AWS has released several monitoring and observability-themed improvements in the lead-up to and at the 2023 edition of re:Invent in Las Vegas. The releases include Amazon CloudWatch Container Insights with Enhanced Observability for Amazon EKS on EC2. This release is a fully managed service that provides visibility into containerized workloads. Other releases include a new Amazon Managed Service for Prometheus collector and Amazon Managed Grafana community plugins.
The release of Amazon CloudWatch Container Insights with Enhanced Observability for Amazon EKS adds additional telemetry from Kubernetes control plane components including the API server and etcd. The service also provides health and performance metrics including per-pod, per-container, and Kube-State metrics.
The Container Insights dashboard uses predefined thresholds for CPU and memory to show resources that may require support. The dashboard provides options to view top ten lists by cluster, node, pod, workload, or container.
Drilling into a specific resource will open the performance monitoring dashboard. This dashboard provides additional details to assist in troubleshooting including resource utilization across the entire cluster, metrics at the node level, pod-level metrics, and utilization metrics at the container level.
System and application logs can be accessed through Amazon CloudWatch Container Insights, and there are pre-populated queries provided to simplify querying the data. The service also supports adding new graphs to the existing dashboards as well as creating alarms based on the dashboard views.
Enhanced Observability can be enabled using the Amazon CloudWatch Observability EKS Add-on. The add-on installs the CloudWatch agent and Fluent Bit. Installing the add-on requires adjusting IAM permissions:
aws iam attach-role-policy --role-name my-worker-node-role --policy-arn arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy
aws eks create-addon --cluster-name my-cluster-name --addon-name amazon-cloudwatch-observability
The release includes a new pricing model that combines metric storage and log ingestion into one price point. For the US East region, the cost per million observations is $0.21 for the first billion observations.
The Amazon Managed Service for Prometheus collector can be used to discover and collect Prometheus metrics from Amazon EKS without an agent. The collector is a managed service and handles scaling automatically. The release is in addition to the previously available customer-managed collection method.
The collector leverages a scraper that can automatically discover and collect metrics from Amazon EKS applications. The scraper can be configured to control how it operates. The managed collector can be created via the console or the CLI. The following illustrates using the CLI to create a scraper:
aws amp create-scraper \
--source eksConfiguration="{clusterArn=<EKS-CLUSTER-ARN>,securityGroupIds=[<SG-SECURITY-GROUP-ID>],subnetIds=[<SUBNET-ID>]}" \
--scrape-configuration configurationBlob=<BASE64-CONFIGURATION-BLOB> \
--destination ampConfiguration={workspaceArn="<WORKSPACE_ARN>"}
Amazon Managed Grafana has added a self-service plugin management experience to support Grafana community plugins. This release includes support for the three types of plugins: panel plugins, datasource plugins, and app plugins. Only plugins that have passed AWS's malware scanning will be made available. AWS has indicated they may block versions for upgrade and installation if vulnerabilities are discovered.
More details on these features as well as additional monitoring and observability releases can be found on the AWS recap blog or in the re:Invent recap on InfoQ.