Deploy OneAgent on Kubernetes
For full-stack monitoring of Kubernetes clusters, you need to roll-out OneAgent on each cluster node using OneAgent Operator for Kubernetes 1.9 or higher. For Kubernetes 1.8 or lower, you need to deploy a DaemonSet.
Note:
For the following distributions of Kubernetes, please refer to the dedicated instructions:
Prepare DESK tokens for OneAgent Operator
Note:
OneAgent Operator v0.3+ requires Kubernetes v1.11 or higher. Older versions of the OneAgent Operator work with Kubernetes v1.9 or higher.
OneAgent Operator requires two different tokens for interacting with DESK servers. These two tokens are made available to OneAgent Operator by means of a Kubernetes secret as explained at a later step.
-
Get an API token for the DESK API with the scope Access problem and event feed, metrics, and topology. This token is later referenced as
API_TOKEN
. -
Get a Platform-as-a-Service token. This token is later referenced as
PAAS_TOKEN
.
Install OneAgent Operator
Create the necessary objects for OneAgent Operator. OneAgent Operator acts on its separate namespace desk
. It holds the operator deployment and all dependent objects like permissions, custom resources and the corresponding DaemonSet. You can also observe the logs of OneAgent Operator.
$ kubectl create namespace desk
$ LATEST_RELEASE=$(curl -s https://api.github.com/repos/desk/desk-oneagent-operator/releases/latest | grep tag_name | cut -d '"' -f 4)
$ kubectl create -f https://raw.githubusercontent.com/DESK/desk-oneagent-operator/$LATEST_RELEASE/deploy/kubernetes.yaml
$ kubectl -n desk logs -f deployment/desk-oneagent-operator
Create the secret holding API and PaaS tokens for authenticating to the DESK cluster. The name of the secret is important in a later step when you configure the custom resource (.spec.tokens
). In the following code-snippet the name is oneagent
. Be sure to replace API_TOKEN
and PAAS_TOKEN
with the values explained above.
$ kubectl -n desk create secret generic oneagent --from-literal="apiToken=API_TOKEN" --from-literal="paasToken=PAAS_TOKEN"
Save the following custom resource snippet to a file cr.yaml
. The rollout of DESK OneAgent is governed by a custom resource of type OneAgent
.
Alternatively, you can use the snippet from the GitHub repository.
$ curl -o cr.yaml https://raw.githubusercontent.com/DESK/desk-oneagent-operator/$LATEST_RELEASE/deploy/cr.yaml
Adapt the values of the custom resource as indicated in the following table.
Parameter | Description | Default value |
---|---|---|
apiUrl |
DESK SaaS: Replace ENVIRONMENTID with your DESK environment ID in https://ENVIRONMENTID.live.desk.com/api . DESK Managed: Provide your DESK Server URL ( https://<YourDESKServerURL>/e/<ENVIRONMENTID>/api ) |
|
tokens |
Name of the secret that holds the API and PaaS tokens from above. | Name of custom resource (.metadata.name ) if unset |
args |
Parameters to be passed to the OneAgent installer. All the command line parameters of the installer are supported, with the exception of INSTALL_PATH . We recommend to set APP_LOG_CONTENT_ACCESS=1 |
[] |
env |
Environment variables for OneAgent container. | [] |
Notes:
-
If you're rolling out DESK OneAgent to Pivotal Container Service clusters, you'll need to add the following entry to the
env
section in the custom resource.env: - name: ONEAGENT_ENABLE_VOLUME_STORAGE value: "true" - name: ONEAGENT_CONTAINER_STORAGE_PATH value: /var/vcap/store
-
If you're rolling out DESK OneAgent to SUSE CaaS clusters, you'll need to add the following entry to the
env
section in the custom resource.env: - name: ONEAGENT_ENABLE_VOLUME_STORAGE value: "true"
Create the custom resource
$ kubectl create -f cr.yaml
Limitations
The same limitations apply as when deploying OneAgent as a Docker container, except the auto-update. The operator makes sure OneAgents are properly updated.
Prepare DaemonSet
The first step is to obtain the location for ONEAGENT_INSTALLER_SCRIPT_URL
. This information is presented to you during DESK OneAgent installation.
Install DaemonSet
Download or copy the desk-oneagent.yml
Kubernetes template.
Deploy DESK OneAgent using the created file desk-oneagent.yml
.
$ kubectl create -f desk-oneagent.yml --namespace=kube-system
daemonset "desk-oneagent" created
Verify that the desk-oneagent
DaemonSet has deployed pods to the cluster nodes successfully:
$ kubectl get pods --namespace=kube-system
NAME READY STATUS RESTARTS AGE
desk-oneagent-abcde 1/1 Running 0 1m
$ kubectl logs -f desk-oneagent-abcde
09:46:18 Using volume-based storage
09:46:18 Started agent deployment as a Docker container, PID 1234.
09:46:18 Downloading agent to /tmp/DESK-OneAgent-Linux.sh via https://EnvironmentID.live.desk.com/api/v1/deployment/installer/agent/unix/default/latest?Api-Token=***&arch=x86&flavor=default
09:46:21 Download complete
09:46:21 Downloaded version: 1.x
09:46:21 Validating downloaded agent installer
09:46:23 Verification successful
...
Limitations
The same limitations apply as when deploying OneAgent as a Docker container.