Frequently Asked Questions

Common Kubecost questions (faq).
Q: How can I reduce CPU or Memory resource consumption by Kubecost? A: Please see our tuning guide at:
Q: Can I safely configure Thanos Compaction down sampling? A: Yes, Kubecost is resilient to downsampling. However turning query concurrency is going to be most beneficial, especially during the long rebuild windows. To tune downsampling use the following Thanos subchart values.
Q: I receive a 403 error when trying to save reports or alerts. A: This is due to the SAML user having read only RBAC permissions.
Q: What does "Share Tenancy" mean? A: This enables sharing the cost of the k8s management plane for hosted kubernetes offerings, IE: (EKS/AKS/GKE) costs.
Q: Why is the "Network" tile on the cost allocation page not showing any data? A: This tile relies on service names which requires one of the following values to be enabled.
Q: How often does reconciliation run? A: The Cloudusage process runs every 3 hours, however the cost and usage reports are updated by cloud providers less frequently. (This needs some verification and link to tuning if available)
Q: How are short lived jobs accounted for? A: If the Prometheus scrape interval is 1m, then a job that ran for 5s or 30s or 60s or 100s, but only registered one data point, all costs the same to us: 1m * $/m. The scrape interval can be configured to be faster, but there are consequences (More resource usage due to additional metrics).
Q: How often are AWS Spot prices updated? A: If enabled, Kubecost will refresh spot instances every 15 minutes. Note, that the spot data feed may be updated hourly.
Q: My CUR appears to be integrated properly but I'm not seeing any additional cloud assets that I would expect on the assets page. A: Verify that the helm values of kubecostModel.etlCloudUsage or kubecostModel.etlCloudAsset are not set to false. Helm chart for reference...
Q: I just enabled the CUR and AWS integration but do not see any cloud resources? A: The AWS CUR and billing data from other cloud providers lags by 24-48 hours.
Q: Why is the UI on my secondary Kubecost install broken? A: This is normal if you have followed this secondary tuning guide, its focus is reducing resource usage at the cost of breaking the secondary UI. The secondary UI should only be used for diagnostics.
Q: I have two standalone Kubecost clusters in an Azure subscription, each reside in their own resource group. How can I limit the billing export for each cluster to only the resource group instead of the entire subscription? A: You can create two billing exports each scoped to the corresponding resource group. More info can be found here:
Q: I have an empty namespace, why is it not showing up in Kubecost? A: Kubecost builds the allocation API from known workloads. If there are no workloads in the namespace it will not be aware of the namespace.
Q: Can customer logos be added to Kubecost? A: Currently, this isn't on the roadmap, and has been something we've avoided for a bit. Implementing is actually a bit goofier than what it may seem. If this is something that we want to do, we would probably need some further evaluation. Slack thread:
Q: What license does the "Paid" versions of Kubecost use? A: Paid Kubecost versions use our EULA:
Q: When configuring Spot feeds in a Federated cluster, where should it be configured? A: The Spot Data Feed is meant to supplement node prices before the CUR drops. Because of this, it should be configured in each cluster to give the most accurate estimates as the data needs to be written into Thanos. Q: Does the Abandoned Workloads savings report rely on Network Traffic daemon set? A: No, it uses cAdvisor metrics. Q: Does Kubecost cost efficiency calculation take GPU into consideration? A: No, the reason is that we get GPU efficiency from integration with the Nvidia DCGM, which is a third-party integration that needs to be set up manually with kubecost.
Q: Should I use amortized prices when setting up my CUR or billing export? A: Yes, amortized allows upfront costs of the resources to appear in Kubecost. More info.
Q: Do I need to configure the Cloud integration on the Secondary clusters? A: No, Only if you are planing on viewing the UI on the secondary. This is because the cloud reconciliation process happens after the data is shipped to the Thanos store.
Q: What is the difference between rebuild and repair commands. A: Rebuild is a legacy command and repair should be used instead as it builds on top of the existing ETL instead of wiping it completely. (Prefer repair command when possible.)
Q: For GCP I'm unable to see the GCP Project on the cost allocation page. A: You can only filter by project in Assets, a workaround is naming their clusters with a naming convention that includes the project name or number
Q: How can I add TLS to the kubecost Prometheus. A: See the following values
Q: Does Kubecost change labels/tags that include a - dash to an _ underscore? A: Yes, this is due to imitations in how Prometheus handles labels.
Q: What time of the day is the Azure costs export updated? A: The Azure costs export update time is relative to the time of day when it was initially created. See here for additional info:
Q: What regions / currencies are available for the Azure rate card integration? A: Azure is very specific as to what currency can be used for each region/country. The list of supported can be found at:
Q: I would like to use the node-exporter daemonSet provided with Openshift, however after disabling the Kubecost bundled version Prometheus is unable to discover the node-exporter endpoints. A: The Openshift provided node-exporter requires an additional annotation of "true" to be added.
annotations: "true" '/metrics' "9100"
Q: How can I disable Kube-state-metrics if needed. (We recommend disabling any 3rd party KSM instead of our bundled version) A: It can be disabled with one of two methods prometheus.kubeStateMetrics.enabled=false or prometheus.kube-state-metrics.disabled=true. More discussion is here:
Q: Does increasing the .Values.kubecostModel.etlResolutionSeconds value cause any issues with cost accuracy? A: Decreasing resolution may flatten out cost spikes but the summation of costs should not be affected.
Q: Is there a way to test alerts via the API. A: Yes, there is a /alert/test API endpoint however it just sends a blank test message. Code Another suggestion for testing alert filters is to create an alert with a small window and waited. The API will allow hours in the window.
Example of test API: http://localhost:9090/model/alerts/test payload:
aggregation: "namespace"
filter: "kubecost"
id: "a454aafd-fd08-4aa8-bcf3-99d49e082ff1"
type: "recurringUpdate"
window: "1h"
Q: Kubecost allows we configure in-zone/in-region/cross-region traffic classification, after I tried to configured this and it does show that the values have been configured, I couldn’t see in the dashboard showing traffic classification allocation, is this features still supported? (something like this: A: Check! From there, look for the bottom right box to view more network details. It also may be important to have the network-costs daemonset running in your cluster.
Q: When cloud integration is not yet enabled, does Kubecost's usage of public pricing data take into account the region the node is on? A: Yes. This can be verified by reviewing the code at opencost/pkg/cloud. Specifically, if you start at GetNodeCost() you can follow the chain of function calls. It's slightly different for each cloud provider, but it should look roughly like this: pkg/costmodel/GetNodeCost() → pkg/cloud/NodePricing() → pkg/cloud/DownloadPricingData() → pkg/cloud/getRegionPricing()
Q: If I disable node exporter, will it affect the metrics emitted by Kubecost? A: Yes you can disable node exporter as it is optional. No it will not have an effect on Kubecost's metrics.
Q: “No Athena Bucket Configured” error on /diagnostics view? A: Verify that the the AWS IAM Policy has been correctly configured (step3). Verify that the IAM role has been given to Kubecost (step4).
Q: What time zone is shown by Kubecost? A: All APIs and metrics will be based on and accept UTC zones. When viewing the data from your web browser, the graphs displayed will convert this UTC time to your local machine's time zone.