search

kubecost / kubecost-cloud-agent

The Helm chart for the Kubecost Cloud agent install process
Apache License 2.0
3 stars 4 forks source link

Support GKE Autopilot #21

Open nikhiljha opened 7 months ago

nikhiljha commented 7 months ago

When running the helm install command given in the dashboard... 

Release "kubecost-cloud" does not exist. Installing it now.
W0215 14:30:11.250680   80804 warnings.go:70] autopilot-default-resources-mutator:Autopilot updated DaemonSet kubecost-cloud/kubecost-cloud-network-costs: adjusted resources to meet requirements for containers [kubecost-cloud-network-costs] (see http://g.co/gke/autopilot-resources)
W0215 14:30:11.357355   80804 warnings.go:70] autopilot-default-resources-mutator:Autopilot updated Deployment kubecost-cloud/kubecost-cloud-prometheus-server: defaulted unspecified resources for containers [prometheus-server-configmap-reload, prometheus-server] (see http://g.co/gke/autopilot-defaults)
W0215 14:30:11.369829   80804 warnings.go:70] autopilot-default-resources-mutator:Autopilot updated Deployment kubecost-cloud/kubecost-cloud-cloud-agent: defaulted unspecified resources for containers [kubecost-cloud-cloud-agent] (see http://g.co/gke/autopilot-defaults)
Error: 1 error occurred:
    * admission webhook "warden-validating.common-webhooks.networking.gke.io" denied the request: GKE Warden rejected the request because it violates one or more constraints.
Violations details: {"[denied by autogke-disallow-hostnamespaces]":["enabling hostNetwork is not allowed in Autopilot."],"[denied by autogke-disallow-privilege]":["container kubecost-cloud-network-costs is privileged; not allowed in Autopilot"],"[denied by autogke-no-host-port]":["container kubecost-cloud-network-costs specifies host ports [3001], which are disallowed in Autopilot."],"[denied by autogke-no-write-mode-hostpath]":["hostPath volume nf-conntrack in container kubecost-cloud-network-costs is accessed in write mode; disallowed in Autopilot.","hostPath volume netfilter in container kubecost-cloud-network-costs is accessed in write mode; disallowed in Autopilot."]}
dwbrown2 commented 7 months ago

@AjayTripathy @mbolt35 do you know how we are handling this? I believe hostnetwork access is required for this pod.

@nikhiljha are you able to confirm everything deployed as expected without network-costs enabled?

AjayTripathy commented 7 months ago

I can confirm hostnetwork access is required for network costs. It's currently a hard requirement though we can take this into consideration for future releases.

Note that you can still view network costs in GKE autopilot with GKE cost report integration; we just won't be able to break it down precisely on a per-pod basis. Instead, each pod gets a cost-weighted share of the node's network price based on the node it's running on

nikhiljha commented 7 months ago

I wanted something like kubectl cost that would show me a list of pods and the $/hr they cost (which should be fairly simple for autopilot) but it doesn't look like kubecost can do this so I gave up :(

AjayTripathy commented 7 months ago

Hi @nikhiljha it's surprising that this doesn't work out of the box. Can you share the exact helm install command you used?

AjayTripathy commented 7 months ago

Also, you can try to run the helm command with --set networkCosts.enable=true