CRI-O is a light-weight container runtime that implements the Kubernetes Container Runtime Interface (CRI). It was designed as a minimal and independent layer for running and managing containers on Kubernetes worker nodes. CRI-O can be used as an alternative container runtime to the Docker Engine min all Kubernetes-based environments, and, according to RedHat, will be the default container runtime in RedHat’s OpenShift Container Platform 4.0.
Automatic monitoring of applications running in CRI-O containers
Monitoring is key for understanding and safely running highly distributed applications in containerized environments. While black-box monitoring of containers helps you to track and understand the utilization of your infrastructure, it doesn’t give you insights into the actual performance of the applications and their real-time (external) dependencies on applications and services.
Unlike traditional monitoring tools, Dynatrace was the first and only solution to provide full-stack visibility into containerized workloads without requiring you to change a single line of code or any deployment configurations.
We’re happy to announce that we’ve extended these full-stack capabilities for CRI-O containers. Native CRI-O support is now available in Beta for all Kubernetes-based platforms (version 1.12+). Dynatrace CRI-O container monitoring support now includes:
- Auto-monitoring of processes in CRI-O containers
- Auto-code-level visibility into applications in CRI-O containers
- Auto-detection and import of Kubernetes pod metadata for CRI-O containers
- Rule-based control of automated process monitoring in CRI-O containers
These capabilities not only ensure full-stack visibility into containers (down to the code level and database), they’re also key to the automated discovery of your container- and service-to-service dependencies. The real-time dependency model of your whole environment drives the core of Davis, the Dynatrace full-stack root-cause analytics engine.
Enable CRI-O container monitoring for Kubernetes and OpenShift
CRI-O container support is available with the release of Dynatrace OneAgent version 1.163. As this capability is currently available in Beta, it’s disabled by default. You need to enable it to get insights into CRI-O containers.
You’ll find the switch for enabling CRI-O container monitoring on the new Container settings page (Settings > Processes and containers > Container monitoring).
CRI-O container monitoring requires CRI-O version 1.12.6 or higher. In CRI-O version 1.12.5 or lower, there’s a bug with OCI hook directories that you can work around by creating required directories as described in this issue.
We’re continuously extending our capabilities for full-stack container monitoring. We’re working on containerd support (without Docker Engine) for Kubernetes and Cloud Foundry and will also introduce container injection rules for fine-grained control of OneAgent auto-injection capabilities for large scale environments. So stay tuned.