Kubecost를 통한 EKS 비용계산
By Bys on April 5, 2023
Kubecost
Kubecost는 Kubernetes를 사용하는데 있어 실시간 비용과 인사이트를 제공한다고 소개한다. Amazon EKS에서는 Kubecost 번들을 제공하여 EKS의 비용 가시성을 보여준다.
Kubecost Install
Values 파일을 내려 받는다.
wget https://raw.githubusercontent.com/kubecost/cost-analyzer-helm-chart/develop/cost-analyzer/values-eks-cost-monitoring.yaml
EKS 클러스터에 Prometheus 및 Grafana가 이미 설치되어 있는 경우 Kubecost를 통해 추가 설치가 되지 않도록 설정을 변경할 필요가 있다. 또한 여기서는 ALB Ingress를 사용할 예정으로 아래와 같이 Values파일을 수정한다.
values-eks-cost-monitoring.yaml
# global.prometheus.enabled: false
# global.prometheus.fqdn: your-prometheus-endpoint
global:
prometheus:
enabled: false
fqdn: http://prometheus-server.prometheus.svc
notifications:
alertmanager:
fqdn: http://prometheus-alertmanager.prometheus.svc:9093
grafana:
enabled: false
proxy: false
# Don't schedule in fargate nodes.
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: eks.amazonaws.com/compute-type
operator: NotIn
values:
- fargate
# Ingress
ingress:
enabled: true
className: alb
annotations:
alb.ingress.kubernetes.io/load-balancer-name: bys-dev-k8s-alb-etc
alb.ingress.kubernetes.io/group.name: eks-main-etc
alb.ingress.kubernetes.io/subnets: bys-dev-sbn-az1-extelb, bys-dev-sbn-az2-extelb
alb.ingress.kubernetes.io/scheme : internet-facing
alb.ingress.kubernetes.io/security-groups: bys-dev-sg-alb-eks-main-etc
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]'
alb.ingress.kubernetes.io/actions.redirect-to-443: '{"Type": "redirect", "RedirectConfig": {"Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS13-1-2-2021-06
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:ap-northeast-2:xxxxx:certificate/yyyyy
alb.ingress.kubernetes.io/healthcheck-path: /
alb.ingress.kubernetes.io/healthcheck-interval-seconds: '15'
alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '10'
alb.ingress.kubernetes.io/healthy-threshold-count: '2'
alb.ingress.kubernetes.io/unhealthy-threshold-count: '4'
alb.ingress.kubernetes.io/healthcheck-port: traffic-port
alb.ingress.kubernetes.io/success-codes: 200,301,302
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/tags: auto-delete=no
paths: ["/"] # There's no need to route specifically to the pods-- we have an nginx deployed that handles routing
pathType: "Prefix"
hosts:
- kubecost-main.bys.world
tls: []
# - secretName: cert
# hosts:
# - kubecost-main.bys.world
helm upgrade -i kubecost oci://public.ecr.aws/kubecost/cost-analyzer --version 1.102.0 \
--namespace kubecost --create-namespace \
-f values-eks-cost-monitoring.yaml
아래와 같이 kubecost-cost-analyzer가 정상 배포되었는지 확인한다.
# kubectl get po -n kubecost
NAME READY STATUS RESTARTS AGE
kubecost-cost-analyzer-5d894c567f-7hd78 2/2 Running 0 3h31m
k get svc -n kubecost
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubecost-cost-analyzer ClusterIP 172.20.222.215 <none> 9003/TCP,9090/TCP 3h32m
k get ing -n kubecost
NAME CLASS HOSTS ADDRESS PORTS AGE
kubecost-cost-analyzer alb kubecost-main.bys.world xxxxx.ap-northeast-2.elb.amazonaws.com 80 3h32m
2. Kubecost를 통한 모니터링
- References
eks
kubecost
monitoring
]