Using Epsagon for tracing and monitoring in AWS

Updated: Aug 25

Problem statement

A modern microservices architecture allows a large application to be separated into smaller independent parts, with each part having its functionality and responsibility. To serve a single user request, a microservices-based application can call on many internal microservices to compose its response. The advantage here is that different teams/developers can work on their microservices and use languages/frameworks that suit best in a particular case, but end-to-end visibility in daily operations might be weak. Many different tools can help with monitoring, logging, and tracings, such as Amazon CloudWatch for metrics and logs, Container insights, and AWS X-Ray. In this post, we will take a look at Epsagon as a microservices-native observability platform for container and serverless environments.

Solution overview

Epsagon is a solution that allows you to monitor and troubleshoot issues in microservice environments. It's designed to make Dev and Ops teams more efficient by identifying problems, correlating data, and finding root causes. It was acquired by Cisco in 2021.

Epsagon makes it easy to monitor your cloud services, container orchestrators (Kubernetes and AWS ECS), and serverless functions. Monitor the CPU and memory utilization of your containers and the duration and cold-starts of your serverless functions.

Epsagon has several integrations that can be easily and securely applied to your AWS environment.

Getting started

The first thing that we can do is to sign-up for Epsagon and add AWS integration.

Epsagon provides a CloudFormation template that will deploy the IAM role and other required AWS resources in the account.

The stack creates its CloudTrail for "write-only" actions, trail S3 bucket, CloudWatch Log group, and IAM role for cross-account access.

IAM role contains only policies that are required for Epsagon monitoring.

Epsagon also needs to add a subscription filter to log groups, create event rules and add Lambda Layers.

Only the Epsagon account can assume the given role + it is protected by ExternalId.

ECS cluster monitoring

ECS does not require any configuration. Epsagon just uses the IAM role and gets all information from AWS. The clusters tab shows the status and utilization of the cluster and the number of running services.

EC2 and Fargate clusters are supported. The Services tab shows utilization, number of running tasks, task definition, and other details.

The instances tab shows details about every node.

The tasks tab provides also provides container details and logs:

Tracing requires extra development, but there are many frameworks and libraries for different programming languages.

Tracing looks as follows:

EKS cluster monitoring

Kubernetes integration requires a Helm chart installation.

You will be provided with a command for Helm installation.

Once the Helm chart is installed, you will see your Kubernetes cluster in the list.

Kubernetes control plane metrics are shown in the relevant tab.

You can see all nodes and their status

configuration of every node,

and metrics for every node.

You can see controllers such as Deployments and DaemonSets,

manifests for every controller,


and events.

All pods information is also available

manifest of every pod