Groundcover APM

Published: Jun 11, 2024 by Isaac Johnson

Groundcover is a new player in the observability space with a somewhat unique approach; rather than build all new systems one infra they host, we install instead on our own cluster and they only manage the control plane.

They heavily use common OS tooling like Clickhouse for logs and Prometheus for metrics, Grafana for Dashboards and Alerting.

Today we’ll try out the free tier and see how well it works.

Getting started

We can signup for a free account at


I’ll then create an org and confirm some settings.


I’m then presented with a command to install it into my cluster


I appreciated the installer asking me about this cluster, confirming the kube context


While it was still adding nodes


I saw the page change on Groundcover


Soon the installer was completed

    __ _ _ __ ___  _   _ _ __   __| | ___ _____   _____ _ __
   / _` | '__/ _ \| | | | '_ \ / _` |/ __/ _ \ \ / / _ \ '__|
  | (_| | | | (_) | |_| | | | | (_| | (_| (_) \ V /  __/ |
   \__, |_|  \___/ \__,_|_| |_|\__,_|\___\___/ \_/ \___|_|
         #NO TRADE-OFFS

> Downloading
> Preparing to install groundcover into /home/builder/.groundcover/bin
✔ groundcover installed into /home/builder/.groundcover/bin/groundcover
✔ Added /home/builder/.groundcover/bin to $PATH in /home/builder/.bashrc
✔ groundcover cli was successfully installed!

Validating groundcover authentication:
✔ Token authentication success

Validating cluster compatibility:
✔ K8s cluster type supported
✔ K8s CLI auth supported
✔ K8s server version >= 1.12.0
✔ K8s user authorized for groundcover installation
✔ K8s storage provision supported

Validating cluster nodes compatibility:
✔ Kernel version >=4.14.0 (3/3 Nodes)
✔ Node operating system supported (3/3 Nodes)
✔ Cloud provider supported (3/3 Nodes)
✔ Node architecture supported (3/3 Nodes)
✔ Node is schedulable (3/3 Nodes)
✔ Downloading chart completed successfully

Installing groundcover:
? Deploy groundcover (cluster: mac81, namespace: groundcover, compatible nodes: 3/3, version: 1.7.107) Yes
✔ groundcover helm release is installed

Validating groundcover installation:
✔ Persistent Volumes are ready
✔ Cluster established connectivity
✔ All nodes are monitored (3/3 Nodes)

That was easy. groundcover installed!
Return to browser tab or visit if you closed tab

join us on slack, we promise to keep things interesting

I want a sample app to use so I’ll go with the Istio bookinfo one

builder@DESKTOP-QADGF36:~/Workspaces$ git clone
Cloning into 'istio'...
remote: Enumerating objects: 410319, done.
remote: Counting objects: 100% (178/178), done.
remote: Compressing objects: 100% (131/131), done.
remote: Total 410319 (delta 68), reused 142 (delta 43), pack-reused 410141
Receiving objects: 100% (410319/410319), 257.70 MiB | 27.17 MiB/s, done.
Resolving deltas: 100% (271776/271776), done.
builder@DESKTOP-QADGF36:~/Workspaces$ cd istio/

Then apply

builder@DESKTOP-QADGF36:~/Workspaces/istio$ kubectl apply -f samples/bookinfo/platform/kube/bookinfo.yaml
service/details created
serviceaccount/bookinfo-details created
deployment.apps/details-v1 created
service/ratings created
serviceaccount/bookinfo-ratings created
deployment.apps/ratings-v1 created
service/reviews created
serviceaccount/bookinfo-reviews created
deployment.apps/reviews-v1 created
deployment.apps/reviews-v2 created
deployment.apps/reviews-v3 created
service/productpage created
serviceaccount/bookinfo-productpage created
deployment.apps/productpage-v1 created

Which we can verify is running

$ kubectl exec "$(kubectl get pod -l app=ratings -o jsonpath='{.items[0]}')" -c ratings -- curl -sS productpage:9080/productpage | grep -o "<title>.*</title>"
<title>Simple Bookstore App</title>

or looking at the product page service


By this time, Groundcover was all set up


There I can see details of the cluster


including the product page


Only using its own eBPF sensors, it built the diagram of our Bookinfo app from the one visit



We can view all pods and any issues found will be highlighted


If a pod has logs, we can see it in the pod details




I can also view the nodes, as one might expect


Including Node details


This can be useful when trying to find the large consumers of resources. Here we can see bulk of the isaac-macbookpro node’s memory is being used by clickhouse and alligator


Network map

I can view the whole cluster from a network map view


I found some of the UI had some challenges with my chrome (or this University Guest wifi I am on at the moment)

API Catalogue

I believe this comes from discovery


For instance, from the BookInfo app, it found the API call to reviews


Including the body

  "id": "0",
  "podname": "reviews-v3-85d474477f-wmthx",
  "clustername": "null",
  "reviews": [
      "reviewer": "Reviewer1",
      "text": "An extremely entertaining play by Shakespeare. The slapstick humour is refreshing!",
      "rating": {
        "stars": 5,
        "color": "red"
      "reviewer": "Reviewer2",
      "text": "Absolutely fun and entertaining. The play lacks thematic depth when compared to other plays by Shakespeare.",
      "rating": {
        "stars": 4,
        "color": "red"


Let’s look at logs.

We can search on filters, including detected workloads


I can then tie that back to traces


What I cannot do, when thinking on tools like Datadog, is create an alert or log based dashboard right from Logs


Dashboards are really just fronting Grafana.

We can create a new Dashboard from Prometheus metrics for Clickhouse


Let’s pull some visualizations on logs from Clickhouse for this cluster

SELECT round_timestamp as timestamp, pod_name as body, cluster, pod_name FROM "groundcover"."logs" WHERE ( timestamp >= $__fromTime AND timestamp <= $__toTime ) ORDER BY timestamp DESC LIMIT 1000


One can make a mess in dashboards without much effort


Alerts, I might add, also go through Grafana.

For instance, I can create an alert on Prom metrics


I usually do as above - create an alert on the negative (good) condition then switch the operator


I wanted to at least test notification points and see if email was properly setup.

I created a test email to myself


Which I could see came from



We can click the Pricing/Subscription icon to see pricing


This is where it is a bit of a problem for me. I have two clusters I would love to monitor, however as it stands, to move from the free “1 cluster” to one person with two clusters (with a total of 7 nodes) moves me to $140/month. That is just a bit beyond where I, as a hobbyist, is willing to tread.

I might suggest they think of gifting at least two clusters to the free tier, just so i can monitor a “main” and have one cluster free for a “test”. That said, I could use an alternate email, but that would be cheating.

At the enterprise level, $20/node is very reasonable. I can recall Instana pricing several years ago (before IBM bought them) and it was around $80/node/month.

To be fair, most of the compute and data lives in my cluster so they are really just handling their software and configuration of some intertwined opensource tools


Groundcover was founded by Shahar Azulay (CEO) and Yechezkel Rabinovich (CTO) in August 2021. The former was at Apple prior as a Machine Learning Manager and the latter at a medical software security company (CyberMDX) which was later acquired by Forescout.


This brings us to the real question - is it better to have a single pane of glass and managed control plane or just link these OS tools myself? I could just as easily install and configure Prometheus, Grafana and Clickhouse myself. I would have an operational cost of maintaining them and setting up things like email servers, but that might be a one-time cost.

However, the other side of me compares this with to some leading APM providers like Datadog, Dynatrace and New Relic. I would pay 10c, 20c and 30c, respectively for 1Gb of log ingest for each of those. Here i could store TB of logs (if i have that much space to grant the PVCs) for no extra charge. I have known places to use ELK for just such reasons.

Overall, I really find this to be a fascinating play.

Groundcover APM Kubernetes

Have something to add? Feedback? Try our new forums

Isaac Johnson

Isaac Johnson

Cloud Solutions Architect

Isaac is a CSA and DevOps engineer who focuses on cloud migrations and devops processes. He also is a dad to three wonderful daughters (hence the references to Princess King sprinkled throughout the blog).

Theme built by C.S. Rhymes