Sysdig Documentation

Workloads Overview

Workloads, in Kubernetes terminology, refers to your containerized applications. Workloads comprise of Deployments, Statefulsets, and Daemonsets within a Namespace. In a Cluster, worker nodes run your application workloads, whereas the master node provides the core Kubernetes services and orchestration for application workloads.

The Workloads Overview page provides the key metrics indicating health, capacity, and compliance.

workloads_overview.png

Scope

The scope of Workloads overview is dictated by five Kubernetes objects: Cluster, Namespace, Deployment, Service, and StatefulSet.

Both the AND and OR operators are used to determining the scope: Clusters AND Namespaces AND Deployments ( a OR b OR c) OR Services ( x OR y OR z) OR StatefulSets ( p OR q OR r).

workload_scope.png

Understanding Workloads Overview Metrics

Description

Color Scheme

Metrics

Pod Restarts

Shows the latest value of kubernetes.pod.restart.rate expressed as a percentage.

Pod restarts should be zero.

The value returned by kubernetes.pod.restart.rate

Group aggregation is Sum.

Time aggregation is rate.

Pod Guage

Represented as Pods Available vs Desired. This is the ratio between the total number of pods available and total number of pods desired for each deployment.

Pods should be 100% available.

Red: The number of available pods are less than the desired number. The ratio between available and desired pods is less than 80%.

Yellow: The ratio of available and desired pods is between 80%-95%.

Green: The ratio of available and desired pods is between 95-100%.

The ratio of kubernetes.daemonSet.pods.ready and kubernetes.daemonSet.pods.desired.

Time aggregation is Average.

Group aggregation is Sum.

CPU Guage

Represented as CPU Used vs Requested. This is the ratio between the total number of CPU cores used and the total number of CPU cores requested by each deployment.

CPU limits dictate the maximum amount of CPU that your container can use independent of contention on the node. The CPU request represents a minimum amount of CPU that a container can consume. If a container attempts to use more than the specified limit, the system throttles the container.

Red: The ratio of used and requested cores is greater than 110%.

Yellow: The ratio of used and requested cores is between 95%-110%.

Green: The ratio of used and requested cores is between 0-95%.

The ratio of kubernetes.deployment.replicas.available (avg, sum) and kubernetes.deployment.replicas.desired (avg, sum).

Time aggregation is Average.

Group aggregation is Sum.

Memory Guage

Represented as Memory Used vs Requested. This is the ratio between the total number of memory used and the total number of memory requested in bytes by each deployment.

Red: The ratio of used and requested memory is greater than 110%.

Yellow: The ratio of used and requested memory is between 95%-110%.

Green: The ratio of used and requested memory is between 0- 95%.

The ratio of memory.bytes.used (avg, sum) and kubernetes.pod.resourceRequests.memBytes (avg, sum)

Time aggregation is Average.

Group aggregation is Sum.

Network I/O

The number of Spark Line.

The value returned by net.bytes.total (avg. avg)

Time aggregation is Average.

Group aggregation is Average.

Events

Shows the severity level and the number of events for each type of severity—High, Low, Medium, and Info—in that order.

Red: The number of events that are in High severity state

Orange: The number of events that are in Medium severity state

Green: The number of events that are in Low severity state

Blue: The number of events that are Info.

Drill-Down Features

Drill down

Drilldowns vary with selection:

  • If a deployment is selected in the Scope you can drill down to the Deployment Overview

  • If a daemonset is selected in the Scope you can drill down to the Daemonset Overview

  • If a statefulset is selected in the Scope you can drill down to the Statefulset Overview

Secure Image Scanning Results

If Sysdig Secure is enabled, clicking the option takes to the Image Scanning page for the selected deployment for further investigation. Image scanning allows you to scan container images for vulnerabilities, secrets, license violations, and reports:

  • Official OS packages

  • Unofficial OS packages

  • Configuration files

  • Credentials files

  • Localization modules and software-specific installers:

    • Javascript with NPM

    • Python PiP

    • Ruby with GEM

    • Java/JVM with .jar archives

  • Image metadata and configuration attributes