3.6. 配置 AWS 账单相关性
metering 可将集群使用量信息与 AWS 详细账单信息相关联,并在资源使用量中附上相应金额。对于 EC2 中运行的集群,您可通过修改以下示例 aws-billing.yaml 文件来启用这一功能。
apiVersion: metering.openshift.io/v1
kind: MeteringConfig
metadata:
name: "operator-metering"
spec:
openshift-reporting:
spec:
awsBillingReportDataSource:
enabled: true
# Replace these with where your AWS billing reports are
# stored in S3.
bucket: "<your-aws-cost-report-bucket>" 1
prefix: "<path/to/report>"
region: "<your-buckets-region>"
reporting-operator:
spec:
config:
aws:
secretName: "<your-aws-secret>" 2
presto:
spec:
config:
aws:
secretName: "<your-aws-secret>" 3
hive:
spec:
config:
aws:
secretName: "<your-aws-secret>" 4要启用 AWS 账单关联功能,先要确保启用了 AWS 成本和使用量报告。有关更多信息,请参阅 AWS 文档中的 AWS 成本和使用量报告。
apiVersion: v1 kind: Secret metadata: name: <your-aws-secret> data: aws-access-key-id: "dGVzdAo=" aws-secret-access-key: "c2VjcmV0Cg=="
要将数据存储至 S3,aws-access-key-id 和 aws-secret-access-key 凭证必须具有存储桶的读取和写入权限。有关授予所需权限的 IAM 策略的示例,请参阅以下 aws/read-write.json 文件。
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "1",
"Effect": "Allow",
"Action": [
"s3:AbortMultipartUpload",
"s3:DeleteObject",
"s3:GetObject",
"s3:HeadBucket",
"s3:ListBucket",
"s3:ListMultipartUploadParts",
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::operator-metering-data/*", 1
"arn:aws:s3:::operator-metering-data" 2
]
}
]
}
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "1",
"Effect": "Allow",
"Action": [
"s3:AbortMultipartUpload",
"s3:DeleteObject",
"s3:GetObject",
"s3:HeadBucket",
"s3:ListBucket",
"s3:ListMultipartUploadParts",
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::operator-metering-data/*", 3
"arn:aws:s3:::operator-metering-data" 4
]
}
]
}
这一步可在安装前或安装后完成。安装后禁用可能会导致 reporting-operator 出错。