Use the following steps to configure monitoring for Tanzu Kubernetes Grid.

Note:

The procedure below describes how to configure the Management Cluster for auto-discovery of Workload Clusters. If you want to set up each Workload manually, then follow the steps in Configuring Monitoring for Open-source Kubernete.

Procedure

  1. From the left menu, click Data Sources > Integrations, and then click the Repository tab in the right pane.
  2. Click Add Account on the VMware vRealize® Operations™ Management Pack for Kubernetes tile.
    Note:

    Alternatively, you can navigate to Data Sources > Integrations, and then click the Accounts tab. Click Add Accounts to configure the adapter instance.

  3. Click Kubernetes from the adapter list and configure the adapter instance.

    Field Name

    Action

    Name

    Enter the name for this instance of the Kubernetes adapter for the TKG Management Cluster as you want it to appear in vRealize Operations.

    Description

    Enter the description for the instance with any additional information that helps you manage your instances.

    Master URL

    Enter the URL of the API server of the Control Plane of the Management Cluster.

    Collector Service

    Select cAdvisor – Kubelet, cAdvisor - DaemonSet or Prometheus based on the option you would like to use to monitor the metrics in the Workload clusters. This option will be used for all the discovered clusters. For example, if you choose Prometheus, then vRealize Operations will collect metrics using Prometheus for all the clusters discovered using this instance of the configured adapter.
    Note:
    • cAdvisor - Kubelet and cAdvisor – Daemonset both refer to cAdvisor. The difference is in the way cAdvisor is deployed. If you select Kubelet or DaemonSet for cAdvisor, you can select a cAdvisor service running inside the Kubelet or the one deployed externally as a DaemonSet respectively.
    • By default, some Kubernetes deployments might have the cAdvisor service disabled on Kubelet. In such a situation, the cAdvisor service must be enabled on Kubelet or a standalone cAdvisor service must be deployed as a DaemonSet.

    cAdvisor Port (DaemonSet)

    Enter the port number if cAdvisor is running as a DaemonSet.

    Note:

    Enter the port only if you have selected cAdvisor – DaemonSet in the Collector Service field.

  4. Select the credential you want to use to sign on to the environment from the drop-down menu. To add new credentials, click the + icon.

    Field Name

    Description

    Credential Kind

    Select the authentication to connect to the Kubernetes API Server. VMware vRealize Operations Management Pack for Kubernetes supports basic, client certificate, and token authentication types.

    Authentication Types:
    • Basic Auth: Uses HTTP basic authentication to authenticate API requests through authentication plugins.
    • Client Certification Auth: Uses client certificates to authenticate API requests through authentication plugins.
    • Token Auth: Uses bearer tokens to authenticate API requests through authentication plugins.
    Credential Name

    Enter the name by which you can identify the configured credentials.

    This will be stored in the Credential section in Integrations.

    Username (if Basic Auth is selected) Enter the username to access the Kubernetes cluster API. This value is present in the username field of the KubeConfig file.

    Password (if Basic Auth

    is selected)

    Enter the password to access the Kubernetes cluster API. This value is present in the password field KubeConfig file.

    Certificate Authority Data (if Client Certificate Auth is selected)

    Enter the Certificate Authority Data to perform TLS validation to connect to the cluster API. This value is present in the certificate-authority-data field in the KubeConfig file. If this value is skipped, then TLS validation will be skipped and the connection to the cluster will be insecure.

    Client Certificate Data (if Client Certificate Auth is selected)

    Enter the Certificate Authority Data of the API server. This value is present in the client-certificate-data field in the KubeConfig file.

    Client Key Data (if Client Certificate Auth is selected)

    Enter the value of the client-key-data field in the KubeConfig file.

    Bearer Token (if Token Auth is selected)

    Enter the value of the Token field from KubeConfig file to authenticate access to Kubernetes API.

    UAA/LDAP Username (only for TKGI Kubernetes clusters)

    Note: This is relevant only for clusters discovered by the TKGI adapter.
    This is the UAA/LDAP username from the TKGI adapter used to authenticate a cluster discovered via the TKGI adapter. This field is automatically populated by vRealize Operations when a TKGI Kubernetes cluster is discovered.

    Enter the details of the proxy server to which vRealize Operations must connect to only if a proxy server is used to connect to TKG

    Proxy Hostname Enter the hostname of the proxy server to which vRealize Operations needs to connect.
    Proxy Port Enter the port of the proxy server.
    Proxy Username Enter the username to authenticate while connecting to the proxy server.
    Proxy Password Enter the password to authenticate while connecting to the proxy server.

    Enter the details of the Prometheus server only if you have selected Prometheus as the collector service. These details will be copied over to each Workload Cluster discovered subsequently.

    Prometheus Server Enter the URL of the Prometheus API server.
    Prometheus endpoint username Enter the username for the Prometheus server.

    Prometheus endpoint password

    Enter the password of the Prometheus server.
  5. Select the collector or collector group on which you want to run the adapter instance from the Collector/Groups drop-down. This option is set to the optimal collector by default.
  6. Click Validate Connection to check if you can successfully connect to the TMC endpoint.
  7. Optionally, use Advanced Settings to define the following:

    Field Name

    Description

    Auto-discover TKG Workload Clusters

    Set this field to Enabled to discover TKG Workload Clusters. vRealize Operations will create create a new Kubernetes adapter instance for every new workload cluster discovered.

    Set this field to Disabled if you want to configure each cluster manually. This is the default option selected.

    Auto-delete TKG Workload Kubernetes Adapter Instance

    Set this field to Enabled to automatically delete the Kubernetes adapter corresponding to a Workload Cluster which has been deleted in the TKG environment.

    Set this field to Disabled, to delete the adapter instances manually. This is the default option selected.

    vCenter Server

    Enter the IP or FQDN of the vCenter server on which the cluster has been created only if the cluster is running on a vCenter Server and this server is already monitored by the vCenter adapter instance.

    This will enable vRealize Operations build the relationship between the Kubernetes nodes and the VMs if the corresponding vCenter is already monitored by vROps.

    Note: For the mapping to occur successfully, the node IP should be the same as the VM IP.
    Java Process Monitoring Set this option to Enabled to monitor any java processes.

    Delete Non-Existent objects older than

    Select the period for which you want to retain the Kubernetes objects in vRealize Operations if they are deleted in the environment.

    Kubernetes entities are often short-lived. If the objects corresponding to these deleted entities are retained in vRealize Operations until the default retention period, there could be an accumulation the storage leading to growing storage requirements. This field allows the user to override the global settings and remove the objects sooner if needed.

    The default period set is the same as the global setting for the vRealize Operations platform. The other options available are – 2 hours, 6 hours, 12 hours and 24 hours.

    Note:

    The object deletion schedule applies to the vRealize Operations Management Pack for Kubernetes only and overrides the global setting object deletion policy.

    cAdvisor Install Check

    Set this field to Enabled to check whether cAdvisor has been installed. Set this field to Disabled to avoid checks to see whether cAdvisor has been enabled. This field is set to Enabled by default.

  8. Click Add.