
        metadata:
          labels:
            app: arms-springboot-demo-subcomponent
            armsPilotAutoEnable: "on"
            armsPilotCreateAppName: "arms-k8s-demo-subcomponent"
            one-agent.jdk.version: "OpenJDK11"
        spec:
          containers:
            - resources:
                limits:
                  cpu: 0.5
              image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-springboot-demo:v0.1
              imagePullPolicy: Always
              name: arms-springboot-demo-subcomponent
              env:
                - name: SELF_INVOKE_SWITCH
                  value: "false"
                - name: MYSQL_SERVICE_HOST
                  value: "arms-demo-mysql"
                - name: MYSQL_SERVICE_PORT
                  value: "3306"
    ---
    apiVersion: v1
    kind: Service
    metadata:
      labels:
        name: arms-demo-component
      name: arms-demo-component
      namespace: arms-demo
    spec:
      ports:
        # the port that this service should serve on
        - name: arms-demo-component-svc
          port: 6666
          targetPort: 8888
      # label keys and values that must match in order to receive traffic for this service
      selector:
        app: arms-springboot-demo-subcomponent
    ---
    apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
    kind: Deployment
    metadata:
      name: arms-demo-mysql
      namespace: arms-demo
      labels:
        app: mysql
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: mysql
      template:
        metadata:
          labels:
            app: mysql
        spec:
          containers:
            - resources:
                limits:
                  cpu: 0.5
              image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-demo-mysql:v0.1
              name: mysql
              ports:
                - containerPort: 3306
                  name: mysql
    ---
    apiVersion: v1
    kind: Service
    metadata:
      labels:
        name: mysql
      name: arms-demo-mysql
      namespace: arms-demo
    spec:
      ports:
        # the port that this service should serve on
        - name: arms-mysql-svc
          port: 3306
          targetPort: 3306
      # label keys and values that must match in order to receive traffic for this service
      selector:
        app: mysql
    ---
    

Verify the result

On the Deployments page, find the application that you want to monitor, and check whether the ARMS Console button appears in the Actions column.

ARMS Console Button

Uninstall the ARMS agent

  1. Log on to the Alibaba Cloud Container Service for Kubernetes console .
  2. In the left-side navigation pane, click Clusters. On the Clusters page, find the cluster that contains the Java application from which you want to uninstall the ARMS agent, and click Applications in the Actions column.
  3. In the left-side navigation pane, choose Applications > Helm.
  4. On the Helm page, find the release named ack-onepilot of the ARMS agent, and click Delete in the Actions column.
  5. In the Delete message, click OK.
  6. Restart your business pod.

FAQ

How do I rename an application?

To rename an application, you must modify the armsPilotCreateAppName parameter in the Deployment. For more information, see How do I modify the name of a Java application deployed in an ACK cluster?.

How do I check whether ARMS Addon Token exists in a cluster?

  1. Log on to the ACK console.
  2. On the Clusters page, find the cluster that you want to manage and click the cluster name.
  3. In the left-side navigation pane, choose Configurations > Secrets.
  4. In the upper part of the page, select kube-system from the Namespace drop-down list and check whether addon.arms.token displays on the Secrets page. ARMS Addon Token

Why did I fail to install the ARMS agent?

Probable cause: ARMS Addon Token does not exist in the cluster that you want to manage.
Note For more information about how to check whether the cluster has ARMS Addon Token, see How do I check whether ARMS Addon Token exists in a cluster? .

Solution: Grant ACK the permissions to access ARMS. For more information, see What can I do if the ARMS agent cannot be installed for an application in an ACK cluster?.

How do I report data across regions?

  1. In the Deployment in the arms-pilot namespace of the ACK cluster, add the ARMS_REPORT_REGION environment variable. The value must be the ID of a region where ARMS is available. For example, you can set the value to cn-hangzhou or cn-beijing.
  2. Restart the existing application or deploy a new application to report data across regions.
    Note After the environment variable is added, all applications that are deployed in the cluster report data to the specified region.