# Application Study Tool k8s **Repository Path**: f5-dev-ops/application-study-tool-k8s ## Basic Information - **Project Name**: Application Study Tool k8s - **Description**: Host Application Study Tool in a single node K8S, for example Microk8s. - **Primary Language**: YAML - **License**: Apache-2.0 - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2025-02-20 - **Last Updated**: 2025-02-20 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # Application Study Tool k8s ## 介绍 在单节点K8S(例如 MicroK8S)上部署 Application Study Tool, 该项目引用了AST作为子模块。 ## 安装配置 参考您使用的 K8S 发行版文档,安装 K8S 集群。例如 [MicroK8S](https://microk8s.io/#install-microk8s) 。 ```bash sudo snap install microk8s --classic ``` 如果需要,也可开启一些必要的相关服务: ```bash microk8s.enable dns dashboard registry ``` ### 安装 Application Study Tool K8S 连同子模块一起克隆 [release](https://gitee.com/f5-dev-ops/application-study-tool-k8s.git)。 ```shell # Clone the repo git clone clone --recurse-submodules https://gitee.com/f5-dev-ops/application-study-tool-k8s.git cd application-study-tool-k8s/ast # 编辑您的环境的默认设置 # (查看下面 "Configure Default Device Settings" 的部分) vi ./config/ast_defaults.yaml # 编辑设备/连接配置文件信息 # (查看下面 "Configure Devices To Scrape" 的部分) vi ./config/bigip_receivers.yaml # 运行配置创建程序 $ pip install PyYAML==6.0.2 $ python src/config_helper.py --generate-config # 修改yaml文件中的环境变量 cd .. vi otel-collector-deployment.yaml # 修改下列环境变量,包括用户名和密码等信息 apiVersion: v1 kind: ConfigMap metadata: name: otel-collector-config data: # Add your .env content here GF_SECURITY_ADMIN_USER: "admin" GF_SECURITY_ADMIN_PASSWORD: "admin" SENSOR_SECRET_TOKEN: "YOUR_TOKEN" SENSOR_ID: "YOUR_ID" # Add your .env.device-secrets content here BIGIP_PASSWORD_1: "BIG-IP_SECRET_PASSWORD" BIGIP_PASSWORD_2: "ANOTHER_SECRET_PASSWORD" # vi grafana-deployment.yaml # 修改下列环境变量,包括用户名和密码等信息 apiVersion: v1 kind: ConfigMap metadata: name: grafana-config data: # Add your .env content here GF_SECURITY_ADMIN_USER: "admin" GF_SECURITY_ADMIN_PASSWORD: "admin" SENSOR_SECRET_TOKEN: "YOUR_TOKEN" SENSOR_ID: "YOUR_ID" # 部署prometheus、otel-collector 和grafana。 对于多节点K8S集群,注意修改prometheus-deployment.yaml 以及 grafana-deployment 文件中的volume选项。 $ kubectl apply -f prometheus-deployment.yaml $ kubectl apply -f otel-collector-deployment.yaml $ kubectl apply -f grafana-deployment.yaml # 查看 Grafana 服务的状态 $ kubectl get svc grafana # 访问 Grafana 服务 $ kubectl port-forward svc/grafana 3000:3000 ``` ### 配置 BIG-IP 回指路由 在 BIG-IP 上配置回指路由,以便 OTEL Collector 可以从 BIG-IP 收集数据。例如配置带内路由指向 MicroK8S 节点的 IP 地址。 ```bash root@(bigip1)(cfg-sync Standalone)(Active)(/Common)(tmos)# list net route microk8s-pod net route microk8s-pod { gw 10.1.10.9 network 10.1.243.0/24 } root@(bigip1)(cfg-sync Standalone)(Active)(/Common)(tmos)# ``` 如果您的BIG-IP是通过带外地址进行管理,则需要配置管理网段的带外路由。 ### Configure Default Device Settings Edit config/ast_defaults.yaml to reflect common values for your BIG-IPs: ```yaml # These configs are applied to each entry in the bigip_receivers file # where they don't contain an equivalent / overriding entry. bigip_receiver_defaults: # The time to wait between metric collection runs collection_interval: 60s # The username to login to the device with username: admin # The password (not recommended) or a reference to an env variable (recommended) # Below tells the collector to look for an environment variable named # BIGIP_PASSWORD_1 password: "${env:BIGIP_PASSWORD_1}" # The data_types that should be enabled or disabled. # DNS and GTM are disabled by default and users can enable those modules # on all devices by setting the below to true. # A full list of data_types is at https://f5devcentral.github.io/application-study-tool/components/otel_collector/receiver_readme.html. data_types: f5.dns: enabled: false f5.gtm: enabled: false # The TLS settings to use. Either a CA file must be specified or # insecure_skip_verify set to true (not recommended). tls: # Secure TLS communication requires mounting the certificate bundle # used to sign the BigIP certificates. Though not recommended, in the # case of self-signed certificates or for testing purposes, you can skip # this check by setting this field to true. insecure_skip_verify: false # The path to a CA File used to validate BIG-IP certificates. This is required # if tls_insecure_skip_verify is set to false. See below for details. ca_file: "" ``` ### Configure Devices To Scrape Edit the device list in config/bigip_receivers.yaml: ```yaml #### Values not explicitly configured here inherit values in ast_defaults.yaml. #### Each entry must have a unique name, starting with bigip/ #### (e.g. bigip/1, bigip/2) bigip/1: #### Endpoint must be specified for each device #### because there's no rational default. #### Set this to the management IP for the device. This must be #### reachable from the Application Study Tool host. endpoint: https://10.0.0.1 #### Override some default settings with device specific values username: SOME_OVERRIDE_ACCOUNT_NAME password: "${SOME_OTHER_ENV_VAR_WITH_ANOTHER_PASSWORD}" #### Everything commented out here gets the value from default # collection_interval: 30s # data_types: # f5.dns: # enabled: false # f5.gtm: # enabled: false # tls: # insecure_skip_verify: true # ca_file: bigip/2: endpoint: https://10.0.0.2 ```