Sysdig Monitor is the first and only monitoring, alerting, and troubleshooting solution designed from the ground up to provide unprecedented visibility into containerized infrastructures.
Sysdig Monitor comes with built-in, first class support for Google Container Engine (GKE). In order to start monitoring your Kubernetes cluster on GKE, there are two steps you need to take:
- Sign up for a free trial at https://www.sysdig.com/gke-monitoring
- Install the Sysdig agent container on each Kubernetes Node in your cluster
There are multiple methods for accomplishing this installation, listed below in order of simplicity and automation.
GKE Wizard (Preferred Method)
Note: The current base image used by default in GKE clusters (`cos`) is not compatible with Sysdig. Sysdig is actively discussing options with the GKE team at Google to enable support for this image. In the meantime, the alternative `container-vm` base image will remain supported by both parties until this is resolved. Per Google:
- Container_VM will be supported and patched at least through September 2017. Google has a system that compares the image against the CVE list and regularly patches it for vulnerabilities.
- Once a longer solution is agreed upon, Sysdig will be supported after the Container_VM image without any gaps in support.
To monitor a GKE cluster with Sysdig Monitor, follow these steps:
First, log into your GKE account and set up your container cluster:
The updated GKE interface includes a selector for the "Node image". The current image default `cos` is not compatible with Sysdig due to the lack of kernel header files and kernel configuration needed to build a required kernel module. Upgrade your cluster by selecting the `container-vm` base image:
You are now ready to deploy Sysdig agent by following the installation wizard available in Sysdig Monitor. Please go to Sysdig Monitor GKE Install Wizard and 1) sign in with your Google account and then 2) authorize Sysdig Monitor:
Choose your project then cluster and then click "Deploy Sysdig Monitor":
If all goes well you will see the "Setup is complete" and can now launch the Sysdig Monitor user interface:
If you already have Sysdig Monitor agents installed on your GKE cluster you will see the following error in the previous deployment step:
In this scenario, you need to remove the existing Sysdig Monitor agent installation by going to the Deployment Manager and deleting the two deployments related to sysdig-agent. Note that due to an issue in the API, this will not remove the configured DaemonSet that starts the sysdig-agent pods. You will need to remove the DaemonSet manually.
GUI method to remove Deployment:
Check both 'sdc' items then delete:
The deployment can also be removed using the command line by listing the deployments and removing the two starting with "sdc-agent" and "sdc-cluster" prefixes.
Command Line method to remove Deployment:
gcloud deployment-manager deployments list
NAME LAST_OPERATION_TYPE STATUS DESCRIPTION MANIFEST ERRORS sdc-agent-cluster-1 insert DONE sysdig-cloud-deamonset manifest-1493155796004  sdc-cluster-endpoints-cluster-1 insert DONE sdc-cluster-endpoints manifest-1493155778371 
gcloud deployment-manager deployments delete sdc-agent-cluster-1 gcloud deployment-manager deployments delete sdc-cluster-endpoints-cluster-1
Manually Remove GKE Deployment and Sysdig-Agent DaemonSet:
After removing a deployment via GCP's Deployment Manager or the command line method, you need to manually remove the daemonset:
kubectl get daemonsets NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE-SELECTOR AGE
sysdig-agent 3 3 3 0 0 <none> 3d
kubectl delete daemonsets sysdig-agent daemonset "sysdig-agent" deleted
After removing the deployment and the daemonset, the pods will be automatically removed and the Sysdig wizard can be used again to redeploy the latest agent version.
Creating A Cluster From Command Line
You can create a new GKE cluster with the required base image using the command line and adding the
gcloud container --project "sysdig" clusters create "cluster-2" --zone "us-east1-b"
--machine-type "n1-standard-1" --scope "https://www.googleapis.com/auth/compute",
"https://www.googleapis.com/auth/service.management.readonly" --num-nodes "3"
--network "default" --enable-cloud-logging --enable-cloud-monitoring
Please see the following links for more details:
gcloud container clusters create
Changing Base Image`cos` to `container-vm`
Please refer to Google's documentation here:
Refer to The "Opting out of using Container-VM Image" section which also details how you can opt out of using the `cos` node image on your nodes and continue using the Debian 7-based `container-vm`
Previously referred to as `cgi`, the image name for Container-Optimized-OS node images has been updated to `
Manager (DM) Templates
Sysdig offers prebuilt DM templates which will automatically deploy Sysdig Monitor across an existing Kubernetes cluster on GKE, including all setup and configuration. The templates and full Readme instructions can be found here:
Daemon Set deployment method - recommended for K8s version 1.2+
Replication Controller deployment method - only needed for older versions of K8s
You can also deploy the Sysdig agent container across your environment yourself using Daemon Sets, by following the Sysdig Install: Kubernetes documentation.
Finally, you can also just deploy and configure the Sysdig agent container manually, by following the standard Sysdig Install documentation.