Menu Close

Chapter 3. Enabling OpenShift Container Platform Metrics

In order for CloudForms to collect OpenShift Container Platform node, pod, and container, you must first enable cluster metrics for your OpenShift cluster. This involves running the OpenShift Metrics services inside your cluster. If cluster metrics are already enabled on OpenShift, skip this section and proceed to Chapter 4, Retrieving the OpenShift Container Platform Management Token.

Note

This section is an abridged version of a more detailed chapter, namely Enabling Cluster Metrics from the OpenShift Container Platform Installation and Configuration documentation. Refer to that chapter for more information.

3.1. Configuring the Required Service Accounts

Cluster metrics requires the following service accounts:

  • metrics-deployer
  • heapster
Important

If you deployed OpenShift using openshift-ansible-3.0.20, then the service account and roles required for enabling metrics will already be installed. You can skip this section and go to Section 3.2, “Configuring Metrics Components”.

To create these accounts:

  1. Log in as an administrator to any node within the OpenShift Container Platform cluster.
  2. Open a terminal.
  3. Switch to the openshift-infra project:

    $ oc project openshift-infra
  4. Create a service account for the Metrics Deployer named metrics-deployer:

    $ oc create -f - <<API
      apiVersion: v1
      kind: ServiceAccount
      metadata:
        name: metrics-deployer
      secrets:
      - name: metrics-deployer
      API
  5. As described in Section 3.2, “Configuring Metrics Components”, the Metrics Deployer uses the metrics-deployer service account. Configure the metrics-deployer account to have edit permissions in the openshift-infra project:

    $ oadm policy add-role-to-user \
        edit system:serviceaccount:openshift-infra:metrics-deployer
  6. The heapster account will be automatically created in Section 3.2.1, “Deploying the Metrics Components”. However, pre-emptively grant it cluster-reader permission to the openshift-infra project:

    $ oadm policy add-cluster-role-to-user \
        cluster-reader system:serviceaccount:openshift-infra:heapster

3.2. Configuring Metrics Components

The Metrics Deployer installs and configures the components required for OpenShift Container Platform metrics. By default, the Metrics Deployer uses self-signed certificates to secure communication between components. This document assumes that you will use this default. For information on alternative secure communication configurations, see Using Secrets from the OpenShift Container Platform Installation and Configuration documentation.

Note

This section is an abridged version of a more detailed chapter, namely Metrics Data Storage in the OpenShift Container Platform Installation and Configuration documentation. Refer to that chapter for more information on how to deploy the metrics plug-in using persistent and non-persistent storage.

3.2.1. Deploying the Metrics Components

OpenShift Container Platform uses Hawkular Metrics as its metrics engine. The Metrics Deployer will install the Hawkular Metrics service; however, you need to provide the external hostname so that CloudForms can reach the Hawkular Metrics service. The base configuration of the Metrics Deployer is defined in the /usr/share/openshift/examples/infrastructure-templates/enterprise/metrics-deployer.yaml file.

Before deploying OpenShift metrics, choose a storage option, then log in as an administrator to any node within the OpenShift Container Platform cluster. From there, open a terminal and run the corresponding command:

Deploying with persistent storage

With persistent storage, OpenShift metrics will be stored on a persistent volume. This offers metrics data protection by allowing it to survive a pod recreation or restart. OpenShift metrics requires a specifically configured persistent volume; see Persistent Volumes in the OpenShift Container Platform Architecture documentation.

$ oc new-app \
    -f /usr/share/openshift/examples/infrastructure-templates/enterprise/metrics-deployer.yaml \
    -p HAWKULAR_METRICS_HOSTNAME=HAWKULARHOST
Deploying with non-persistent storage

With non-persistent storage, any stored metrics will be deleted when the pod is deleted. While it is much easier to run cluster metrics with non-persistent data, it does come with the risk of permanent data loss. So, while you no longer need to provision and configure a volume to store metric data, this does not offer the same protection as persistent storage.

$ oc new-app \
    -f /usr/share/openshift/examples/infrastructure-templates/enterprise/metrics-deployer.yaml \
    -p HAWKULAR_METRICS_HOSTNAME=HAWKULARHOST \
    -p USE_PERSISTENT_STORAGE=false

For either command, replace HAWKULARHOST with the external hostname that CloudForms will use to reach the Hawkular Metrics service. HAWKULARHOST must be a fully-qualified domain name.

Either storage method deploys the required metrics components and creates the necessary service accounts. In particular, the metrics components will be configured to also use the specified HAWKULARHOST as its public endpoint.

3.2.2. Applying the Hawkular Metrics Settings to OpenShift Container Platform

After deploying the metrics components, configure OpenShift Container Platform to use them:

  1. Open the OpenShift Master Configuration file at /etc/origin/master/master-config.yaml. Add the metricsPublicURL parameter to the assetConfig section, specifying the HAWKULARHOST you specified in Section 3.2.1, “Deploying the Metrics Components”:

    assetConfig:
        ...
        metricsPublicURL: "https://HAWKULARHOST/hawkular/metrics"
  2. Restart your OpenShift Container Platform master host:

    $ sudo systemctl restart atomic-openshift-master