Blog

Kubernetes Cost Optimization Made Easy: Efficient Tools for Streamlining FinOps ๐Ÿ’ฐ
Photo by Saifeddine Rajhi

Kubernetes Cost Optimization Made Easy: Efficient Tools for Streamlining FinOps ๐Ÿ’ฐ

โ€ข 8mins read
  • Kubernetes
  • cost optimization
  • FinOps
  • cloud costs
  • K8s
  • DevOps

    Content

    Efficient Tools for Streamlining FinOps ๐Ÿ’ธ

    ๐Ÿ—ฏ Introduction

    As organizations embrace Kubernetes for their containerized workloads, the need for effective cost optimization becomes paramount. To navigate the complex landscape of cloud-native infrastructure, leveraging efficient tools is key to streamlining FinOps practices and maximizing cost savings. Fortunately, a range of efficient tools exists to streamline FinOps practices and drive significant savings.

    In this article, we will discuss cutting-edge solutions such as Cloudability, Kube-Green, Cloud Custodian, and Kubecost. Discover how these tools empower businesses to gain cost visibility, optimize resource utilization, and achieve financial excellence in their Kubernetes deployments. Let's dive into the world of Kubernetes cost optimization made easy. ๐Ÿ’ธ

    finops

    Introduction to Kube-Green ๐Ÿ€

    In the first paragraph of this tutorial, I will explain how Kube-Green was born and why it is useful for reducing the waste of resources.

    The Idea of Kube-Green ๐Ÿ—ฏ

    In a Kubernetes cluster, non-production namespaces typically operate during business hours, which amounts to approximately 40 hours per week out of a total of 168 weekly hours. However, it's common for resources to be allocated to pods in these namespaces even when they are not actively in use. This results in unnecessary consumption of CPU and memory resources.

    Kube-Green offers a simple solution to address this issue by halting all pods within those namespaces, effectively optimizing resource utilization during non-business hours.

    How is it Possible? ๐Ÿค”

    Kube-Green is a Kubernetes controller, which defines a Custom Resource Definition (CRD) called SleepInfo. The SleepInfo CRD defines when to stop and restart the pods in a namespace. For example, in development namespaces, it is possible to stop all the pods during non-business hours: wake up every morning from Monday to Friday and stop every night from Monday to Friday.

    Hands-On ๐Ÿ‘ท

    To follow this guide, you should have kubectl and kind installed locally.

    • The Kubernetes command line tool: kubectl
    • Docker
    • Kubernetes cluster

    Now you have all the tools needed, let's go!

    โžก๏ธ Install the Cert-Manager

    cert

    With this command, the latest release of cert-manager will be installed. You can check the correct cert-manager deployment by verifying that all the pods are correctly running.

    get-ns

    Install Kube-Green ใŠ™

    Install Kube-Green with the default static install. Click here to see the different install methods supported.

    Install Kube-Green with this command:

    kubectl apply -f https://github.com/kube-green/kube-green/releases/latest/download/kube-green.yaml

    This command creates a kube-green namespace and deploys a kube-green-controller-manager. You can check that the pod is correctly running:

    kubectl -n kube-green get pods

    โžก๏ธ Setup Kube-Green in Dev Namespace

    To setup Kube-Green, the SleepInfo resource must be created in the dev namespace. The SleepInfo spec contains:

    • weekdays: day of the week. * is every day, 1 is Monday, 1-5 is from Monday to Friday.
    • sleepAt: time in hours and minutes (HH:mm) when the namespace will go to sleep. Valid values are, for example, 19:00 or *:* for every minute and every hour. Resources sleep will be deployments (setting replicas value to 0) and, if suspendCronjobs option is set to true, cron jobs will be suspended.
    • wakeUpAt (optional): time in hours and minutes (HH:mm) when the namespace should be restored to the initial state (before sleep). Valid values are, for example, 19:00 or *:* for every minute and every hour. If wake up value is not set, the pod in the namespace will not be restored. So, you will need to deploy the initial namespace configuration to restore it.
    • timeZone (optional, default to UTC): time zone in IANA specification. For example, for Italian hour, set Europe/Rome.
    • suspendDeployments (optional, default to true): if set to false, deployments will not be suspended.
    • suspendCronJobs (optional, default to false): if set to true, cronjobs will be suspended.
    • excludeRef (optional): an array of objects containing the resource to exclude from sleep. It can specify exactly the name of the specified resource or match based on the labels. The possible formats are:
      • apiVersion: version of the resource. Now it supports "apps/v1", "batch/v1beta1" and "batch/v1".
      • kind: the kind of resource. Now it supports "Deployment" and "CronJob".
      • name: the name of the resource or
      • matchLabels: an object of strings with labels to identify resources. Click here to see an example.

    Example ๐Ÿ—

    apiVersion: kube-green.com/v1alpha1
    kind: SleepInfo
    metadata:
        name: working-hours
    spec:
        weekdays: "1-5"
        sleepAt: "20:00"
        wakeUpAt: "08:00"
        timeZone: "Europe/Rome"

    With this CRD, it's configured to sleep at 20:00 and wake up at 08:00 on weekdays only for Deployments.

    Introduction to OpenCost by Kubecost ๐Ÿ’ฐ

    kubectl-cost is a kubectl plugin that provides easy CLI access to Kubernetes cost allocation metrics via the OpenCost API. It allows developers, DevOps, and others to quickly determine the cost & efficiency for any Kubernetes workload.

    OpenCost Setup

    OpenCost requires Prometheus for scraping metrics and data storage. Follow the steps below to install OpenCost.

    Quick Start Installation ๐Ÿ“

    These commands will get you started immediately with OpenCost.

    Install Prometheus

    helm install my-prometheus --repo https://prometheus-community.github.io/helm-charts prometheus \
        --namespace prometheus --create-namespace \
        --set pushgateway.enabled=false \
        --set alertmanager.enabled=false \
        -f https://raw.githubusercontent.com/opencost/opencost/develop/kubernetes/prometheus/extraScrapeConfigs.yaml

    Install OpenCost

    kubectl apply --namespace opencost -f https://raw.githubusercontent.com/opencost/opencost/develop/kubernetes/opencost.yaml

    Install Kubecost

    This software requires that you have a running deployment of Kubecost in your cluster. The recommended path is to use Helm, but there are alternative install options.

    Helm 3
    helm repo add kubecost https://kubecost.github.io/cost-analyzer/
    helm upgrade -i --create-namespace kubecost kubecost/cost-analyzer --namespace kubecost --set kubecostToken="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

    Install kubectl-cost

    Krew

    If you have Krew, the kubectl plugin manager, installed:

    kubectl krew install cost

    The Krew manifest can be found here.

    Example Usage

    Kube-Green offers aggregation-based cost monitoring with subcommands like namespace, deployment, controller, label, pod, and node. These subcommands provide cost information aggregated by their respective names. There are two modes: rate (default) and non-rate (historical). Rate mode shows projected monthly cost based on activity, while non-rate mode displays total cost for the specified window duration.

    Show the Projected Monthly Rate for Each Namespace

    kubectl cost namespace --show-all-resources

    Output:

    +-------------------+-----------+----------+----------+-------------+----------+----------+----------+-------------+--------------------+
    | NAMESPACE         | CPU       | CPU EFF. | MEMORY   | MEMORY EFF. | GPU      | PV       | NETWORK  | SHARED COST | MONTHLY RATE (ALL) |
    +-------------------+-----------+----------+----------+-------------+----------+----------+----------+-------------+--------------------+
    | kube-system       | 29.366083 | 0.066780 | 5.226317 | 0.928257    | 0.000000 | 0.000000 | 0.000000 | 137.142857  |         171.735257 |
    | kubecost-stage    | 6.602761  | 0.158069 | 1.824703 | 1.594699    | 0.000000 | 2.569600 | 0.000000 | 137.142857  |         148.139922 |
    | kubecost          | 6.499445  | 0.116629 | 1.442334 | 1.461370    | 0.000000 | 2.569600 | 0.000000 | 137.142857  |         147.654236 |
    | default           | 3.929377  | 0.000457 | 0.237937 | 0.283941    | 0.000000 | 0.000000 | 0.000000 | 137.142857  |         141.310171 |
    | logging           | 0.770976  | 0.003419 | 0.645843 | 0.260154    | 0.000000 | 0.000000 | 0.000000 | 137.142857  |         138.559676 |
    | frontend-services | 0.710425  | 0.003660 | 0.595008 | 0.244802    | 0.000000 | 0.000000 | 0.000000 | 137.142857  |         138.448290 |
    | data-science      | 0.000284  | 2.000000 | 0.009500 | 2.000000    | 0.000000 | 0.000000 | 0.000000 | 137.142857  |         137.152641 |
    +-------------------+-----------+----------+----------+-------------+----------+----------+----------+-------------+--------------------+
    | SUMMED            | 47.879350 |          | 9.981644 |             | 0.000000 | 5.139200 | 0.000000 | 960.000000  |        1023.000194 |
    +-------------------+-----------+----------+----------+-------------+----------+----------+----------+-------------+--------------------+

    ๐ŸŒ Introduction to Cloud Custodian

    Organizations can utilize Custodian as a powerful tool to effectively manage their cloud environments, with a strong emphasis on cost management. With Custodian, businesses can ensure compliance with security policies, enforce tag policies, perform garbage collection of unused resources, and actively manage costsโ€Šโ€”โ€Šall within a unified and comprehensive solution.

    By incorporating Custodian into their cloud operations, organizations gain the ability to optimize resource utilization, eliminate unnecessary expenses, and achieve greater control over their cloud costs, ultimately contributing to improved financial efficiency and savings.

    ๐Ÿ› ๏ธ Install Kubernetes Plugin

    The Kubernetes Provider (Alpha) is an optional package which can be installed to enable writing policies that interact with Kubernetes related resources.

    First, ensure you have installed the base Cloud Custodian application. Cloud Custodian is a Python application and must run on an actively supported version.

    Once the base install is complete, you are now ready to install the Kubernetes provider package using one of the following options:

    Option 1: Install Released Packages to Local Python Environment

    pip install c7n
    pip install c7n_kube

    Option 2: Install the Latest from the Repository

    git clone https://github.com/cloud-custodian/cloud-custodian.git
    pip install -e ./cloud-custodian
    pip install -e ./cloud-custodian/tools/c7n_kube

    ๐Ÿ”— Connecting to Your Cluster

    The Custodian Kubernetes provider automatically uses your Kubectl configuration or the config file set by the environment variable KUBECONFIG. See the Kubernetes Docs for more information.

    โšก Write Your First Policy

    A policy is the primary way that Custodian is configured to manage cloud resources. It is a YAML file that follows a predetermined schema to describe what you want Custodian to do.

    In the example below, we will write a policy that filters for pods with the label "custodian" and deletes it:

    First, let's create a pod resource that we want to target with the policy:

    kubectl run nginx --image=nginx --labels=name=custodian
    kubectl get pod -o wide --show-labels

    Output:

    NAME    READY   STATUS    RESTARTS   AGE   IP           NODE     NOMINATED NODE   READINESS GATES   LABELS
    nginx   1/1     Running   0          24s   10.0.1.224   worker   <none>           <none>            name=custodian

    Now in the example below, we will write a policy that filters for pods with the label "custodian" and deletes it:

    Filename: custodian.yml

    policies:
        - name: my-first-policy
            description: |
                Deletes pods with label name:custodian
            resource: k8s.pod
            filters:
                - type: value
                    key: metadata.labels.name
                    value: custodian
            actions:
                - type: delete

    Next, run the following command to execute the policy with Custodian:

    custodian run --output-dir=output custodian.yml --cache-period 0 -v

    ๐ŸŒŸ Introduction to Cloudability

    Apptio Cloudability streamlines Kubernetes cost management by automatically discovering and mapping cloud resources associated with each cluster, providing comprehensive billing data. Their interactive tool empowers users to gain insights into cluster costs and resource consumption within a chosen timeframe.

    Cloudability

    ๐Ÿ” Automatically Map Cluster Costs

    Apptio Cloudability can automatically discover all the cloud resources backing each of your Kubernetes clusters and map this information back to detailed billing data. Users are provided with a specialized interactive tool that allows them to quickly understand the full cost of each cluster and underlying resource consumption within a definable time window.

    ๐Ÿ’ก Intelligently Allocate Spend

    Sophisticated algorithms analyze resource utilization metrics on each nodeโ€Šโ€”โ€ŠCPU, memory, network, and diskโ€Šโ€”โ€Šand evaluate pod-level Quality of Service settings so that these cluster costs can be split out and fairly allocated across Kubernetes constructs of Namespaces and Labels.

    ๐ŸŒŸ Conclusion

    In order to maximize the return on investment in cloud adoption, it is crucial to effectively manage Kubernetes costs. Conventional methods of calculating resource consumption and associated expenses often prove insufficient. As organizations progress, they may seek to enhance cost efficiency by utilizing resources strategically. ๐Ÿ’ฎ

    I hope this blog post has been helpful.


    Until next time, ใคใฅใ ๐ŸŽ‰

    ๐Ÿ’ก Thank you for Reading !! ๐Ÿ™Œ๐Ÿป๐Ÿ˜๐Ÿ“ƒ, see you in the next blog.๐Ÿค˜ Until next time ๐ŸŽ‰

    ๐Ÿš€ Thank you for sticking up till the end. If you have any questions/feedback regarding this blog feel free to connect with me:

    โ™ป๏ธ LinkedIn: https://www.linkedin.com/in/rajhi-saif/

    โ™ป๏ธ X/Twitter: https://x.com/rajhisaifeddine

    The end โœŒ๐Ÿป

    ๐Ÿ”ฐ Keep Learning !! Keep Sharing !! ๐Ÿ”ฐ

    ๐Ÿ“… Stay updated

    Subscribe to our newsletter for more insights on AWS cloud computing and containers.