Get started with Kubernetes platform monitoring + Full-Stack observability

  • 7min

This page provides instructions for deploying Dynatrace Operator to enable Kubernetes platform monitoring and Full-Stack observability in your Kubernetes environment. You'll gain insights into your Kubernetes cluster resources, application performance, and infrastructure health.

Use cases

Before you begin

Before installing Dynatrace on your Kubernetes cluster, ensure that you meet the following requirements:

  • Your kubectl CLI is connected to the Kubernetes cluster that you want to monitor.
  • You have sufficient privileges on the monitored cluster to run kubectl or oc commands.

Cluster setup and configuration

  • You must allow egress for Dynatrace pods (default: Dynatrace namespace) to your Dynatrace environment URL.

  • For OpenShift Dedicated, you need the cluster-admin role.

  • Helm installation Use Helm version 3.

Supported versions

See supported Kubernetes/OpenShift platform versions and distributions.

Configuring SCC is required for OpenShift for cloudNativeFullStack and applicationMonitoring with Dynatrace Operator CSI driver deployments.

By default, Dynatrace Operator injects OneAgent in all namespaces, but you can configure it to monitor only specific namespaces and exclude others. For details, see Configure monitoring for namespaces and pods.

Installation options

Choose one of the installation methods that best suits your needs.

Helm

Helm

Manifest

Helm

Dynatrace Operator version 0.8.0+

New Helm installation and upgrade instructions use our Helm chart available from an OCI registry. Therefore, if the Dynatrace repository is currently added to your local Helm repositories, it can be safely removed.

helm repo remove dynatrace

The installation process is independent of whether you are using Kubernetes or OpenShift. The platform is auto-detected during the installation.

The following command works for installations using an OCI registry, which is the default way.

helm install dynatrace-operator oci://public.ecr.aws/dynatrace/dynatrace-operator \
   --create-namespace \
   --namespace dynatrace \
   --atomic

Edit the values.yaml sample from GitHub, and then run the install command, passing the YAML file as an argument:

helm install dynatrace-operator oci://public.ecr.aws/dynatrace/dynatrace-operator \
   --create-namespace \
   --namespace dynatrace \
   --atomic \
   -f values.yaml

If installCRD is set to false, you need to create the custom resource definition manually before starting the Helm installation:

kubectl apply -f https://github.com/Dynatrace/dynatrace-operator/releases/download/v1.6.0/dynatrace-operator-crd.yaml

VMware Tanzu Kubernetes (TKGI) and IBM Kubernetes Service (IKS) require additional configuration.

Create a secret named dynakube for the Dynatrace Operator token and data ingest token obtained in Tokens and permissions required.

kubectl -n dynatrace create secret generic dynakube --from-literal="apiToken=<OPERATOR_TOKEN>" --from-literal="dataIngestToken=<DATA_INGEST_TOKEN>"

DynaKube custom resource sample for Full-Stack monitoring

You can review the available parameters or how-to guides, and adapt the DynaKube custom resource according to your requirements.

For PPC64le architecture, additional configuration is required. For details, see ActiveGate container image.

apiVersion: dynatrace.com/v1beta3
kind: DynaKube
metadata:
  name: dynakube
  namespace: dynatrace
  annotations:
    feature.dynatrace.com/k8s-app-enabled: "true"
    feature.dynatrace.com/injection-readonly-volume: "true"
spec:
  # For detailed instructions on DynaKube parameters in the spec section, visit https://docs.dynatrace.com/docs/ingest-from/setup-on-k8s/reference/dynakube-parameters


  # Dynatrace apiUrl including the /api path at the end.
  # Replace 'ENVIRONMENTID' with your environment ID.
  # For instructions on how to determine the environment ID and how to configure the apiUrl address, see https://www.dynatrace.com/support/help/reference/dynatrace-concepts/environment-id/.
  apiUrl: https://ENVIRONMENTID.live.dynatrace.com/api


  metadataEnrichment:
    enabled: true


  oneAgent:
    cloudNativeFullStack:
      tolerations:
        - effect: NoSchedule
          key: node-role.kubernetes.io/master
          operator: Exists
        - effect: NoSchedule
          key: node-role.kubernetes.io/control-plane
          operator: Exists


  activeGate:
    capabilities:
      - routing
      - kubernetes-monitoring


    resources:
      requests:
        cpu: 500m
        memory: 512Mi
      limits:
        cpu: 1000m
        memory: 1.5Gi

Run the command below to apply the DynaKube custom resource, making sure to replace <your-DynaKube-CR> with your actual DynaKube custom resource file name. A validation webhook will provide helpful error messages if there's a problem.

kubectl apply -f <your-DynaKube-CR>.yaml

Verify that your DynaKube is running and all pods in your Dynatrace namespace are running and ready.

> kubectl get dynakube -n dynatrace
NAME         APIURL                                          STATUS     AGE
dynakube     https://<ENVIRONMENTID>.live.dynatrace.com/api  Running    45s

In a default DynaKube configuration, you should see the following pods:

> kubectl get pods -n dynatrace
NAME                                  READY   STATUS    RESTARTS        AGE
dynakube-activegate-0                 1/1     Running   0               50s
dynakube-oneagent-b88rn               1/1     Running   0               50s
dynakube-oneagent-m5jm4               1/1     Running   0               50s
dynakube-oneagent-qhd9u               1/1     Running   0               50s
dynatrace-oneagent-csi-driver-qxfwx   4/4     Running   0               2m49s
dynatrace-oneagent-csi-driver-xk5c4   4/4     Running   0               2m49s
dynatrace-oneagent-csi-driver-mz6ch   4/4     Running   0               2m49s
dynatrace-operator-7dc8dc7d8c-wmh4z   1/1     Running   0               2m59s
dynatrace-webhook-7bb6957fb5-l8fsq    1/1     Running   0               2m59s
dynatrace-webhook-7bb6957fb5-rqnqk    1/1     Running   0               2m59s

Because OneAgent and the CSI driver are deployed as a DaemonSet, you should have a OneAgent and CSI driver pod on each node.

Manifest

Create a dynatrace namespace:

kubectl create namespace dynatrace
kubectl apply -f https://github.com/Dynatrace/dynatrace-operator/releases/download/v1.6.0/kubernetes-csi.yaml

VMware Tanzu Kubernetes (TKGI) and IBM Kubernetes Service (IKS) require additional configuration.

Run the following command to see when Dynatrace Operator components finish initialization:

kubectl -n dynatrace wait pod --for=condition=ready --selector=app.kubernetes.io/name=dynatrace-operator,app.kubernetes.io/component=webhook --timeout=300s

Create a secret named dynakube for the Dynatrace Operator token and data ingest token obtained in Tokens and permissions required.

kubectl -n dynatrace create secret generic dynakube --from-literal="apiToken=<OPERATOR_TOKEN>" --from-literal="dataIngestToken=<DATA_INGEST_TOKEN>"

DynaKube custom resource sample for Full-Stack monitoring

You can review the available parameters or how-to guides, and adapt the DynaKube custom resource according to your requirements.

For PPC64le architecture, additional configuration is required. For details, see ActiveGate container image.

apiVersion: dynatrace.com/v1beta3
kind: DynaKube
metadata:
  name: dynakube
  namespace: dynatrace
  annotations:
    feature.dynatrace.com/k8s-app-enabled: "true"
    feature.dynatrace.com/injection-readonly-volume: "true"
spec:
  # For detailed instructions on DynaKube parameters in the spec section, visit https://docs.dynatrace.com/docs/ingest-from/setup-on-k8s/reference/dynakube-parameters


  # Dynatrace apiUrl including the /api path at the end.
  # Replace 'ENVIRONMENTID' with your environment ID.
  # For instructions on how to determine the environment ID and how to configure the apiUrl address, see https://www.dynatrace.com/support/help/reference/dynatrace-concepts/environment-id/.
  apiUrl: https://ENVIRONMENTID.live.dynatrace.com/api


  metadataEnrichment:
    enabled: true


  oneAgent:
    cloudNativeFullStack:
      tolerations:
        - effect: NoSchedule
          key: node-role.kubernetes.io/master
          operator: Exists
        - effect: NoSchedule
          key: node-role.kubernetes.io/control-plane
          operator: Exists


  activeGate:
    capabilities:
      - routing
      - kubernetes-monitoring


    resources:
      requests:
        cpu: 500m
        memory: 512Mi
      limits:
        cpu: 1000m
        memory: 1.5Gi

Run the command below to apply the DynaKube custom resource, making sure to replace <your-DynaKube-CR> with your actual DynaKube custom resource file name. A validation webhook will provide helpful error messages if there's a problem.

kubectl apply -f <your-DynaKube-CR>.yaml

optional

Verify that your DynaKube is running and all pods in your Dynatrace namespace are running and ready.

> kubectl get dynakube -n dynatrace
NAME         APIURL                                          STATUS     AGE
dynakube     https://<ENVIRONMENTID>.live.dynatrace.com/api  Running    45s

In a default DynaKube configuration, you should see the following pods:

> kubectl get pods -n dynatrace
NAME                                  READY   STATUS    RESTARTS        AGE
dynakube-activegate-0                 1/1     Running   0               50s
dynakube-oneagent-b88rn               1/1     Running   0               50s
dynakube-oneagent-m5jm4               1/1     Running   0               50s
dynakube-oneagent-qhd9u               1/1     Running   0               50s
dynatrace-oneagent-csi-driver-qxfwx   4/4     Running   0               2m49s
dynatrace-oneagent-csi-driver-xk5c4   4/4     Running   0               2m49s
dynatrace-oneagent-csi-driver-mz6ch   4/4     Running   0               2m49s
dynatrace-operator-7dc8dc7d8c-wmh4z   1/1     Running   0               2m59s
dynatrace-webhook-7bb6957fb5-l8fsq    1/1     Running   0               2m59s
dynatrace-webhook-7bb6957fb5-rqnqk    1/1     Running   0               2m59s

Because OneAgent and the CSI driver are deployed as a DaemonSet, you should have a OneAgent and CSI driver pod on each node.

Licensing

Kubernetes platform monitoring + Full-Stack observability requires Dynatrace Platform Subscription (DPS) and is licensed by the sum of host memory (GiB-hours).

Learn more

After you've successfully installed Dynatrace Operator, you may find the following resources helpful for further learning and troubleshooting.

Get actionable answers

Start to analyze your Kubernetes clusters and containerized Apps with Dynatrace and benefit from actionable answers.

Guides

Learn how you can configure Dynatrace Operator to support specific use cases.

Troubleshooting

Troubleshoot any challenges you may encounter while working with the Dynatrace Operator and its various components.

How it works

Want to learn more about the Dynatrace components in your Kubernetes cluster?

Reference

API reference and configuration options for all Dynatrace components within your Kubernetes cluster.

Dynatrace Operator release notes

See release notes for Dynatrace Operator.

Update or uninstall

This page provides a detailed instructions on how to update and uninstall Dynatrace Operator.