OSDOCS-7789: Mobb Migration

jneczypor · jneczypor · commit 062b9330a1db · 2023-09-19T13:20:19.000-04:00
diff --git a/_images/dashboard.png b/_images/dashboard.png
diff --git a/_topic_maps/_topic_map_rosa.yml b/_topic_maps/_topic_map_rosa.yml
@@ -78,10 +78,12 @@ Topics:
 # - Name: Training for ROSA
 #   File: rosa-training
 #---
-#Name: Tutorials 
-#Dir: rosa_tutorials 
-#Distros: openshift-rosa
-#Topics:
+Name: Tutorials 
+Dir: rosa_tutorials 
+Distros: openshift-rosa
+Topics:
+- Name: Using the AWS CloudWatch agent to publish metrics to CloudWatch in ROSA
+  File: rosa-mobb-aws-cloudwatch-publish-metrics
 ---
 Name: Getting started
 Dir: rosa_getting_started
diff --git a/rosa_tutorials/rosa-mobb-aws-cloudwatch-publish-metrics.adoc b/rosa_tutorials/rosa-mobb-aws-cloudwatch-publish-metrics.adoc
@@ -0,0 +1,179 @@
+:_content-type: ASSEMBLY
+[id="rosa-mobb-aws-cloudwatch-publish-metrics"]
+= Tutorial: Using the AWS CloudWatch agent to publish metrics to CloudWatch in ROSA
+include::_attributes/attributes-openshift-dedicated.adoc[]
+:context: rosa-mobb-aws-cloudwatch-publish-metrics
+
+toc::[]
+
+//Mobb content metadata
+//Brought into ROSA product docs 2023-09-19
+//---
+//date: '2021-10-04'
+//title: Using the AWS Cloud Watch agent to publish metrics to CloudWatch in ROSA
+//tags: ["AWS", "ROSA"]
+//authors:
+//  - Kevin Collins
+//---
+
+include::snippets/mobb-support-statement.adoc[leveloffset=+1]
+
+You can use the AWS CloudWatch agent to scrape Prometheus endpoints and publish metrics to CloudWatch in a {product-title} (ROSA) cluster.
+
+It pulls from The AWS documentation for installing the CloudWatch agent to Kubernetes and collections and publishes metrics for the Kubernetes API Server and provides a simple Dashboard to view the results.
+
+[Important]
+====
+The AWS CloudWatch Agent does link:https://github.com/aws/amazon-cloudwatch-agent/issues/187[not support] pulling all metrics from the Prometheus federated endpoint.
+====
+
+.Prerequisites
+
+* The link:https://aws.amazon.com/cli/[AWS CLI]
+* The link:https://stedolan.github.io/jq/[`jq` command]
+* A ROSA cluster
+
+== Preparing your AWS account
+. Turn off AWS CLI paging:
++
+[source,terminal]
+----
+   export AWS_PAGER=""
+----
+
+. Set the environment variables:
++
+Change the values to suit your environment.
++
+[source,terminal]
+----
+   export CLUSTER_NAME=metrics
+   export CLUSTER_REGION=us-east-2
+   export SCRATCH_DIR=/tmp/scratch
+   mkdir -p $SCRATCH_DIR
+----
+
+. Create an AWS IAM user for CloudWatch:
++
+[source,terminal]
+----
+   aws iam create-user \
+     --user-name $CLUSTER_NAME-cloud-watch \
+     > $SCRATCH_DIR/aws-user.json
+----
+
+. Fetch access and secret keys for the IAM user:
++
+[source,terminal]
+----
+   aws iam create-access-key \
+     --user-name $CLUSTER_NAME-cloud-watch \
+     > $SCRATCH_DIR/aws-access-key.json
+----
+
+. Attach a policy to AWS IAM user:
++
+[source,terminal]
+----
+   aws iam attach-user-policy \
+     --user-name $CLUSTER_NAME-cloud-watch \
+     --policy-arn "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy"
+----
+
+== Deploying the CloudWatch Prometheus agent
+
+. Create a namespace for CloudWatch:
++
+[source,terminal]
+----
+   oc create namespace amazon-cloudwatch
+----
+
+. Download the CloudWatch agent Kubernetes manifests:
++
+[source,terminal]
+----
+   wget -O $SCRATCH_DIR/cloud-watch.yaml https://mobb.ninja/docs/rosa/metrics-to-cloudwatch-agent/cloud-watch.yaml
+----
+
+. Update the CloudWatch agent Kubernetes manifests:
++
+[source,terminal]
+----
+   sed -i .bak "s/__cluster_name__/$CLUSTER_NAME/g" $SCRATCH_DIR/cloud-watch.yaml
+   sed -i .bak "s/__cluster_region__/$CLUSTER_REGION/g" $SCRATCH_DIR/cloud-watch.yaml
+----
+
+. Provide AWS credentials to the CloudWatch agent:
++
+[source,terminal]
+----
+   AWS_ID=`cat $SCRATCH_DIR/aws-access-key.json | jq -r '.AccessKey.AccessKeyId'`
+   AWS_KEY=`cat $SCRATCH_DIR/aws-access-key.json | jq -r '.AccessKey.SecretAccessKey'`
+
+   echo "[AmazonCloudWatchAgent]\naws_access_key_id = $AWS_ID\naws_secret_access_key = $AWS_KEY" \
+     > $SCRATCH_DIR/credentials
+
+   oc --namespace amazon-cloudwatch \
+     create secret generic aws-credentials \
+     --from-file=credentials=$SCRATCH_DIR/credentials
+----
+
+. Allow the CloudWatch agent to run as a root user inside the container:
++
+[source,terminal]
+----
+   oc -n amazon-cloudwatch adm policy \
+     add-scc-to-user anyuid -z cwagent-prometheus
+----
+
+. Apply the CloudWatch agent Kubernetes manifests:
++
+[source,terminal]
+----
+   oc apply -f $SCRATCH_DIR/cloud-watch.yaml
+----
+
+. Check that the pod is running:
++
+[source,terminal]
+----
+   oc get pods -n amazon-cloudwatch
+----
++
+You should see:
++
+[source,terminal]
+----
+   NAME                                  READY   STATUS    RESTARTS   AGE
+   cwagent-prometheus-54cd498c9c-btmjm   1/1     Running   0          60m
+----
+
+== Creating a sample dashboard
+
+. Download the sample dashboard:
++
+[source,terminal]
+----
+   wget -O $SCRATCH_DIR/dashboard.json https://raw.githubusercontent.com/rh-mobb/documentation/main/content/docs/rosa/metrics-to-cloudwatch-agent/dashboard.json
+----
+
+. Update the sample dashboard:
++
+[source,terminal]
+----
+   sed -i .bak "s/__CLUSTER_NAME__/$CLUSTER_NAME/g" $SCRATCH_DIR/dashboard.json
+   sed -i .bak "s/__REGION_NAME__/$CLUSTER_REGION/g" $SCRATCH_DIR/dashboard.json
+----
+
+. Go to the link:https://us-east-2.console.aws.amazon.com/cloudwatch[CloudWatch section] of the AWS Console.
+
+. Create a dashboard and name it "Kubernetes API Server".
+
+. Select *Actions*, then *View/edit source*.
+
+. Paste the JSON contents from `$SCRATCH_DIR/dashboard.json` into the text area.
+
+. View the dashboard:
++
+image::dashboard.png[]
