Terraform-aws-eks: Add support for adding container insights

Created on 26 Aug 2019  路  6Comments  路  Source: terraform-aws-modules/terraform-aws-eks

I have issues

I'm submitting a...

  • [ ] bug report
  • [x] feature request
  • [ ] support request
  • [ ] kudos, thank you, warm fuzzy

What is the current behavior?

I'd like to add support to provision the necessary resources within the cluster to enable Container Insights.

Before I begin, i'm looking for feedback on my approach:

  • New module variable named cluster_container_insights_metrics to turn on feature (default == false)
  • Update the cluster IAM role to include the policy CloudWatchAgentServerPolicy (assuming manage_cluster_iam_resources == true)
  • If enabled, provision the necessary serviceaccount, clusterrole, clusterrolebinding, configmap, daemonset for Container Insights (see: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Container-Insights-setup-EKS-quickstart.html)
  • New module variable named cluster_container_insights_logs to turn on feature (default == false)
  • If enabled, provision the necessary serviceaccount, clusterrole, clusterrolebinding, configmap, daemonset for Container Insights logs(see: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Container-Insights-setup-logs.html)

If this is a bug, how to reproduce? Please include a code sample if relevant.

What's the expected behavior?

When enabled, the cluster has container insights metrics and/or logs configured for the cluster

Are you able to fix this problem and submit a PR? Link here if you have already.

Yes, once I hear 馃憤

Environment details

  • Affected module version:
  • OS:
  • Terraform version:

Any other relevant info

picture cplee

Most helpful comment

Yes, I just noticed this and deleted my comment! arg, wishful thinking.. I imagine if it was available so simply support would have been already added. Thanks

picture moniecodes on 13 Jan 2020
😄1 👍1

All 6 comments

I'm second guessing this idea. Since container insights is still using fluentd, you'll find that it takes a significant amount of resources to run within your cluster. I propose putting this on hold until fluent bit becomes an option for container insights...assuming that is on the roadmap.

cplee picture cplee on 28 Aug 2019

Hi @cplee!

I'm always open to be persuaded but my feeling here would be to not include this. The reasons are covered in https://github.com/terraform-aws-modules/terraform-aws-eks/issues/99 but I'll reiterate here:

  • This module is already complicated enough
  • If we add this then why not Sysdig? and New Relic?
  • There are already much better tools for this that manage installation, upgrades and different settings (Helm)

I would suggest you make a Helm Chart for Container Insights 馃檪

max-rocket-internet picture max-rocket-internet on 29 Aug 2019

Also, FYI there's already a cloudwatch pluging for fluent-bit: https://github.com/aws/amazon-cloudwatch-logs-for-fluent-bit

max-rocket-internet picture max-rocket-internet on 29 Aug 2019

Sounds good, thanks

cplee picture cplee on 29 Aug 2019

@moniecodes I think you are mixing up ECS and EKS.

max-rocket-internet picture max-rocket-internet on 13 Jan 2020
👍1

Yes, I just noticed this and deleted my comment! arg, wishful thinking.. I imagine if it was available so simply support would have been already added. Thanks

moniecodes picture moniecodes on 13 Jan 2020
😄1 👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

tnimni picture tnimni  路  3Comments
bshelton229 picture bshelton229  路  4Comments
mattlawnz picture mattlawnz  路  3Comments
Pratima picture Pratima  路  4Comments
max-rocket-internet picture max-rocket-internet  路  4Comments