How to use kwatch to detect crashes in Kubernetes clusters
Published on

How to use kwatch to detect crashes in Kubernetes clusters

Author
Written by Amgad Ramses
    Contents
  1. Configure PagerDuty
  2. Configure kwatch
  3. Deploy kwatch
  4. Conclusion
Discuss on Discord
In this post, you will learn how to set up and deploy kwatch in your Kubernetes cluster to monitor and receive real-time crash alerts through PagerDuty.
kwatch helps you monitor all changes in your Kubernetes cluster. It detects crashes in real-time and publishes notifications to your favorite channels (Slack, Discord, PagerDuty, Telegram, Microsfot Teams and others) instantly.
To go through this tutorial, you'll need a free PagerDuty account and access to a Kubernetes cluster. To try this out, you can use minikube, kind or any other Kubernetes cluster.

Configure PagerDuty

We'll configure a new PagerDuty service through Events API. kwatch will use the events API endpoint and the integration key to send events to PagerDuty.
Follow these steps to configure the PagerDuty service:
  1. After you've logged into your PagerDuty account, click the Service menu and then click the New Service button.
Creating a new PagerDuty service
Creating a new PagerDuty service
PagerDuty dashboard
  1. Name your service test, add a brief description, and click Next.
Creating a new PagerDuty service
Creating a new PagerDuty service
New service
  1. On the next screen, leave the Generate a new Escalation Policy selected and click Next.
Generate a new Escalation Policy
Generate a new Escalation Policy
Using the escalation policy, you can connect services to individual users and/or schedules so correct people get notified in case of an escalation.
  1. On the Alert Grouping page, we can leave the Intelligent option selected and click Next. The alert grouping allows you to combine similar alerts into a single incident to reduce notifications.
  2. On the Integrations page, we'll select the Events API V2 integration by clicking on the check box.
Events API V2 integration
Events API V2 integration
Events API V2 integration
  1. Click Create Service to create the service.
Once the service has been created you'll be presented with the page that shows the integration key and the integration URLs as shown in the image below.
Events API V2 overview
Events API V2 overview
Events API V2 overview
We'll use the integration key to configure kwatch.

Configure kwatch

To configure kwatch we'll download a template ConfigMap and then configure it to use the PagerDuty integration key.
Let's start by obtaining the configuration template first:
curl -L https://raw.githubusercontent.com/abahmed/kwatch/v0.3.0/deploy/config.yaml -o config.yaml
We can now open the config.yaml and configure the PagerDuty key (remove the remaining fields). The config.yaml should look like this:
apiVersion: v1
kind: Namespace
metadata:
  name: kwatch
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: kwatch
  namespace: kwatch
data:
  config.yaml: |
    alert:
      pagerduty:
        integrationKey: <INTEGRATION_KEY>
Make sure to replace the <INTEGRATION_KEY> with the actual integration key value from PagerDuty.
Assuming you have your Kubernetes cluster up and running, you can apply the above config file:
kubectl apply -f config.yaml

Deploy kwatch

With the configuration in place, we can now deploy kwatch.
kubectl apply -f https://raw.githubusercontent.com/abahmed/kwatch/v0.3.0/deploy/deploy.yaml
You will now start receiving PagerDuty alerts whenever there is a pod crash in your Kubernetes cluster!
Let's try this out by creating a simple deployment (httpbin):
kubectl apply -f https://raw.githubusercontent.com/istio/istio/master/samples/httpbin/httpbin.yaml
Once the Pod is up and running, we can edit the deployment and change the image name to a non-existent image – this is just to force the Pod to crash by failing to pull the (non-existent) image.
We can run kubectl edit deploy httpbin and change the docker.io/kennethreitz/httpbin image name to BLAHdocker.io/kennethreitz/httpbin.
As expected, the Pod will fail, and if you look on your PagerDuty dashboard, you'll notice an open incident that contains the details about the failure.
PagerDuty dashboard with an alert
PagerDuty dashboard with an alert
PagerDuty dashboard with an alert

Conclusion

In this blog post, we've introduced a way to use kwatch and PagerDuty to trigger alerts whenever a Pod fails.
We've used the most straightforward configuration to watch all namespaces in the Kubernetes cluster. We could also provide specific namespaces we want to monitor using the' namespaces' field.
In addition to PagerDuty, kwatch also offers integration with Slack, Telegram, Microsoft Teams, Rocket Chat, and Mattermost.
Join the discussion
SHARE THIS ARTICLE
Amgad Ramses

Amgad Ramses

Software Engineer at Trella

Related posts

Traffic Mirroring with Istio Service Mesh
Service Mesh

Traffic Mirroring with Istio Service Mesh

In addition to more “traditional” traffic routing between different service versions, that can be based on a variety of incoming requests properties, such as portions of the URL, header values, request method, etc., Istio also supports traffic mirroring.

Peter Jausovec

Peter Jausovec

Creating a Kubernetes cluster in Google Cloud (LAB)
Kubernetes

Creating a Kubernetes cluster in Google Cloud (LAB)

In this first lab in the series of Kubernetes labs, we'll learn how to create a Kubernetes cluster in Google Cloud

Peter Jausovec

Peter Jausovec

Top Cloud-Native Certifications and Learning Resources
General

Top Cloud-Native Certifications and Learning Resources

A quick overview of top cloud-native certifications - where to take them, how much the certifications cost and which learning resources to use.

Peter Jausovec

Peter Jausovec

How to configure Firebase emulators with Next.js?
Firebase

How to configure Firebase emulators with Next.js?

Firebase emulators are a suite of Firebase service emulators that allow you to run and test your applications locally. This article describes how to configure and use them with Next.js

Peter Jausovec

Peter Jausovec

Docker image tagging scheme
Docker

Docker image tagging scheme

In this short article I'll talk about two things - the latest tag in Docker and why you should be careful when using it and how you should come up with your own tagging scheme for your Docker images.

Peter Jausovec

Peter Jausovec

Kubernetes Development Environment with Skaffold
Kubernetes

Kubernetes Development Environment with Skaffold

One part of the Start Kubernetes course I am working on (in addition to the book and videos) is the interactive labs. The purpose of these labs is to help you learn Kubernetes by solving different tasks, such as creating pods, scaling deployments, and so on. What follows is a quick explanation of how the end-user experience looks like and how I've set up my development environment for it.

Peter Jausovec

Peter Jausovec

;