OneLens Agent

Overview

The OneLens Agent is a read-only agent that integrates seamlessly with your EKS Kubernetes cluster. It connects your cluster to the OneLens platform, allowing you to monitor resources, track metrics, optimize costs, and generate detailed reports on resource utilization.

Data Collection

The agent collects a comprehensive set of data to give you the insights you need to optimize your Kubernetes environment. Here’s a breakdown of the data:

High-Level Data

Kubernetes Resources: Information on the state, attributes and labels of resources in your cluster.
Usage Metrics: Data on resource allocation and usage (e.g. CPU, memory).
Cost Data: Insights into the cost of workloads, including idle and overhead costs.

Low Level Details

Architecture

The OneLens K8 Agent uses several components to collect and send data from your Kubernetes cluster to OneLens. Below is an overview of the core components involved:

Internal Component

OneLens Deployer: A temporary Kubernetes job deployed via Helm to onboard EKS clusters. It sets up the full OneLens agent stack with temporary RBAC permissions.
OneLens Updater: Responsible for any daily maintenance and patching of the agent, as and when available.
OpenCost: An open-source project that measures cloud infrastructure and container costs, enabling real-time cost monitoring for Kubernetes.
Prometheus: An open-source project for collecting and storing metrics, used in conjunction with OpenCost to scrape and store resource allocation and usage data.
OneLens Exporter: A light weight stateless component that collects data from OpenCost and Prometheus every 60 minutes (or configured duration) and pushes it to the OneLens S3 bucket for analysis.

External Dependencies

S3: A storage service used to temporarily hold cluster data before it is processed by the OneLens platform, encrypted with KMS
ECR (Elastic Container Registry): Stores container images for the OneLens components, which are pulled during pod startup or restarts.
OneLens Backend: Provides runtime configuration to the Exporter.

The tools and source codes are referenced in the Artifacts section.

Privacy and Security

The OneLens K8 Agent is designed with privacy and security in mind:

Read-Only Access: The agent operates with read-only access to your cluster, meaning it only collects data and does not modify any resources or configurations.
No Access to Secrets: The agent does not access secrets, config maps, or sensitive environment variables within your cluster.
Encrypted Transmission: All data is transmitted securely using TLS 1.3, ensuring confidentiality.
Access Control: The S3 bucket where your data is stored is private and can only be accessed through secure, time-limited pre-signed URLs.

Data Retention

After setup, the agent starts collecting data and storing it in the Prometheus server. The retention of data depends on the number of pods in your cluster. The recommended configuration is to use dynamic scaling for Prometheus, with a PVC size of 10GB.

Here’s an estimate of how long your data will be retained:

Pod Count

Retention Period

10-50

45 Days

50-100

30 Days

100-500

10 Days

Beyond 500

Proportionally Lower

Cost Associated with Agent

The OneLens agent runs as a set of lightweight pods within the cluster. These pods monitor container-level metrics, resource limits, and usage trends. The cost structure is mainly influenced by the number of pods in the cluster.

The agent incurs a cost per cluster, based on pod count:

Cluster Size (Pods)

CPU (Cores)

Memory (GB)

Total Monthly Cost ($)

< 100

0.237

1.33

$17.98

100-499

0.386

1.92

$35.94

500-999

0.587

3.70

$35.94

1000-1499

0.696

5.47

$71.88

1500-2000

0.805

7.25

$99.00

For further details on how to set up the agent and onboard a cluster, visit the Onboarding a K8s Cluster section.

PreviousKubernetes NextOnboarding a K8s Cluster

Last updated 1 month ago