Enable AKS Container insights#
Operational Excellence · Azure Kubernetes Service · Rule · 2021_09 · Important
Enable Container insights to monitor AKS cluster workloads.
Description#
With Container insights, you can use performance charts and health status to monitor AKS clusters, nodes and pods. Container insights delivers quick, visual and actionable information: from the CPU and memory pressure of your nodes to the logs of individual Kubernetes pods.
Recommendation#
Consider enabling Container insights for AKS clusters. Monitoring containers is critical, especially when running production AKS clusters at scale with multiple applications.
Examples#
Configure with Azure template#
To enable Container insights for an AKS cluster:
- Set
properties.addonProfiles.omsAgent.enabledtotrue. - Set Log Analytics workspace ID with
properties.addonProfiles.omsAgent.config.logAnalyticsWorkspaceResourceID.
For example:
Azure Template snippet
{
"comments": "Azure Kubernetes Cluster",
"apiVersion": "2020-12-01",
"dependsOn": [
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('identityName'))]"
],
"type": "Microsoft.ContainerService/managedClusters",
"location": "[parameters('location')]",
"name": "[parameters('clusterName')]",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('identityName'))]": {}
}
},
"properties": {
"kubernetesVersion": "[parameters('kubernetesVersion')]",
"disableLocalAccounts": true,
"enableRBAC": true,
"dnsPrefix": "[parameters('dnsPrefix')]",
"agentPoolProfiles": [
{
"name": "system",
"osDiskSizeGB": 32,
"count": 3,
"minCount": 3,
"maxCount": 10,
"enableAutoScaling": true,
"maxPods": 50,
"vmSize": "Standard_D2s_v3",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vnetSubnetID": "[variables('clusterSubnetId')]",
"mode": "System",
"osDiskType": "Ephemeral",
"scaleSetPriority": "Regular"
}
],
"aadProfile": {
"managed": true,
"enableAzureRBAC": true,
"adminGroupObjectIDs": "[parameters('clusterAdmins')]",
"tenantID": "[subscription().tenantId]"
},
"networkProfile": {
"networkPlugin": "azure",
"networkPolicy": "azure",
"loadBalancerSku": "Standard",
"serviceCidr": "192.168.0.0/16",
"dnsServiceIP": "192.168.0.4",
"dockerBridgeCidr": "172.17.0.1/16"
},
"autoUpgradeProfile": {
"upgradeChannel": "stable"
},
"addonProfiles": {
"azurepolicy": {
"enabled": true,
"config": {
"version": "v2"
}
},
"omsagent": {
"enabled": true,
"config": {
"logAnalyticsWorkspaceResourceID": "[parameters('workspaceId')]"
}
},
"kubeDashboard": {
"enabled": false
}
}
}
}
Configure with Azure CLI#
Enable for default Log Analytics workspace#
Azure CLI snippet
az aks enable-addons \
--addons monitoring \
--name '<cluster_name>' \
--resource-group '<cluster_resource_group>'
Enable for an existing Log Analytics workspace#
Azure CLI snippet
az aks enable-addons \
--addons monitoring \
--name '<cluster_name>' \
--resource-group '<cluster_resource_group>' \
--workspace-resource-id '<workspace_id>'
Links#
- Container Insights
- Monitor your Kubernetes cluster performance with Container insights
- Container insights overview
- Enable monitoring of a new Azure Kubernetes Service (AKS) cluster
- Enable monitoring of Azure Kubernetes Service (AKS) cluster already deployed
- Azure deployment reference