Cost Attribution System

Cost Attribution System#

The Cost Attribution System is designed to monitor and attribute cloud infrastructure costs to 2i2c hub deployments. This system integrates with the AWS Cost Explorer API to provide detailed cost insights from a hub’s Grafana dashboard.

{{% callout note %}} Note that this feature is currently available to AWS hosted hubs only and will be rolled out to other cloud providers in the future. {{% /callout %}}

Components#

  1. AWS IAM Role Configuration

A dedicated IAM role is created to grant the necessary permissions for accessing the Cost Explorer API.

  1. Python Web Server

A Python-based web server is deployed to interact with the Cost Explorer API. It retrieves cost data and serves it as JSON, making it accessible for Grafana.

  1. Grafana Integration

A custom Helm chart, aws-ce-grafana-backend, is introduced to facilitate the deployment of the Python web server alongside Grafana.

This enables Grafana to query the web server for cost data, allowing users to visualize and analyze cloud expenses directly within the Grafana interface.

It uses the Infinity Grafana plugin to serve JSON from AWS Cost Explorer API, for use by Grafana dashboard panels.

Technical implementation details#

The system relies on at least one of these tags to be on any cloud infra to attribute cost to.

  • 2i2c.org/cluster-name

  • alpha.eksctl.io/cluster-name

  • kubernetes.io/cluster/<cluster name>

Important

Currently, on clusters that have a k8s version greater or equal with 1.30, terraform managed resources already have the 2i2c.org/cluster-name tag configured via the default_tags variable, and eksctl managed resources already have the tag configured for node groups via nodegroup.libsonnet.

On clusters that have a k8s version less than 1.30, eksctl managed resources, the alpha.eksctl.io/cluster-name and kubernetes.io/cluster/<cluster name> tags are present and used instead.

New clusters have all eksctl managed resources configured to be tagged, not just the node groups. This isn’t important to ensure for existing clusters’ cost attribution though.

The system also relies on the tag 2i2c:hub-name to be specified in addition to the tags above for any cloud infra tied to specific hubs.

We only need to ensure the 2i2c.org/cluster-name and 2i2c:hub-name tags are declared, the others are applied by eksctl and Kubernetes controllers that can create cloud resources to represent k8s resources (block storage volumes for k8s PV resources referencing certain storage classes, and load balancers for k8s Service’s of type LoadBalancer).

The following resources are known to be hub specific in some cases and known to incur costs.

  • S3 buckets in terraform

  • EFS storage in terraform

  • EBS volumes in terraform

  • Node groups in eksctl

Important

There are still some clusters that don’t have separate EFS storage per hub yet.