Amazon CloudWatch Agent Operator
The Amazon CloudWatch Agent Operator is software developed to manage the CloudWatch Agent on kubernetes.
This repo is based off of the OpenTelemetry Operator
Build and Deployment
- Set environment variable to name the build image
export CLOUDWATCH_AGENT_OPERATOR_IMAGE="ACCOUNT_ID.dkr.ecr.us-east-1.amazonaws.com/amazon-cloudwatch-agent-operator:latest"
- Build the image using
make container
- Push the image to your local ecr repo
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin <AWS_ACCOUNT_ID>.dkr.ecr.us-east-1.amazonaws.com
docker push <AWS_ACCOUNT_ID>.dkr.ecr.us-east-1.amazonaws.com/amazon-cloudwatch-agent-operator:latest
- Deploy kubernetes objects to your cluster
make deploy
Pre requisites
-
Have an existing kubernetes cluster, such as minikube
-
Install cert-manager on your cluster
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.12.0/cert-manager.yaml
Getting started
- Set a shortcut for kubectl for the operator namespace
kubectl config set-context --current --namespace=amazon-cloudwatch
- Look at all resources created
kubectl get all
- Look at the manager pod logs to ensure the manager is functioning and waiting for workers
kubectl logs amazon-cloudwatch-agent-operator-controller-manager-66f67f47f78
You should see logs that look similar to below
{"level":"info","ts":"2023-06-29T01:37:36Z","msg":"Starting workers","controller":"amazoncloudwatchagent","controllerGroup":"cloudwatch.aws.amazon.com","controllerKind":"AmazonCloudWatchAgent","worker count":1}
- Create an AmazonCloudWatchAgent resource
kubectl apply -f - <<EOF
apiVersion: cloudwatch.aws.amazon.com/v1alpha1
kind: AmazonCloudWatchAgent
metadata:
name: cloudwatch-agent
namespace: amazon-cloudwatch
spec:
mode: daemonset
serviceAccount: cloudwatch-agent
config: |
{
// insert cloudwatch agent config here
}
volumeMounts:
- mountPath: /rootfs
name: rootfs
readOnly: true
- mountPath: /var/run/docker.sock
name: dockersock
readOnly: true
- mountPath: /run/containerd/containerd.sock
name: containerdsock
- mountPath: /var/lib/docker
name: varlibdocker
readOnly: true
- mountPath: /sys
name: sys
readOnly: true
- mountPath: /dev/disk
name: devdisk
readOnly: true
volumes:
- name: rootfs
hostPath:
path: /
- hostPath:
path: /var/run/docker.sock
name: dockersock
- hostPath:
path: /var/lib/docker
name: varlibdocker
- hostPath:
path: /run/containerd/containerd.sock
name: containerdsock
- hostPath:
path: /sys
name: sys
- hostPath:
path: /dev/disk/
name: devdisk
env:
- name: K8S_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: HOST_IP
valueFrom:
fieldRef:
fieldPath: status.hostIP
- name: HOST_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: K8S_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
EOF
- Create Instrumentation resource
kubectl apply -f - <<EOF
apiVersion: cloudwatch.aws.amazon.com/v1alpha1
kind: Instrumentation
metadata:
name: java-instrumentation
namespace: default # use a namespace with pods you'd like to inject
spec:
exporter:
endpoint: http://amazon-cloudwatch-agent.amazon-cloudwatch:4317
propagators:
- tracecontext
- baggage
- b3
- xray
java:
env:
- name: OTEL_METRICS_EXPORTER
value: "none"
- name: OTEL_SMP_ENABLED
value: "true"
EOF
Helpful tools
- This package uses kubebuilder markers to generate kubernetes configs. Run
make manifests
to create crds and roles inconfig/crd
andconfig/rbac
- Generate deepcopy.go by running
make generate
Security
See CONTRIBUTING for more information.
License
This project is licensed under the Apache-2.0 License.