Code, Cloud & Context

Designing intelligent systems, one layer at a time.

Deep Dives into EKS Monitoring and Observability with CDKv2

Running production workloads on Amazon EKS demands more than basic health checks. After managing dozens of Kubernetes clusters across various industries, I’ve learned that the difference between a resilient system and a fragile one often comes down to how deeply you can see into your infrastructure. This guide shares the observability patterns and CDK-based automation that have proven invaluable in my production environments.

EKS Monitoring and Observability Architecture – A comprehensive view of metrics, logs, traces, and alerting components

The Three Pillars of Observability

Observability in Kubernetes environments rests on three fundamental pillars: metrics, logs, and traces. Each provides a different lens through which to understand system behavior, and together they form a complete picture of what’s happening inside your clusters.

Metrics tell you what is happening at any given moment. CPU utilization, memory consumption, request rates, and error counts provide quantitative measurements that can trigger alerts and inform scaling decisions. In EKS, metrics flow from multiple sources: the Kubernetes API server, node-level exporters, and application-specific endpoints.

Logs capture the narrative of your system’s behavior. Container stdout/stderr, application logs, and audit logs from the control plane create a detailed record of events. The challenge in Kubernetes is aggregating logs from ephemeral containers that may be rescheduled across nodes at any time.

Traces reveal the journey of individual requests through your distributed system. When a user action triggers calls across multiple microservices, traces connect those disparate events into a coherent story, making it possible to identify bottlenecks and failures in complex architectures.

Building the Metrics Pipeline with CDK

AWS CDK transforms infrastructure provisioning from manual configuration into repeatable, version-controlled code. For EKS monitoring, this means we can define our entire observability stack as Python constructs that deploy consistently across environments.

The foundation starts with Container Insights, which provides out-of-the-box metrics for EKS clusters. However, production systems typically need custom metrics that reflect business-specific concerns. Here’s how I structure the monitoring stack:

from aws_cdk import (
    Stack,
    aws_cloudwatch as cloudwatch,
    aws_sns as sns,
    aws_cloudwatch_actions as cw_actions,
    Duration,
)
from constructs import Construct

class EKSObservabilityStack(Stack):
    def __init__(self, scope: Construct, id: str, cluster_name: str, **kwargs):
        super().__init__(scope, id, **kwargs)
        
        # Create SNS topic for alerts
        alert_topic = sns.Topic(
            self, "EKSAlertTopic",
            display_name=f"{cluster_name}-alerts"
        )
        
        # CPU utilization alarm with stabilization
        cpu_alarm = cloudwatch.Alarm(
            self, "HighCPUAlarm",
            metric=cloudwatch.Metric(
                namespace="ContainerInsights",
                metric_name="pod_cpu_utilization",
                dimensions_map={"ClusterName": cluster_name},
                statistic="Average",
                period=Duration.minutes(5)
            ),
            threshold=80,
            evaluation_periods=3,
            comparison_operator=cloudwatch.ComparisonOperator.GREATER_THAN_THRESHOLD,
            alarm_description="Pod CPU utilization exceeds 80% for 15 minutes"
        )
        cpu_alarm.add_alarm_action(cw_actions.SnsAction(alert_topic))
        
        # Memory pressure alarm
        memory_alarm = cloudwatch.Alarm(
            self, "MemoryPressureAlarm",
            metric=cloudwatch.Metric(
                namespace="ContainerInsights",
                metric_name="pod_memory_utilization",
                dimensions_map={"ClusterName": cluster_name},
                statistic="Average",
                period=Duration.minutes(5)
            ),
            threshold=85,
            evaluation_periods=2,
            comparison_operator=cloudwatch.ComparisonOperator.GREATER_THAN_THRESHOLD
        )
        memory_alarm.add_alarm_action(cw_actions.SnsAction(alert_topic))

Log Aggregation Architecture

Container logs in EKS present unique challenges. Pods are ephemeral, potentially running on any node in the cluster, and their logs disappear when containers terminate. A robust log aggregation strategy must capture logs in real-time and persist them to durable storage.

Fluent Bit has become my preferred choice for log collection in EKS. Deployed as a DaemonSet, it runs on every node and captures container logs before forwarding them to CloudWatch Logs or OpenSearch. The key configuration decisions involve filtering, parsing, and routing logs based on their source and content.

For production clusters, I implement a tiered retention strategy: recent logs (7-14 days) remain in CloudWatch Logs for quick access, while older logs transition to S3 for cost-effective long-term storage. This approach balances operational needs with cost management.

Distributed Tracing with AWS X-Ray

Tracing becomes essential when debugging issues that span multiple services. AWS X-Ray integrates natively with EKS through the OpenTelemetry Collector, which can be deployed as a sidecar or DaemonSet depending on your instrumentation strategy.

The OpenTelemetry approach offers flexibility: applications instrumented with OpenTelemetry SDKs can export traces to X-Ray, Jaeger, or other backends without code changes. This vendor-neutral approach has saved significant refactoring effort when requirements changed.

Production Alert Design Principles

Effective alerting requires careful thought about what truly warrants human attention. Alert fatigue is real, and teams that receive too many notifications quickly learn to ignore them. My approach follows several principles developed through years of on-call experience.

First, alert on symptoms rather than causes. Users care whether the service is responding, not whether CPU is high. High CPU that doesn’t affect user experience shouldn’t page anyone at 3 AM. Second, include stabilization periods to avoid alerting on transient spikes. A brief CPU spike during deployment is normal; sustained high utilization indicates a problem.

Third, provide actionable context in alert messages. An alert should tell the responder what’s wrong, where to look, and ideally suggest initial investigation steps. Finally, implement escalation paths so that unacknowledged alerts reach additional responders.

Cost-Effective Observability

Observability costs can spiral quickly in large clusters. CloudWatch charges for metrics ingestion, storage, and queries. Log storage costs accumulate with retention. Tracing adds overhead to every request. Managing these costs requires intentional decisions about what to collect and how long to retain it.

Sampling strategies help control tracing costs without sacrificing visibility. Collecting 10% of traces still provides statistical significance for identifying patterns while reducing costs by 90%. For logs, aggressive filtering at the collection layer prevents low-value data from reaching storage.

The Path Forward

EKS observability continues evolving with new AWS services and open-source tools. Amazon Managed Service for Prometheus offers a managed Prometheus-compatible metrics backend. Amazon Managed Grafana provides visualization without operational overhead. These managed services reduce the complexity of running observability infrastructure while maintaining compatibility with existing tooling.

The investment in comprehensive observability pays dividends during incidents. When something goes wrong, and it will, the ability to quickly understand system state, trace request flows, and correlate events across services determines how fast you can restore service. Build your observability foundation before you need it.

References

Mastering AWS EKS Deployment with Terraform: A Comprehensive Guide

Introduction: Amazon Elastic Kubernetes Service (EKS) simplifies the process of deploying, managing, and scaling containerized applications using Kubernetes on AWS. In this guide, we’ll explore how to provision an AWS EKS cluster using Terraform, an Infrastructure as Code (IaC) tool. We’ll cover essential concepts, Terraform configurations, and provide hands-on examples to help you get started with deploying EKS clusters efficiently.

Understanding AWS EKS: Before diving into the Terraform configurations, let’s familiarize ourselves with some key concepts related to AWS EKS:

Managed Kubernetes Service: EKS is a managed Kubernetes service provided by AWS, which abstracts away the complexities of managing the Kubernetes control plane infrastructure.
High Availability and Scalability: EKS ensures high availability and scalability by distributing Kubernetes control plane components across multiple Availability Zones within a region.
Integration with AWS Services: EKS seamlessly integrates with other AWS services like Elastic Load Balancing (ELB), Identity and Access Management (IAM), and Amazon ECR, simplifying the deployment and operation of containerized applications.

Provisioning AWS EKS with Terraform: Now, let’s walk through the steps to provision an AWS EKS cluster using Terraform:

Setting Up Terraform Environment: Ensure you have Terraform installed on your system. You can download it from the official Terraform website or use a package manager.
Initializing Terraform Configuration: Create a new directory for your Terraform project and initialize it with a main.tf file. Inside main.tf, add the following configuration:

provider "aws" {
  region = "your-preferred-region"
}

module "eks_cluster" {
  source  = "terraform-aws-modules/eks/aws"
  version = "X.X.X"  // Use the latest version

  cluster_name    = "my-eks-cluster"
  cluster_version = "1.21"
  subnets         = ["subnet-1", "subnet-2"] // Specify your subnets
  # Additional configuration options can be added here
}

Replace "your-preferred-region", "my-eks-cluster", and "subnet-1", "subnet-2" with your desired AWS region, cluster name, and subnets respectively.

3. Initializing Terraform: Run terraform init in your project directory to initialize Terraform and download the necessary providers and modules.

4. Creating the EKS Cluster: After initialization, run terraform apply to create the EKS cluster based on the configuration defined in main.tf.

5. Accessing the EKS Cluster: Once the cluster is created, Terraform will provide the necessary output, including the endpoint URL and credentials for accessing the cluster.

IAM Policies and Permissions: To interact with the EKS cluster and underlying resources, you need to configure IAM policies and permissions.

Here’s a basic IAM policy that grants necessary permissions for managing EKS clusters, EC2 and S3 related resources:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "eks:*",
      "Resource": "*"
    },
    {
       "Effect": "Allow",
       "Action": "ec2:*",
       "Resource": "*"
    },
    {
       "Effect": "Allow",
       "Action": "s3:*",
       "Resource": "*"
    },
    {
       "Effect": "Allow",
       "Action": "iam:*",
       "Resource": "*"
    }
   
  ]
}

Make sure to attach this policy to the IAM role or user that Terraform uses to provision resources.

Conclusion: In this guide, I’ve covered the process of provisioning an AWS EKS cluster using Terraform, along with essential concepts and best practices. By following these steps and leveraging Terraform’s infrastructure automation capabilities, you can streamline the deployment and management of Kubernetes clusters on AWS. Experiment with different configurations and integrations to tailor your EKS setup according to your specific requirements and workload characteristics. Happy clustering!

Additional References:

AWS EKS Documentation – Official documentation providing in-depth information about Amazon EKS, including getting started guides, best practices, and advanced topics.
Terraform AWS EKS Module – Official Terraform module for provisioning AWS EKS clusters. This module simplifies the process of setting up EKS clusters using Terraform.
IAM Policies for Amazon EKS – Documentation providing examples of IAM policies for Amazon EKS, helping you define fine-grained access controls for EKS clusters and resources.
Kubernetes Documentation – Official Kubernetes documentation offering comprehensive guides, tutorials, and references for learning Kubernetes concepts and best practices.

Mastering AWS, EKS, Python, Kubernetes, and Terraform for Monitoring and Observability for SRE: Unveiling the Secrets of Cloud Infrastructure Optimization

As the world of software development continues to evolve, the need for robust infrastructures and efficient monitoring systems cannot be overemphasized. Whether you are an engineer, a site reliability engineer (SRE), or an IT manager, the need to harness the power of tools like Amazon Web Services (AWS), Elastic Kubernetes Service (EKS), Kubernetes, Terraform, and Python are fundamental in ensuring observability and effective monitoring of your applications. This blog series will introduce you to the fascinating world of these technologies and how they work together to ensure optimal performance and observability for your applications.

A Dive into Amazon Web Services (AWS)

Amazon Web Services (AWS) is the global leader in cloud computing. It provides a vast arsenal of services that cater to different computing, storage, database, analytics, and deployment needs. AWS services are designed to work seamlessly together, to provide a comprehensive, scalable, and cost-effective solution for businesses of all sizes.

In the context of observability, AWS offers services like CloudWatch and X-Ray. These services offer significant insights into the performance of your applications and the state of your AWS resources. CloudWatch enables you to collect and track metrics, collect and monitor log files, and respond to system-wide performance changes. On the other hand, X-Ray provides insights into the interactions of your applications and their underlying services.

AWS also integrates with Kubernetes – an open-source platform that automates the deployment, scaling, and management of containerized applications. Kubernetes on AWS offers you the power to take full advantage of the benefits of running containers on AWS.

Elastic Kubernetes Service (EKS)

So, what is Elastic Kubernetes Service (EKS)? EKS is a fully managed service that makes it easy for you to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane. It offers high availability, security, and scalability for your Kubernetes applications.

With EKS, you can easily deploy, scale, and manage containerized applications across a cluster of servers. It also integrates seamlessly with other AWS services like Elastic Load Balancer (ELB), Amazon RDS, and Amazon S3.

Getting started with EKS is quite straightforward. You need to set up your AWS account, create an IAM role, create a VPC, and then create a Kubernetes cluster. With these steps, you have your Kubernetes environment running on AWS. The beauty of EKS is its simplicity and ease of use, even for beginners.

Kubernetes & Terraform

Kubernetes and Terraform combine to provide a powerful mechanism for managing complex, multi-container deployments.

Kubernetes: Kubernetes, often shortened as K8s, is an open-source platform designed to automate deploying, scaling, and operating application containers. It groups containers that make up an application into logical units for easy management and discovery.
Terraform: Terraform, on the other hand, is a tool for building, changing, and versioning infrastructure safely and efficiently. It is a declarative language that describes your infrastructure as code, allowing you to automate and manage your infrastructure with ease.
Kubernetes & Terraform Together: When used together, Kubernetes and Terraform can provide a fully automated pipeline for deploying and scaling applications. You can define your application infrastructure using Terraform and then use Kubernetes to manage the containers that run your applications.

Python for Monitoring & Observability

Python is a powerful, high-level programming language known for its simplicity and readability. It is increasingly becoming a preferred language for monitoring and observability due to several reasons.

Versatility

Python is a versatile language with a rich set of libraries and frameworks that aid monitoring and observability. Libraries like StatsD, Prometheus, and Grafana can integrate with Python to provide powerful monitoring solutions.

Simplicity

Python’s simplicity and readability make it an excellent choice for writing and maintaining scripts for monitoring and automating workflows in the DevOps pipeline.

Performance

Although Python may not be as fast as some other languages, its adequate performance and the productivity gains it provides make it a suitable choice for monitoring and observability.

Community Support

Python has one of the most vibrant communities of developers who constantly contribute to its development and offer support. This means that you can easily find resources and solutions to any problems you might encounter.

AWS Monitoring

Monitoring is an essential aspect of maintaining the health, availability, and performance of your AWS resources. AWS provides several tools for monitoring your resources and applications.

CloudWatch: Amazon CloudWatch is a monitoring service for AWS resources and applications. It allows you to collect and track metrics, collect and monitor log files, and set alarms.
X-Ray: AWS X-Ray helps developers analyze and debug distributed applications. With X-Ray, you can understand how your application and its underlying services are performing and where bottlenecks are slowing you down.
Trusted Advisor: AWS Trusted Advisor is an online resource that helps you reduce cost, improve performance, and increase security by optimizing your AWS environment.

The Role of Observability

Observability is the ability to understand the state of your systems by observing its outputs. In the context of AWS, EKS, Kubernetes, Terraform, and Python, observability means understanding the behavior of your applications and how they interact with underlying services.

Observability is like a compass in the world of software development. It guides you in understanding how your systems operate, where the bottlenecks are, and what you need to optimize for better performance. AWS, EKS, Kubernetes, Terraform, and Python offer powerful tools for enhancing observability.

Observability goes beyond monitoring. While monitoring tells you when things go wrong, observability helps you understand why things went wrong. This is crucial in the DevOps world where understanding the root cause of problems is paramount.

SRE Principles in Practice

Site Reliability Engineering (SRE) is a discipline that applies software engineering principles to operations with a goal of creating ultra-scalable and highly reliable software systems. AWS, EKS, Kubernetes, Terraform, and Python are tools that perfectly align with SRE principles.

The primary goal of SRE is to balance the rate of change with the system’s stability. This requires an understanding of the systems and the ability to observe their behavior. AWS, EKS, Kubernetes, Terraform, and Python provide the mechanisms to achieve this balance.

SRE involves automating as much as possible. AWS provides the infrastructure, EKS and Kubernetes handle the orchestration of containers, Terraform manages the infrastructure as code, and Python scripts can automate workflows. With these tools, you can create an environment where the principles of SRE can thrive.

AWS EKS Monitoring and Observability Architecture showing the complete monitoring stack including CloudWatch, X-Ray, Prometheus, Grafana, Container Insights, and alerting components

Therefore, AWS, EKS, Kubernetes, Terraform, and Python are not just tools but enablers of a more efficient, reliable, and robust software ecosystem. By leveraging these technologies, you can create systems that are not just observable but also robust and scalable.

Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

Copyright © 2005 - 2025 - Code, Cloud & Context ™ of Nithin Mohan T K's Blog- All Rights Reserved

Searching in