Monitoring Red Hat OpenShift with Splunk Infrastructure Monitoring

This blog specifically covers how to monitor Red Hat OpenShift, Red Hat’s application platform built on Docker and Kubernetes. For a more general understanding of Kubernetes monitoring basics and open-source metrics options, read part one of this blog series, "Monitoring Kubernetes." How you can configure the Splunk Smart Agent to monitor other Kubernetes environments is covered in part two, "Monitoring Kubernetes with Splunk Infrastructure Monitoring." 

Red Hat OpenShift presents an increasingly popular option for developers and operations teams who want to easily build and deploy application containers on Kubernetes by providing a comprehensive platform that can automate application, container, and infrastructure management. What follows is a brief overview of Red Hat OpenShift, why Splunk Infrastructure Monitoring is particularly suited for monitoring OpenShift and Kubernetes environments, and how you can monitor OpenShift with Splunk.

What is Red Hat OpenShift?

OpenShift is Red Hat’s platform-as-a-service built around containers and Kubernetes running on top of hosts using Red Hat Enterprise Linux. Offered in public, private, or on-premise deployments as OpenShift Online, OpenShift Dedicated, and OpenShift Container Platform, respectively, OpenShift aims to provide developers and operators alike with a single platform that helps automate the build, deployment, and management of containerized applications.

Fundamentally, OpenShift is built around Docker and Kubernetes – Docker provides the abstraction for packaging software in Linux-based containers, while Kubernetes provides cluster management and orchestration of Docker containers. However, OpenShift provides additional functionality for common operational tasks required to run applications on a Kubernetes cluster, including:

• Source code management, builds, and deployments for developers
• Management and promotion of container images (moving them through various runtime environments)
• Application management tools
• Team and user tracking
• Networking infrastructure for the cluster
   

To further assist OpenShift users in adopting containerized applications with confidence, Red Hat also provides a repository of Red Hat-certified container images known as the Red Hat Container Catalog for container images that have met Red Hat’s standards for security and supportability.

Real-Time Monitoring for OpenShift and Kubernetes

Monitoring OpenShift involves gathering metrics about the health and performance of the underlying Kubernetes environment at each of its layers (at the cluster, node, and pod level), as well as the application containers running on Kubernetes. To do this, Splunk provides:

• High-resolution metrics: Splunk collects 1-second resolution data on Docker containers, Kubernetes, the nodes in your cluster, and your containerized applications
• Automatic service discovery and configuration: charts are automatically populated based on supported integrations, and when new containers come online
• Directed troubleshooting and correlation: Splunk APM enables you to separate application issues from problems originating in your OpenShift environment, trace the path of requests through services, and identify the root cause in seconds.
   

To get started, install the Splunk Smart Agent – the Splunk Smart Agent container is available on the Red Hat Container Catalog, and the trusted image can be obtained by the following command:

oc import-image signalfx-inc/smart-agent --from=registry.connect.redhat.com/signalfx-inc/smart-agent --confirm

Refer to the installation documentation to run the image as a DaemonSet (one instance of the Smart Agent per node) in your OpenShift environment.

Moving Through Your OpenShift Environment

Splunk Infrastructure Monitoring gives you an immediate, at-a-glance view of your OpenShift stack – nodes and pods, colored by critical health metrics including resource utilization (CPU, memory, disk, network), and the number of pods by phase (running, pending, failed, etc):

You can quickly get to insights based on any label or tag that you have created in OpenShift environments specifically, or narrow down to a specific Deployment or Services.

Automatically Discover Deployed Services

The Splunk Smart Agent uses observers to automatically discover supported services in OpenShift environments and monitors to collect the relevant metrics and populate dashboards with them. Observers report any discovered endpoints to the agent, which are tested against the set of discovery rules associated with a particular monitor. If a monitor is configured with a discovery rule that matches a particular endpoint discovered by an observer, it will be configured with that endpoint and begin monitoring that service.

For example, the discovery rule ”containerImage=~"mysql"&&port==3306” would match the main endpoint of a MySQL database server, and then populate a pre-built MySQL dashboard in Splunk:

Get visibility into your entire stack today with a free 14-day trial of Splunk Infrastructure Monitoring.

Thanks,
Aaron Sun