Monitor application performance - User Guide for Kubernetes Clusters| Alibaba Cloud Documentation Center

Container Service for Kubernetes (ACK) allows you to use Application Real-Time Monitoring Service (ARMS) to monitor Java and PHP applications that are deployed in clusters. ARMS can automatically discover application topologies, generate 3D topologies, discover and monitor API endpoints, and detect abnormal and slow transactions. ARMS provides an efficient method to diagnose and troubleshoot application issues.

Prerequisites

Create a cluster
Activate and upgrade ARMS

Note The PHP application monitoring feature is in public preview and free of charge.

Background information

ARMS is an application performance management (APM) service of Alibaba Cloud. After you install the ARMS application monitoring agent in an ACK cluster, you can use ARMS to monitor Java applications in the cluster without code modifications. ARMS allows you to quickly locate abnormal and slow transactions, reproduce the parameters of API calls, detect memory leaks, and discover system bottlenecks. This significantly improves the efficiency of diagnosing and troubleshooting application issues. For more information, see Overview.

Install the ARMS application monitoring agent

Log on to the ACK console.
In the left-side navigation pane of the ACK console, choose Marketplace > App Catalog.
On the Marketplace page, click the App Catalog tab. Find and click ack-arms-pilot.
On the ack-arms-pilot page, click Deploy.
In the Deploy panel, select a cluster and namespace, and then click Next.
In the Parameters step, set the parameters and click OK.

Authorize ACK to access ARMS

Perform the following steps to grant ACK the permissions to access ARMS.

Log on to the ACK console with an Alibaba Cloud account.
In the left-side navigation pane of the ACK console, click Clusters.
On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
On the Cluster Information page, click the Cluster Resources tab and then click KubernetesWorkerRole-**** to the right of Worker RAM Role.
On the Roles Management page of the Resource Access Management console, click k8sWorkerRolePolicy-**** on the Permissions tab.
On the Policy Document tab, click Modify Policy Document. In the Modify Policy Document panel, copy the following content to the Policy Document field and click OK.
```
{
    "Action": "arms:*",
    "Resource": "*",  
    "Effect": "Allow"
    }   
```

Enable ARMS to monitor Java applications

The following steps describe how to enable ARMS to monitor newly created Java applications and existing Java applications.

To enable ARMS when you create an application, perform the following steps:

Log on to the ACK console.
In the left-side navigation pane of the ACK console, click Clusters.
On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
In the left-side navigation pane of the details page, choose Workloads > Deployments.
On the Deployments page, click Create from YAML in the upper-right corner.

On the Create page, select a template from the Sample Template drop-down list and add the following annotations to the spec/template/metadata section in Template.

Note Replace <your-deployment-name> with the name of your application.

annotations:
  armsPilotAutoEnable: "on"
  armsPilotCreateAppName: "<your-deployment-name>"

The following YAML template shows how to create a stateless application and enable ARMS for the application:

Show the complete YAML file (Java)

apiVersion: v1
kind: Namespace
metadata:
  name: arms-demo
---
apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
  name: arms-springboot-demo
  namespace: arms-demo
  labels:
    app: arms-springboot-demo
spec:
  replicas: 2
  selector:
    matchLabels:
      app: arms-springboot-demo
  template:
    metadata:
      annotations:
        armsPilotAutoEnable: "on"
        armsPilotCreateAppName: "arms-k8s-demo"
      labels:
        app: arms-springboot-demo
    spec:
      containers:
        - resources:
            limits:
              cpu: 0.5
          image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-springboot-demo:v0.1
          imagePullPolicy: Always
          name: arms-springboot-demo
          env:
            - name: SELF_INVOKE_SWITCH
              value: "true"
            - name: COMPONENT_HOST
              value: "arms-demo-component"
            - name: COMPONENT_PORT
              value: "6666"
            - name: MYSQL_SERVICE_HOST
              value: "arms-demo-mysql"
            - name: MYSQL_SERVICE_PORT
              value: "3306"
---
apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
  name: arms-springboot-demo-subcomponent
  namespace: arms-demo
  labels:
    app: arms-springboot-demo-subcomponent
spec:
  replicas: 2
  selector:
    matchLabels:
      app: arms-springboot-demo-subcomponent
  template:
    metadata:
      annotations:
        armsPilotAutoEnable: "on"
        armsPilotCreateAppName: "arms-k8s-demo-subcomponent"
      labels:
        app: arms-springboot-demo-subcomponent
    spec:
      containers:
        - resources:
            limits:
              cpu: 0.5
          image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-springboot-demo:v0.1
          imagePullPolicy: Always
          name: arms-springboot-demo-subcomponent
          env:
            - name: SELF_INVOKE_SWITCH
              value: "false"
            - name: MYSQL_SERVICE_HOST
              value: "arms-demo-mysql"
            - name: MYSQL_SERVICE_PORT
              value: "3306"
---
apiVersion: v1
kind: Service
metadata:
  labels:
    name: arms-demo-component
  name: arms-demo-component
  namespace: arms-demo
spec:
  ports:
    # the port that this service should serve on
    - name: arms-demo-component-svc
      port: 6666
      targetPort: 8888
  # label keys and values that must match in order to receive traffic for this service
  selector:
    app: arms-springboot-demo-subcomponent
---
apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
kind: Deployment
metadata:
  name: arms-demo-mysql
  namespace: arms-demo
  labels:
    app: mysql
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mysql
  template:
    metadata:
      labels:
        app: mysql
    spec:
      containers:
        - resources:
            limits:
              cpu: 0.5
          image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-demo-mysql:v0.1
          name: mysql
          ports:
            - containerPort: 3306
              name: mysql
---
apiVersion: v1
kind: Service
metadata:
  labels:
    name: mysql
  name: arms-demo-mysql
  namespace: arms-demo
spec:
  ports:
    # the port that this service should serve on
    - name: arms-mysql-svc
      port: 3306
      targetPort: 3306
  # label keys and values that must match in order to receive traffic for this service
  selector:
    app: mysql
---

Enable ARMS to monitor PHP applications

The following steps describe how to enable ARMS to monitor newly created Java applications and existing Java applications.

To enable ARMS when you create an application, perform the following steps:

Log on to the ACK console.
In the left-side navigation pane of the ACK console, click Clusters.
On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
In the left-side navigation pane of the details page, choose Workloads > Deployments.
On the Deployments tab, click Create from YAML in the upper-right corner.
On the Create page, select a template from the Sample Template drop-down list and add the following annotations to the spec/template/metadata section in Template.
Note Replace <your-deployment-name> with the name of your application.
```
annotations:
  armsPilotAutoEnable: "on"
  armsPilotCreateAppName: "<your-deployment-name>"
  armsAppType: PHP                                
```
If you install the ARMS application monitoring agent for the first time, you must modify the arms-php.ini ConfigMap in the arms-pilot namespace. The content of the file is the same as that of the php.ini file of the PHP application.

Note In the extension=/usr/local/arms/arms-php-agent/arms-7.2.so configuration, arms-7.2.so indicates that the version of the PHP application is V7.2. You can change the version value to 5.4, 5.5, 5.6, 7.0, 7.1, or 7.2.

Copy the content of the arms-php.ini ConfigMap to the spec/template/spec/containers section in the php.ini file. Set mountPath to the path of the php.ini file.

volumeMounts:
        - name: php-ini
          mountPath: /etc/php/7.2/fpm/php.ini
          subPath: php.ini

volumes:
      - name: php-ini
        configMap:
          name: arms-php.ini

The following YAML template shows how to create a stateless application and enable ARMS for the application:

Show the complete YAML file (PHP)

apiVersion: v1
kind: Namespace
metadata:
  name: arms-php-demo
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mysql-deployment
  namespace: arms-php-demo
  labels:
    app: mysql
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mysql
  template:
    metadata:
      labels:
        app: mysql
    spec:
      containers:
      - image: mysql:5.7
        name: mysql
        env:
        - name: MYSQL_ROOT_PASSWORD
          valueFrom:
            secretKeyRef:
              name: mysql-secret
              key: password
        ports:
        - containerPort: 3306
          name: mysql
---
apiVersion: v1
kind: Secret
metadata:
  name: mysql-secret
  namespace: arms-php-demo
type: Opaque
data:
  # root base64
  username: cm9vdA==
  # 123456 base64
  password: MTIzNDU2
---
apiVersion: v1
kind: Service
metadata:
  name: mysql-service
  namespace: arms-php-demo
  labels:
    app: mysql
spec:
  ports:
    - port: 3306
      targetPort: 3306
  selector:
    app: mysql
---
apiVersion: v1
kind: ConfigMap
metadata:
    name: nginx-config
    namespace: arms-php-demo
data:
    default.conf: |
        server {
            listen       80;
            server_name  localhost;

            location / {
                        try_files $uri $uri/ /index.php?$query_string;
                }

            error_page   500 502 503 504  /50x.html;
            location = /50x.html {
                root   /usr/share/nginx/html;
            }

            location ~ \.php$ {
                fastcgi_pass   localhost:9000;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME  /var/www/html/public/$fastcgi_script_name;
                include        fastcgi_params;
            }

        }
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
  namespace: arms-php-demo
spec:
  ports:
    - port: 80
      protocol: TCP
      targetPort: 80
  selector:
    app: php-server
  type: LoadBalancer
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: php-deployment
  namespace: arms-php-demo
  labels:
    name: php-server
spec:
  replicas: 2
  selector:
    matchLabels:
      app: php-server
  template:
    metadata:
      labels:
        app: php-server
      annotations:
        armsPilotAutoEnable: "on"
        armsPilotCreateAppName: PHP-ACSK8S-DEMO-3
        armsAppType: PHP
    spec:
      containers:
      - name: nginx-php
        image: nginx:stable
        ports:
        - containerPort: 80
        volumeMounts:
        - name: nginx-conf
          mountPath: /etc/nginx/conf.d/
      - name: php-server
        image: registry.cn-hangzhou.aliyuncs.com/arms-docker-repo/arms-php-demo:v1
        imagePullPolicy: Always
        ports:
        - containerPort: 9000
        env:
          - name: DB_HOST
            value: mysql-service
        volumeMounts:
        - name: php-ini
          mountPath: /etc/php/7.2/fpm/php.ini
          subPath: php.ini
      volumes:
      - name: php-ini
        configMap:
          name: arms-php.ini
      - name: nginx-conf
        configMap:
          name: nginx-config

To enable ARMS to monitor existing applications, perform the following steps:

Log on to the ACK console.
In the left-side navigation pane of the ACK console, click Clusters.
On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
In the left-side navigation pane of the details page, choose Workloads > Deployments.
Select a namespace from the Namespace drop-down list. In the Deployments list, find the application that you want to monitor and then choose More > View in YAML in the Actions column.

In the Edit YAML dialog box, add the following annotations to the spec/template/metadata section and click Update.

Note Replace your-deployment-name with the name of your application.

annotations:
  armsPilotAutoEnable: "on"
  armsPilotCreateAppName: "<your-deployment-name>"
  armsAppType: PHP

Copy the content of the arms-php.ini ConfigMap to the spec/template/spec/containers section in the php.ini file. Set mountPath to the path of the php.ini file.

volumeMounts:
        - name: php-ini
          mountPath: /etc/php/7.2/fpm/php.ini
          subPath: php.ini

volumes:
      - name: php-ini
        configMap:
          name: arms-php.ini

Result

On the Deployments page or the StatefulSets page, find the application and check whether the ARMS Console button appears in the Actions column.

Note If ARMS console does not appear in the Actions column, check whether ACK is authorized to access ARMS.

What to do next

After you complete the preceding steps, ARMS Alibaba Cloud Container Service for Kubernetes is enabled for the application that is deployed in application monitoring. In the target application's Action Column click ARMS console . The Application Monitoring page of the ARMS console appears. ARMS application monitoring have the following capabilities:

1. Displays the overall application performance through key metrics. Automatically discovers the application topology.

2. The 3D topology shows the health status of applications, services, and hosts, as well as the upstream and downstream dependencies of the applications. It helps you quickly locate the services that induce faults, the applications affected by the faults, and the associated hosts, and comprehensively diagnose the root cause of the fault.

3. Capture abnormal and slow transactions, and obtain slow SQL statements, MQ accumulation analysis reports, or exception classification reports of the interface. Then, analyze common problems such as right or wrong and slow in more detail.

4. Automatically discovers and monitors common Web frameworks and RPC frameworks in application code, and automatically collects statistics on metrics such as the call volume, response time, and number of errors of Web interfaces and RPC interfaces.