Update or uninstall Dynatrace Operator

This page provides detailed instructions on how to update or uninstall Dynatrace Operator in Kubernetes and OpenShift environments.

Dynatrace Operator manages the deployment and lifecycle of all Dynatrace components in your Kubernetes clusters (for example, OneAgent, ActiveGate, and code modules). This includes, depending on the configuration, automatic updates for these components. Dynatrace Operator itself needs to be updated either by applying new manifests or by using helm charts.

We recommend using an up-to-date Operator version (at least version n-2) and always using the latest patch version of that Operator version (for example, 0.10.4 instead of 0.10.0).

Update Dynatrace Operator

To update Dynatrace Operator, select one of the following options, depending on your deployment approach:

Manifest

For classicFullStack, applicationMonitoring, or hostMonitoring, execute the following command.

If you're using the CSI driver, there's an additional prerequisite command:

Helm

  1. Update your Helm repositories.

    helm repo update dynatrace
  2. Upgrade the Helm chart.

    helm upgrade dynatrace-operator oci://public.ecr.aws/dynatrace/dynatrace-operator \
    --namespace dynatrace \
    --atomic \
    -f values.yaml

    The values.yaml file may have changed in newer versions. If existing values are no longer valid, they will be silently ignored as there's no validation for this.

    To upgrade to the latest release from the OCI registry, run the following command.

    helm upgrade dynatrace-operator dynatrace/dynatrace-operator \
    --namespace dynatrace \
    --atomic \
    -f values.yaml

    Note that the helm repo command does not support OCI registries. You can only use the helm pull, helm show, helm install, and helm upgrade commands with OCI.

    Upgrade from old Dynatrace Operator versions with Helm

    If you use a Dynatrace Operator version earlier than v0.8.0 in a Helm deployment, follow the steps below to migrate to the latest Dynatrace Operator version with Helm.

    Step 1 Upgrade the custom resource definition

    According to your configuration of the values.yaml file, select one of the options below.

    • If installCRD is set to true, the custom resource definition will be automatically upgraded and managed by Helm.

    • If installCRD is set to false, you need to upgrade the custom resource definition manually before starting the Helm installation:

    Step 2 Upgrade the Helm chart

    Delete the CRD section and the secrets from your existing values.yaml file or use and customize the values.yaml sample from GitHub. Upgrade the helm chart:

    helm upgrade dynatrace-operator dynatrace/dynatrace-operator -f values.yaml --atomic -n dynatrace

    The above changes make your old values unusable, therefore setting the --reuse-values flag isn't possible for migration.

Update ActiveGate pods

Typically, ActiveGate pods are updated automatically on pod restart whenever there is a new version available (unless the image already specifies a certain version). However, if you need to manually restart ActiveGate pods, run the command below.

Update Access tokens

If you need to update your Dynatrace access tokens, follow the steps below.

Step 1 Find current access tokens

Find and save your currently used tokens.

After generating new tokens, you'll need to delete the old ones.

Step 2 Delete your secret

To delete the secret, run one of the commands below.

In Kubernetes, used tokens are stored in a secret named dynakube by default. If the DynaKube custom resource has a different name, or the tokens field in DynaKube is set, make sure that the new secret has the same name as defined there.

Step 3 Create new access tokens

For instructions on how to create the tokens, see Access tokens and permissions.

Step 4 Create a new secret with updated access tokens

To create a new secret with the updated tokens, run one of the commands below, making sure to replace the placeholders with the new tokens.

Dynatrace Operator picks up the updated secrets in approximately five minutes. Removing DynaKube and reapplying it forces an instant reconciliation.

Step 5 Delete the old access token

After the new tokens are in place, delete the old ones.

  1. In Dynatrace, go to Access Tokens and look for the old token.
  2. Select Delete.

Uninstall Dynatrace Operator

To uninstall Dynatrace Operator, select one of the following options (Manifest or Helm), depending on your deployment approach.

Important for CRI-O Runtime users with classicFullStack

OneAgent version 1.279 and below

If you're using CRI-O as your cluster's container runtime with classicFullStack, complete the steps outlined in Migrate from classic full stack to cloud native full stack mode as part of the uninstallation process.

Manifest

Select one of the following options (with or without CSI driver) to uninstall Dynatrace Operator.

Without CSI driver

  1. Delete Dynatrace Operator.

  2. Delete Dynatrace related secrets in all monitored namespaces.

  3. Delete the namespace.

With CSI driver

  1. Clean up DynaKube resources.

  2. Wait until Dynatrace Operator components have been deleted.

  3. Restart your monitored applications.

  4. Clean up CSI driver resources.

  5. Uninstall Dynatrace Operator.

  6. Delete Dynatrace related secrets in the namespace.

  7. Delete the namespace.

  8. Delete Dynatrace related secrets in all monitored namespaces.

Helm

Select one of the following options (with or without CSI driver) to uninstall Dynatrace Operator.

Without CSI driver

  1. Delete Dynatrace Operator.

    helm uninstall dynatrace-operator -n dynatrace
  2. Delete Dynatrace related secrets in the namespace.

  3. Delete the namespace.

  4. Delete Dynatrace related secrets in all monitored namespaces.

With CSI driver

  1. Clean up DynaKube resources.

  2. Wait until Dynatrace Operator components have been deleted.

  3. Restart your monitored applications.

  4. Uninstall Dynatrace Operator.

    helm uninstall dynatrace-operator -n dynatrace
  5. Delete the namespace.

  6. Delete Dynatrace related secrets in all monitored namespaces.