Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cloudadmins Barcelona: Meetup 19/12/2020

Cloudadmins Barcelona: Meetup 19/12/2020

Elastic Observability Session

Ad1c82ecc2805dfe387b1b9713aba97a?s=128

Cloudadmins Barcelona

November 19, 2020
Tweet

Transcript

  1. Infrastructure monitoring with Elastic Carlos Pérez-Aradros Herce - Platform Integrations

    Tech Lead 19 Nov 2020
  2. Carlos Pérez-Aradros Herce Tech lead - Integrations platforms carlos@elastic.co exekias

  3. Elastic is a search company.

  4. Search. Observe. Protect.

  5. 3 solutions Elastic Enterprise Search Elastic Security Elastic Observability

  6. Elastic Enterprise Search Elastic Security Elastic Observability Kibana Elasticsearch Beats

    Logstash 3 solutions powered by 1 stack Elastic Stack
  7. SaaS Orchestration Elastic Cloud on Kubernetes Elastic Cloud Elastic Cloud

    Enterprise Elastic Enterprise Search Elastic Security Elastic Observability Kibana Elasticsearch Beats Logstash Deploy anywhere. Powered by the Elastic Stack 3 solutions Deployed anywhere
  8. Elastic Observability Logs Metrics APM Uptime

  9. Unified visibility across your entire ecosystem Bring your logs, metrics,

    and traces together into a single stack so you can monitor, detect, and react to events with speed. ELASTIC OBSERVABILITY
  10. Cloud monitoring

  11. You don’t choose multi-cloud; multi-cloud chooses you. Enterprise Cloud Strategy

    More than 1000 employees Multiple public Single public Single private Multi-cloud 93% Source: Flexera 2020 State of the Cloud Report Hybrid cloud 87% 6% 6% 1%
  12. Beats: The Lightweight Shippers of the Elastic Stack auditbeat filebeat

    heartbeat metricbeat packetbeat winlogbeat
  13. On-Premises alerting User group A User group B Observability With

    Multi-Cloud
  14. APM Logs&Metrics API API Azure Monitor Event Hub APM GCP

    Stackdriver Logs&Metrics API APM Logs&Metrics API AWS CloudWatch CCS CCS CCS Future: Multi-Cloud and Cross Cluster
  15. Method 1 Metrics Azure Services GCP Services Stackdriver Monitoring Monitor

    CloudWatch Method 2 AWS Services
  16. Configuration Example – module: aws period: 5m metricsets: – ec2

    credential_profile_name: elastic – module: googlecloud period: 1m metricsets: – compute region: "us-" project_id: "elastic-observability" credentials_file_path: "/Desktop/gcp_creds.json" exclude_labels: false – module: azure period: 300s metricsets: – compute_vm client_id: '$AZURE_CLIENT_ID""}' client_secret: '$AZURE_CLIENT_SECRET""}' tenant_id: '$AZURE_TENANT_ID""}' subscription_id: '$AZURE_SUBSCRIPTION_ID""}' refresh_list_interval: 600s
  17. GCP BigQuery AWS Cost Explorer AWS CloudWatch Azure Cost Management

    Billing Billing
  18. AWS Services Azure Services GCP Services SQS S3 CloudWatch Event

    Hub PubSub Logs
  19. filebeat.inputs: – type: awscloudwatch credential_profile_name: elastic-beats log_group_arn: arn:aws:logs:us-east-1123:log-group:test:* region: us-east-1

    scan_frequency: 30s start_position: beginning api_timeout: 5m filebeat.inputs: – type: s3 queue_url: https://sqs.us-east-1.amazonaws.com/123/test-fb-ks credential_profile_name: elastic-beats json.message_key: Records Configuration Example Using Inputs
  20. Kubernetes monitoring

  21. cluster Kubernetes: pods, nodes, cluster node kubelet proxy node kubelet

    proxy node kubelet proxy node kubelet proxy - pod schedule
  22. Monitoring kubernetes environments

  23. Monitoring kubernetes environments - What to monitor - Hosts -

    Containers - Containerized applications - Kubernetes components - Metrics sources - cAdvisor, kubelet - kube-state-metrics - Prometheus - APM Metricbeat Heapster Prometheus ... Elasticsearch Kibana
  24. Metadata processors - ECS Enrich events with useful metadata to

    correlate logs, metrics & traces • cloud.availability_zone • cloud.region • cloud.instance_id • cloud.machine_type • cloud.project_id • cloud.provider • docker.container.id • docker.container.image • docker.container.name • docker.container.labels • kubernetes.pod.name • kubernetes.namespace • kubernetes.labels • kubernetes.annotations • kubernetes.container.name • kubernetes.container.image add_cloud_metadata add_docker_metadata add_kubernetes_metadata
  25. Kubernetes deployment Node 1 Metricbeat Filebeat Node 2 Metricbeat Filebeat

    Node n Metricbeat Filebeat Filebeat DaemonSet Metricbeat DaemonSet
  26. Inventory view Birds-eye view of your kubernetes clusters

  27. Node Metricbeat Autodiscover Oh no! My applications are moving! Logs

    Metrics nginx Elasticsearch metricbeat.autodiscover: providers: - type: kubernetes host: ${HOSTNAME} templates: - condition.contains: kubernetes.container.name: nginx config: - module: nginx period: 10s metricsets: ["stubstatus"] hosts: ["${data.host}:8080"]
  28. Metricbeat Autodiscover

  29. Hints based auto-discovery - Hints tell Metricbeat how to get

    metrics for the given container. - It looks for hints in K8s Pod annotations or Docker labels which have the prefix co.elastic.metrics . - As soon as the container starts, Metricbeat will check if it contains any hints and launch the proper config for it. metricbeat.autodiscover: providers: - type: kubernetes hints.enabled: true annotations: co.elastic.metrics/module: prometheus co.elastic.metrics/metricsets: collector co.elastic.metrics/hosts: '${data.host}:9090' co.elastic.metrics/period: 1m
  30. Demo time

  31. Service: “beats-demo” LoadBalancer Deployment: “beats-demo“ Demo scenario: http://34.77.157.229 Pod Pod

    ... Deployment: “mysql“ Logs Metrics Network analytics App Performance Metrics Pod
  32. Elastic is a Search Company. www.elastic.co Thank You