123-456-7890
contactus@cloudifyops.com
Reach Us

CloudifyOps Mini-blog series – Cost-Effective Cloud: Strategies for AWS Optimization using Komiser

The sheer power and abundance of AWS services can result in complex billing structures and potential cost overruns for users. To mitigate this challenge while ensuring robust cloud security solutions, AWS companies in India and worldwide can leverage Komiser, a powerful open-source tool designed to manage and optimize costs across AWS and other cloud providers. By providing deep visibility into cloud spending, it helps businesses identify potential cost overruns and implement cost-saving measures effectively. For enterprises requiring advanced features, Tailwarden, the enterprise version of Komiser, offers enhanced cost management and security capabilities. Implementing these solutions enables businesses, including leading AWS companies in India, to maintain control over cloud expenses while strengthening their cloud security solutions strategy.

 

Komiser is a powerful open-source tool that simplifies the complexity of managing and optimizing cloud costs across AWS and other major cloud providers. It provides users with deep insights into their cloud spending, helping to identify potential cost overruns and uncover opportunities for cost savings.

When paired with expert cloud consulting services, Komiser becomes even more effective. Cloud consultants can help organizations analyze the data Komiser provides, implement tailored cost-optimization strategies, and ensure that cloud resources are used efficiently. This combination empowers businesses to reduce unnecessary expenses, improve budgeting accuracy, and maximize the value of their cloud investments.

Komiser’s Approach to Cost Optimization

1. Resource Visibility:

Komiser provides a detailed overview of the resources used on AWS, such as EC2 instances, S3 buckets, RDS databases, etc. It categorizes and displays resources in a structured manner, making it easier to identify areas of high resource consumption.

2. Cost Breakdown:

The tool breaks down the costs associated with each resource, allowing the user to identify which services contribute the most to their overall AWS bill. This breakdown helps users prioritize optimization efforts based on the services consuming a significant portion of their budget.

3. Historical Analysis:

Komiser allows users to analyze historical data, helping them track resource usage and cost changes over time. By understanding how usage patterns evolve, users can make informed decisions about scaling resources or adopting alternative services to optimize costs.

4. Recommendations:

The tool provides recommendations for optimizing costs by suggesting potential changes to the user’s resource configurations. This can include resizing instances, modifying storage configurations, or adopting reserved instances to benefit from cost savings plans.

5. Customizable Dashboards:

Komiser offers customizable dashboards that allow users to create views tailored to their specific needs. Users can focus on specific resource types, regions, or cost components to gain deeper insights into the areas that matter most to their organization.

6. Alerting:

Komiser supports alerting functionalities, enabling users to set up notifications based on predefined thresholds for costs or resource usage. Proactive alerts help them address issues in real-time, preventing unexpected spikes in costs.

EKS Installation

Komiser provides official Helm charts for EKS deployment. This can be done by following the below steps:

  • Create an IAM OIDC provider for the EKS cluster.
  • Create an IAM policy for Komiser with the following policy:
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "1",
      "Effect": "Allow",
      "Action": [
        "ec2:Describe*",
        "elasticloadbalancing:Describe*",
        "autoscaling:Describe*",
        "s3:Describe*",
        "ecs:List*",
        "ce:GetCostAndUsage",
        "ce:GetCostForecast",
        "apigateway:GET",
        "dynamodb:Describe*"
      ],
      "Resource": "*"
    },
    {
      "Sid": "2",
      "Effect": "Allow",
      "Action": [
        "lambda:List*",
        "dynamodb:List*",
        "cloudfront:List*",
        "iam:List*",
        "ecs:Describe*",
        "glacier:List*",
        "sqs:List*",
        "route53:List*",
        "sns:List*",
        "s3:Get*"
      ],
      "Resource": "*"
    },
    {
      "Sid": "3",
      "Effect": "Allow",
      "Action": [
        "acm:List*",
        "mq:List*",
        "cloudwatch:Get*",
        "cloudtrail:LookupEvents",
        "datapipeline:List*",
        "eks:List*",
        "elasticache:Describe*",
        "es:List*",
        "logs:Describe*",
        "rds:Describe*",
        "cloudwatch:Describe*"
      ],
      "Resource": "*"
    },
    {
      "Sid": "4",
      "Effect": "Allow",
      "Action": [
        "glue:Get*",
        "organizations:Describe*",
        "iam:Get*",
        "kinesis:List*",
        "kms:List*",
        "kms:Describe*",
        "redshift:Describe*",
        "tag:Get*",
        "route53:List*",
        "support:Describe*",
        "swf:List*",
        "config:BatchGetResourceConfig"
      ],
      "Resource": "*"
    },
    {
      "Sid": "5",
      "Effect": "Allow",
      "Action": [
        "sns:List*",
        "lambda:List*",
        "kms:List*",
        "pricing:GetProducts",
        "ecr:Describe*",
        "elasticfilesystem:Describe*",
        "rds:Describe*",
        "elasticache:List*",
        "eks:Describe*",
        "elasticloadbalancing:DescribeTags"
      ],
      "Resource": "*"
    }
  ]
}
  • Create an IAM role to be used by the Komiser service account.Attach the previously created policy to the role.Add the following trust relationship policy to the role:
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Federated": "arn:aws:iam::${ACCOUNT_ID}:oidc-provider/${OIDC_PROVIDER}"
      },
      "Action": "sts:AssumeRoleWithWebIdentity",
      "Condition": {
        "StringEquals": {
          "${OIDC_PROVIDER}:aud": "sts.amazonaws.com",
          "${OIDC_PROVIDER}:sub": "system:serviceaccount:${NAMESPACE}:komiser"
        }
      }
    }
  ]
}
  • Clone the official Komiser Helm chart.
git clone https://github.com/tailwarden/helm.git
  • Update the templates/service-account.yaml file with the arn of the IAM role which was previously created.
apiVersion: v1
kind: ServiceAccount
metadata:
  name: komiser
  annotations:
    eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT_ID:role/ROLE_NAME
  • Update the templates/configmap-credentials.yaml to add the AWS account credentials and region.
apiVersion: v1
kind: ConfigMap
metadata:
  name: aws-configmap-credentials
data:
  credentials.yaml: |-
    [default]
    region = [region]
    aws_access_key_id = [access-key-id]
    aws_secret_access_key = [secret-access-key]
  • Update the values.yaml to add aws region to scan:
image:
  repository: tailwarden/komiser
  tag: 3.1.0
  pullPolicy: IfNotPresent

aws:
  region: "us-east-1"
  • Deploy Komiser to EKS.
helm install -f values.yaml komiser .

The Komiser dashboard can be reached at the Komiser service endpoint.

 

Services

Solutions

Recent Blogs

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from - Youtube
Vimeo
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google
Spotify
Consent to display content from - Spotify
Sound Cloud
Consent to display content from - Sound
Save
Contact Us