This page will help you to understand and configure the DynaKube Kubernetes Custom Resource, enabling you to optimize your Dynatrace Operator setup according to your specific requirements.
The table below specifies the required Dynatrace Operator versions corresponding to each DynaKube API version.
apiUrl parameter is Required and immutable. Once set, it cannot be modified in an existing DynaKube.
All other parameters are Optional.
Parameter
Description
Default value
Data type
apiUrl
Dynatrace apiUrl, including the /api path at the end.- For SaaS, set YOUR_ENVIRONMENT_ID to your environment ID.- For Managed, change the apiUrl address.For instructions on how to determine the environment ID and how to configure the apiUrl address, see Environment ID
No default (required)
string
customPullSecret
Defines a custom pull secret in case you use a private registry when pulling images from the Dynatrace environment.Note: For the node image pull feature without the CSI driver, you must manually ensure that pull secrets are available on the injected pod. See node image pull prerequisites for more details.To define a custom pull secret and learn about the expected behavior, see Configure customPullSecret.
No default (optional)
string
dynatraceApiRequestThreshold
Minimum minutes between Dynatrace API requests.
15
integer
enableIstio
When enabled, and if Istio is installed on the Kubernetes environment, Dynatrace Operator will create the corresponding VirtualService and ServiceEntry objects to allow access to the Dynatrace Cluster from the OneAgent or ActiveGate.Disabled by default.
No default (optional)
boolean
networkZone
Sets a network zone for the OneAgent and ActiveGate Pods.
No default (optional)
string
proxy
Set custom proxy settings either directly or from a secret with the field proxy.Applies to Dynatrace Operator, ActiveGate, and OneAgents.
No default (optional)
DynaKubeProxy
skipCertCheck
Disable certificate check for the connection between Dynatrace Operator and the Dynatrace Cluster.Set to true if you want to skip certification validation checks.
No default (optional)
boolean
tokens
Name of the secret holding the tokens used for connecting to Dynatrace.
No default (optional)
string
trustedCAs
Adds custom RootCAs from a configmap.The key to the data must be certs.This applies to Dynatrace Operator, OneAgent, and ActiveGate.
No default (optional)
string
.spec.oneAgent
Parameter
Description
Default value
Data type
hostGroup
Specify the name of the group to which you want to assign the host. This method is preferred over the now obsolete --set-host-group argument. If both settings are used, this field takes precedence over the --set-host-group argument.
No default (optional)
string
.spec.oneAgent.cloudNativeFullStack
All parameters are Optional.
Recommended
Parameter
Description
Default value
Data type
annotations
Add custom OneAgent annotations.
No default (optional)
map[string]string
args
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
No default (optional)
[]string
codeModulesImage
Specifies the OneAgent CodeModules image used for injection into application pods. Updates are applied only when the image reference changes. If a floating tag (for example, latest) is used, new images pushed under the same tag are not automatically picked up on existing nodes. It is recommended to use a unique tag for each OneAgent CodeModule image version.
No default (optional)
string
dnsPolicy
Set the DNS policy for OneAgent pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent pods.
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
storageHostPath
Writable directory on the host filesystem where OneAgent configurations will be stored.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used for host monitoring OneAgents running in the dedicated pod. This setting doesn't affect the OneAgent version used for application monitoring.
The latest version is used by default.
string
.spec.oneAgent.classicFullStack
All parameters are Optional.
Parameter
Description
Default value
Data type
annotations
Add custom OneAgent annotations.
No default (optional)
map[string]string
args
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
No default (optional)
[]string
dnsPolicy
Set the DNS Policy for OneAgent pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent pods.
No default (optional)
[]EnvVar
image
Use a custom OneAgent Docker image. Defaults to the image from the Dynatrace cluster.
Name of the image.
string
labels
Your defined labels for OneAgent pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
storageHostPath
Writeable directory on the host filesystem where OneAgent configurations will be stored.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used.
The latest version is used by default.
string
.spec.oneAgent.applicationMonitoring
All parameters are Optional.
Parameter
Description
Default value
Data type
codeModulesImage
Specifies the OneAgent CodeModules image used for injection into application pods. Updates are applied only when the image reference changes. If a floating tag (for example, latest) is used, new images pushed under the same tag are not automatically picked up on existing nodes. It is recommended to use a unique tag for each OneAgent CodeModule image version.
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
No default (optional)
[]string
dnsPolicy
Set the DNS Policy for OneAgent pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent pods.
No default (optional)
[]EnvVar
image
Use a custom OneAgent Docker image.
The image from the Dynatrace cluster.
string
labels
Your defined labels for OneAgent pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
storageHostPath
Writeable directory on the host filesystem where OneAgent configurations will be stored.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used.
The latest version is used by default.
string
.spec.activeGate
capabilities parameter is Required.
resources and group parameters are Recommended.
All other parameters are Optional.
Parameter
Description
Default value
Data type
annotations
Add custom ActiveGate annotations.
map[string]string
capabilities
Defines the ActiveGate pod capabilities: what functionality should be enabled.Possible values:- routing enables OneAgent routing.- kubernetes-monitoring enables Kubernetes API monitoring.- metrics-ingest1 opens the metrics ingest endpoint on the DynaKube ActiveGate and redirects all pods to it.- dynatrace-api1 enables calling the Dynatrace API via ActiveGate.- debugging enables the Live Debugging module in ActiveGate.
string
customProperties
Add a custom properties file by providing it as a value or by referencing it from a secret.When referencing a custom properties file from a secret, make sure that the key is named customProperties. See How to add a custom properties file for details.
string
dnsPolicy
Set the DNS policy for ActiveGate pods.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the ActiveGate pods.
Use a custom ActiveGate image. Defaults to the latest ActiveGate image from the Dynatrace cluster.
string
labels
Your defined labels for ActiveGate pods in order to structure workloads as desired.
map[string]string
nodeSelector
Specify the node selector that controls on which nodes ActiveGate will be deployed.
map[string]string
priorityClassName
Assign a priority class to the ActiveGate pods. By default, no class is set.For details, see Pod Priority and Preemption.
string
replicas
Number of replicas of ActiveGate pods.
1
int
resources
Resource settings for ActiveGate container. Consumption of the ActiveGate heavily depends on the workload to monitor; adjust values accordingly.
ResourceRequirements
terminationGracePeriodSeconds
Configures the terminationGracePeriodSeconds parameter of the ActiveGate pod. Kubernetes defaults and rules apply.
int
tlsSecretName
Name of a secret containing ActiveGate TLS certificate, key, and password. If not set, a self-signed certificate is used. For details, see How to add a custom certificate for ActiveGate.
On OpenShift, using volumes of type hostPath is prohibited by default SCC and will cause failures. If hostPath is required, create a role with sufficient privileges and bind it to the respective service account. In this example, the created role is bound to a service account named custom-sql-extension-executor-sa:
Available with Dynatrace version 1.306 and OneAgent 1.305
Log Monitoring requires the kubernetes-monitoringActiveGate capability to be enabled, but it doesn't have to be configured in the same DynaKube. If kubernetes-monitoring is missing or the feature flag feature.dynatrace.com/automatic-kubernetes-api-monitoring is set to false, the Operator produces a warning but Log Monitoring still deploys.
All parameters in .spec.logMonitoring are Optional.
Parameter
Description
Default value
Data type
ingestRuleMatchers
Specifies the rules and conditions for matching ingest attributes.
This field is immutable. Once set, it will no longer be updated.
Parameter
Description
Default value
Data type
attribute
Specifies the attribute name for matching ingest rules.
No default (optional)
string
values
Lists the values that the attribute must match for an ingest rule to apply.
No default (optional)
[]string
Example:
ingestRuleMatchers:
- attribute: "k8s.namespace.name"
values:
- "kube-system"
- "dynatrace"
- "default"
- attribute: "k8s.pod.annotation"
values:
- "logs.dynatrace.com/ingest=true"
- "category=security"
.spec.telemetryIngest
Dynatrace Operator version 1.6.0+
Enable additional telemetry ingest endpoints in Kubernetes for cluster-local data ingest using 3rd-party protocols. Adding this section deploys the Dynatrace Collector workload to the cluster.
Parameter
Description
Default value
Data type
protocols
Specifies the protocols that will be ingested by the Dynatrace Collector.
"otlp, jaeger, statsd, zipkin"
[]string
serviceName
Specifies the name of the service to be used. If not specified the serviceName is set to a default.
"dynakube.name-telemetry-ingest"
string
tlsRefName
Secret containing a TLS certificate used by telemetryIngest.
No default (optional)
string
.spec.otlpExporterConfiguration
Dynatrace Operator version 1.8.0+
Enable automatic OTLP exporter configuration for application pods that are already instrumented with OpenTelemetry SDK.
Parameter
Description
Default value
Data type
signals
The OpenTelemetry signals that will be automatically ingested into Dynatrace.
If specified, indicates the Pod's priority. Name must be defined by creating a PriorityClass object wiht that name. If not specified the setting will be removed from the DaemonSet.
No default (optional)
string
resources
Define resource requests and limits for Node Configuration Collector Pods.
No default (optional)
ResourceRequirements
nodeAffinity
Define the nodeAffinity for the DaemonSet of the Node Configuration Collector
No default (optional)
NodeAffinity
tolerations
Set tolerations for the Node Configuration Collector pods.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
args
Set additional arguments for the Node Configuration Collector main container.
No default (optional)
[]string
env
Set additional environment variables for the Node Configuration Collector main container.
Labels applied to Extension Execution Controller pod.
No default (optional)
map[string]string
annotations
Annotations applied to Extension Execution Controller pod.
No default (optional)
map[string]string
tlsRefName
Secret containing a TLS certificate for communication between Extension Execution Controller and Dynatrace Collector.
No default (optional)
string
customConfig
ConfigMap holding a custom Extension Execution Controller configuration.
No default (optional)
string
customExtensionCertificates
Secret holding certificates that have been used to sign custom extensions. Needed for extensions signature validation by Extension Execution Controller.
No default (optional)
string
resources
Resource settings for Extension Execution Controller pod.
No default (optional)
ResourceRequirements
tolerations
Tolerations for Extension Execution Controller pod.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
topologySpreadConstraints
Topology spread constraints for Extension Execution Controller pod.
No default (optional)
[]corev1.TopologySpreadConstraint
useEphemeralVolume
Indicates whether to use ephemeral volume for storage.
apiUrl parameter is Required and immutable. Once set, it cannot be modified in an existing DynaKube.
All other parameters are Optional.
Parameter
Description
Default value
Data type
apiUrl
Dynatrace apiUrl, including the /api path at the end.- For SaaS, set YOUR_ENVIRONMENT_ID to your environment ID.- For Managed, change the apiUrl address.For instructions on how to determine the environment ID and how to configure the apiUrl address, see Environment ID
No default (required)
string
customPullSecret
Defines a custom pull secret in case you use a private registry when pulling images from the Dynatrace environment.Note: For the node image pull feature without the CSI driver, you must manually ensure that pull secrets are available on the injected pod. See node image pull prerequisites for more details.To define a custom pull secret and learn about the expected behavior, see Configure customPullSecret.
No default (optional)
string
dynatraceApiRequestThreshold
Minimum minutes between Dynatrace API requests.
15
integer
enableIstio
When enabled, and if Istio is installed on the Kubernetes environment, Dynatrace Operator will create the corresponding VirtualService and ServiceEntry objects to allow access to the Dynatrace Cluster from the OneAgent or ActiveGate.Disabled by default.
No default (optional)
boolean
networkZone
Sets a network zone for the OneAgent and ActiveGate Pods.
No default (optional)
string
proxy
Set custom proxy settings either directly or from a secret with the field proxy.Applies to Dynatrace Operator, ActiveGate, and OneAgents.
No default (optional)
DynaKubeProxy
skipCertCheck
Disable certificate check for the connection between Dynatrace Operator and the Dynatrace Cluster.Set to true if you want to skip certification validation checks.
No default (optional)
boolean
tokens
Name of the secret holding the tokens used for connecting to Dynatrace.
No default (optional)
string
trustedCAs
Adds custom RootCAs from a configmap.The key to the data must be certs.This applies to Dynatrace Operator, OneAgent, and ActiveGate.
No default (optional)
string
.spec.oneAgent
Parameter
Description
Default value
Data type
hostGroup
Specify the name of the group to which you want to assign the host. This method is preferred over the now obsolete --set-host-group argument. If both settings are used, this field takes precedence over the --set-host-group argument.
No default (optional)
string
.spec.oneAgent.cloudNativeFullStack
All parameters are Optional.
Recommended
Parameter
Description
Default value
Data type
annotations
Add custom OneAgent annotations.
No default (optional)
map[string]string
args
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
Specifies the OneAgent CodeModules image used for injection into application pods. Updates are applied only when the image reference changes. If a floating tag (for example, latest) is used, new images pushed under the same tag are not automatically picked up on existing nodes. It is recommended to use a unique tag for each OneAgent CodeModule image version.
No default (optional)
string
dnsPolicy
Set the DNS policy for OneAgent pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent pods.
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
storageHostPath
Writable directory on the host filesystem where OneAgent configurations will be stored.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used for host monitoring OneAgents running in the dedicated pod. This setting doesn't affect the OneAgent version used for application monitoring.
The latest version is used by default.
string
.spec.oneAgent.classicFullStack
All parameters are Optional.
Parameter
Description
Default value
Data type
annotations
Add custom OneAgent annotations.
No default (optional)
map[string]string
args
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
Set the DNS Policy for OneAgent pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent pods.
No default (optional)
[]EnvVar
image
Use a custom OneAgent Docker image. Defaults to the image from the Dynatrace cluster.
Name of the image.
string
labels
Your defined labels for OneAgent pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
storageHostPath
Writeable directory on the host filesystem where OneAgent configurations will be stored.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used.
The latest version is used by default.
string
.spec.oneAgent.applicationMonitoring
All parameters are Optional.
Parameter
Description
Default value
Data type
codeModulesImage
Specifies the OneAgent CodeModules image used for injection into application pods. Updates are applied only when the image reference changes. If a floating tag (for example, latest) is used, new images pushed under the same tag are not automatically picked up on existing nodes. It is recommended to use a unique tag for each OneAgent CodeModule image version.
Set the DNS Policy for OneAgent pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent pods.
No default (optional)
[]EnvVar
image
Use a custom OneAgent Docker image.
The image from the Dynatrace cluster.
string
labels
Your defined labels for OneAgent pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
storageHostPath
Writeable directory on the host filesystem where OneAgent configurations will be stored.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used.
The latest version is used by default.
string
.spec.activeGate
capabilities parameter is Required.
resources and group parameters are Recommended.
All other parameters are Optional.
Parameter
Description
Default value
Data type
annotations
Add custom ActiveGate annotations.
No default (optional)
map[string]string
capabilities
Defines the ActiveGate pod capabilities: what functionality should be enabled.Possible values:- routing enables OneAgent routing.- kubernetes-monitoring enables Kubernetes API monitoring.- metrics-ingest1 opens the metrics ingest endpoint on the DynaKube ActiveGate and redirects all pods to it.- dynatrace-api1 enables calling the Dynatrace API via ActiveGate.- debugging enables the Live Debugging module in ActiveGate.
No default (required)
string
customProperties
Add a custom properties file by providing it as a value or by referencing it from a secret.When referencing a custom properties file from a secret, make sure that the key is named customProperties. See How to add a custom properties file for details.
No default (optional)
string
dnsPolicy
Set the DNS policy for ActiveGate pods.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the ActiveGate pods.
Use a custom ActiveGate image. Defaults to the latest ActiveGate image from the Dynatrace cluster.
No default (optional)
string
labels
Your defined labels for ActiveGate pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes ActiveGate will be deployed.
No default (optional)
map[string]string
priorityClassName
Assign a priority class to the ActiveGate pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
replicas
Number of replicas of ActiveGate pods.
1
int
resources
Resource settings for ActiveGate container. Consumption of the ActiveGate heavily depends on the workload to monitor; adjust values accordingly.
No default (recommended)
ResourceRequirements
terminationGracePeriodSeconds
Configures the terminationGracePeriodSeconds parameter of the ActiveGate pod. Kubernetes defaults and rules apply.
No default (optional)
int
tlsSecretName
Name of a secret containing ActiveGate TLS certificate, key, and password. If not set, a self-signed certificate is used. For details, see How to add a custom certificate for ActiveGate.
Available with Dynatrace version 1.306 and OneAgent 1.305
Log Monitoring requires the kubernetes-monitoringActiveGate capability to be enabled, but it doesn't have to be configured in the same DynaKube. If kubernetes-monitoring is missing or the feature flag feature.dynatrace.com/automatic-kubernetes-api-monitoring is set to false, the Operator produces a warning but Log Monitoring still deploys.
All parameters in .spec.logMonitoring are Optional.
Parameter
Description
Default value
Data type
ingestRuleMatchers
Specifies the rules and conditions for matching ingest attributes.
This field is immutable. Once set, it will no longer be updated.
Parameter
Description
Default value
Data type
attribute
Specifies the attribute name for matching ingest rules.
No default (optional)
string
values
Lists the values that the attribute must match for an ingest rule to apply.
No default (optional)
[]string
Example:
ingestRuleMatchers:
- attribute: "k8s.namespace.name"
values:
- "kube-system"
- "dynatrace"
- "default"
- attribute: "k8s.pod.annotation"
values:
- "logs.dynatrace.com/ingest=true"
- "category=security"
.spec.telemetryIngest
Dynatrace Operator version 1.6.0+
Enable Dynatrace telemetry endpoints in Kubernetes for cluster-local data ingest. Adding this section deploys the Dynatrace Collector by Dynatrace Operator.
Parameter
Description
Default value
Data type
protocols
Specifies the protocols that will be ingested by the Dynatrace Collector.
"otlp, jaeger, statsd, zipkin"
[]string
serviceName
Specifies the name of the service to be used. If not specified the serviceName is set to a default.
"dynakube.name-telemetry-ingest"
string
tlsRefName
Secret containing a TLS certificate used by telemetryIngest.
No default (optional)
string
.spec.templates
.spec.templates.kspmNodeConfigurationCollector
Parameter
Description
Default value
Data type
updateStrategy
Define the Node Configuration Collector daemonSet updateStrategy
No default (optional)
DaemonSetUpdateStrategy
labels
Add custom labels to the Node Configuration Collector pods.
No default (optional)
map[string]string
annotations
Add custom annotations to the Node Configuration Collector pods.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes the Node Configuration Collector pods will be deployed.
If specified, indicates the Pod's priority. Name must be defined by creating a PriorityClass object wiht that name. If not specified the setting will be removed from the DaemonSet.
No default (optional)
string
resources
Define resource requests and limits for Node Configuration Collector Pods.
No default (optional)
ResourceRequirements
nodeAffinity
Define the nodeAffinity for the DaemonSet of the Node Configuration Collector
No default (optional)
NodeAffinity
tolerations
Set tolerations for the Node Configuration Collector pods.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
args
Set additional arguments for the Node Configuration Collector main container.
No default (optional)
[]string
env
Set additional environment variables for the Node Configuration Collector main container.
Labels applied to Extension Execution Controller pod.
No default (optional)
map[string]string
annotations
Annotations applied to Extension Execution Controller pod.
No default (optional)
map[string]string
tlsRefName
Secret containing a TLS certificate for communication between Extension Execution Controller and Dynatrace Collector.
No default (optional)
string
customConfig
ConfigMap holding a custom Extension Execution Controller configuration.
No default (optional)
string
customExtensionCertificates
Secret holding certificates that have been used to sign custom extensions. Needed for extensions signature validation by Extension Execution Controller.
No default (optional)
string
resources
Resource settings for Extension Execution Controller pod.
No default (optional)
ResourceRequirements
tolerations
Tolerations for Extension Execution Controller pod.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
topologySpreadConstraints
Topology spread constraints for Extension Execution Controller pod.
No default (optional)
[]corev1.TopologySpreadConstraint
useEphemeralVolume
Indicates whether to use ephemeral volume for storage.
Topology spread constraints for Dynatrace Collector pod.
No default (optional)
[]corev1.TopologySpreadConstraint
.spec.templates.otelCollector.imageRef
Dynatrace Operator version 1.6.0+
Parameter
Description
Default value
Data type
repository
URL of Dynatrace Collector image.
public.ecr.aws/dynatrace/dynatrace-otel-collector
string
tag
Tag for Dynatrace Collector image.
latest
string
Dynatrace Operator version 1.5.0+
.spec
apiUrl parameter is Required and immutable. Once set, it cannot be modified in an existing DynaKube.
All other parameters are Optional.
Parameter
Description
Default value
Data type
apiUrl
Dynatrace apiUrl, including the /api path at the end.- For SaaS, set YOUR_ENVIRONMENT_ID to your environment ID.- For Managed, change the apiUrl address.For instructions on how to determine the environment ID and how to configure the apiUrl address, see Environment ID
No default (required)
string
customPullSecret
Defines a custom pull secret in case you use a private registry when pulling images from the Dynatrace environment.Note: For the node image pull feature without the CSI driver, you must manually ensure that pull secrets are available on the injected pod. See node image pull prerequisites for more details.To define a custom pull secret and learn about the expected behavior, see Configure customPullSecret.
No default (optional)
string
dynatraceApiRequestThreshold
Minimum minutes between Dynatrace API requests.
15
integer
enableIstio
When enabled, and if Istio is installed on the Kubernetes environment, Dynatrace Operator will create the corresponding VirtualService and ServiceEntry objects to allow access to the Dynatrace Cluster from the OneAgent or ActiveGate.Disabled by default.
No default (optional)
boolean
networkZone
Sets a network zone for the OneAgent and ActiveGate Pods.
No default (optional)
string
proxy
Set custom proxy settings either directly or from a secret with the field proxy.Applies to Dynatrace Operator, ActiveGate, and OneAgents.
No default (optional)
DynaKubeProxy
skipCertCheck
Disable certificate check for the connection between Dynatrace Operator and the Dynatrace Cluster.Set to true if you want to skip certification validation checks.
No default (optional)
boolean
tokens
Name of the secret holding the tokens used for connecting to Dynatrace.
No default (optional)
string
trustedCAs
Adds custom RootCAs from a configmap.The key to the data must be certs.This applies to Dynatrace Operator, OneAgent, and ActiveGate.
No default (optional)
string
.spec.oneAgent
Parameter
Description
Default value
Data type
hostGroup
Specify the name of the group to which you want to assign the host. This method is preferred over the now obsolete --set-host-group argument. If both settings are used, this field takes precedence over the --set-host-group argument.
No default (optional)
string
.spec.oneAgent.cloudNativeFullStack
All parameters are Optional.
Recommended
Parameter
Description
Default value
Data type
annotations
Add custom OneAgent annotations.
No default (optional)
map[string]string
args
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
Specifies the OneAgent CodeModules image used for injection into application pods. Updates are applied only when the image reference changes. If a floating tag (for example, latest) is used, new images pushed under the same tag are not automatically picked up on existing nodes. It is recommended to use a unique tag for each OneAgent CodeModule image version.
No default (optional)
string
dnsPolicy
Set the DNS Policy for OneAgent Pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent Pods.
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent Pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
storageHostPath
Writeable directory on the host filesystem where OneAgent configurations will be stored.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used for host monitoring OneAgents running in the dedicated Pod. This setting doesn't affect the OneAgent version used for application monitoring.
The latest version is used by default.
string
.spec.oneAgent.classicFullStack
All parameters are Optional.
Parameter
Description
Default value
Data type
annotations
Add custom OneAgent annotations.
No default (optional)
map[string]string
args
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
Set the DNS Policy for OneAgent Pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent Pods.
No default (optional)
[]EnvVar
image
Use a custom OneAgent Docker image. Defaults to the image from the Dynatrace cluster.
Name of the image.
string
labels
Your defined labels for OneAgent Pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent Pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
storageHostPath
Writeable directory on the host filesystem where OneAgent configurations will be stored.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used.
The latest version is used by default.
string
.spec.oneAgent.applicationMonitoring
All parameters are Optional.
Parameter
Description
Default value
Data type
codeModulesImage
Specifies the OneAgent CodeModules image used for injection into application pods. Updates are applied only when the image reference changes. If a floating tag (for example, latest) is used, new images pushed under the same tag are not automatically picked up on existing nodes. It is recommended to use a unique tag for each OneAgent CodeModule image version.
Set the DNS Policy for OneAgent Pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent Pods.
No default (optional)
[]EnvVar
image
Use a custom OneAgent Docker image.
The image from the Dynatrace cluster.
string
labels
Your defined labels for OneAgent Pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent Pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
storageHostPath
Writeable directory on the host filesystem where OneAgent configurations will be stored.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used.
The latest version is used by default.
string
.spec.activeGate
capabilities parameter is Required.
resources and group parameters are Recommended.
All other parameters are Optional.
Parameter
Description
Default value
Data type
annotations
Add custom ActiveGate annotations.
No default (optional)
map[string]string
capabilities
Defines the ActiveGate pod capabilities: what functionality should be enabled.Possible values:- routing enables OneAgent routing.- kubernetes-monitoring enables Kubernetes API monitoring.- metrics-ingest1 opens the metrics ingest endpoint on the DynaKube ActiveGate and redirects all pods to it.- dynatrace-api1 enables calling the Dynatrace API via ActiveGate.- debugging enables the Live Debugging module in ActiveGate.
No default (required)
string
customProperties
Add a custom properties file by providing it as a value or by referencing it from a secret.When referencing a custom properties file from a secret, make sure that the key is named customProperties. See How to add a custom properties file for details.
No default (optional)
string
dnsPolicy
Set the DNS policy for ActiveGate pods.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the ActiveGate pods.
Use a custom ActiveGate image. Defaults to the latest ActiveGate image from the Dynatrace cluster.
No default (optional)
string
labels
Your defined labels for ActiveGate pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes ActiveGate will be deployed.
No default (optional)
map[string]string
priorityClassName
Assign a priority class to the ActiveGate pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
replicas
Number of replicas of ActiveGate pods.
1
int
resources
Resource settings for ActiveGate container. Consumption of the ActiveGate heavily depends on the workload to monitor; adjust values accordingly.
No default (recommended)
ResourceRequirements
terminationGracePeriodSeconds
Configures the terminationGracePeriodSeconds parameter of the ActiveGate pod. Kubernetes defaults and rules apply.
No default (optional)
int
tlsSecretName
Name of a secret containing ActiveGate TLS certificate, key, and password. If not set, a self-signed certificate is used. For details, see How to add a custom certificate for ActiveGate.
Indicates whether to use ephemeral volume for storage.
No default (optional)
boolean
persistentVolumeClaim
The PVC spec used for persistent temporary storage of ingested data. If none is given a default PVC spec is used (requires definition of a default storage class).
kubernetes-monitoring is mandatory and has to be added to the list of ActiveGate capabilities in .spec.activeGate.capabilities and
The feature flag feature.dynatrace.com/automatic-kubernetes-api-monitoring must not be set to false.
.spec.logMonitoring
Available with Dynatrace version 1.306 and OneAgent 1.305
Log Monitoring requires the kubernetes-monitoringActiveGate capability to be enabled, but it doesn't have to be configured in the same DynaKube. If kubernetes-monitoring is missing or the feature flag feature.dynatrace.com/automatic-kubernetes-api-monitoring is set to false, the Operator produces a warning but Log Monitoring still deploys.
All parameters in .spec.logMonitoring are Optional.
Parameter
Description
Default value
Data type
ingestRuleMatchers
Specifies the rules and conditions for matching ingest attributes.
If specified, indicates the Pod's priority. Name must be defined by creating a PriorityClass object wiht that name. If not specified the setting will be removed from the DaemonSet.
No default (optional)
string
resources
Define resource requests and limits for Node Configuration Collector Pods.
No default (optional)
ResourceRequirements
nodeAffinity
Define the nodeAffinity for the DaemonSet of the Node Configuration Collector
No default (optional)
NodeAffinity
tolerations
Set tolerations for the Node Configuration Collector Pods.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
args
Set additional arguments for the Node Configuration Collector main container.
No default (optional)
[]string
env
Set additional environment variables for the Node Configuration Collector main container.
Lables applied to Extension Execution Controller Pod.
No default (optional)
map[string]string
annotations
Annotations applied to Extension Execution Controller Pod.
No default (optional)
map[string]string
tlsRefName
Secret containing a TLS certificate for communication between Extension Execution Controller and Dynatrace Collector.
No default (optional)
string
customConfig
ConfigMap holding a custom Extension Execution Controller configuration.
No default (optional)
string
customExtensionCertificates
Secret holding certificates that have been used to sign custom extensions. Needed for extensions signature validation by Extension Execution Controller.
No default (optional)
string
resources
Resource settings for Extension Execution Controller Pod.
No default (optional)
ResourceRequirements
tolerations
Tolerations for Extension Execution Controller Pod.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
topologySpreadConstraints
Topology spread constraints for Extension Execution Controller Pod.
No default (optional)
[]corev1.TopologySpreadConstraint
useEphemeralVolume
Indicates whether to use ephemeral volume for storage.
Topology spread constraints for Dynatrace Collector Pod.
No default (optional)
[]corev1.TopologySpreadConstraint
.spec.templates.otelCollector.imageRef
Dynatrace Operator version 1.6.0+
Parameter
Description
Default value
Data type
repository
URL of Dynatrace Collector image.
public.ecr.aws/dynatrace/dynatrace-otel-collector
string
tag
Tag for Dynatrace Collector image.
latest
string
Dynatrace Operator version 1.4.0+
.spec
apiUrl parameter is Required and immutable. Once set, it cannot be modified on an existing DynaKube.
All other parameters are Optional.
Parameter
Description
Default value
Data type
apiUrl
Dynatrace apiUrl, including the /api path at the end.- For SaaS, set YOUR_ENVIRONMENT_ID to your environment ID.- For Managed, change the apiUrl address.For instructions on how to determine the environment ID and how to configure the apiUrl address, see Environment ID
No default (required)
string
customPullSecret
Defines a custom pull secret in case you use a private registry when pulling images from the Dynatrace environment.Note: For the node image pull feature without the CSI driver, you must manually ensure that pull secrets are available on the injected pod. See node image pull prerequisites for more details.To define a custom pull secret and learn about the expected behavior, see Configure customPullSecret.
No default (optional)
string
dynatraceApiRequestThreshold
Minimum minutes between Dynatrace API requests.
15
integer
enableIstio
When enabled, and if Istio is installed on the Kubernetes environment, Dynatrace Operator will create the corresponding VirtualService and ServiceEntry objects to allow access to the Dynatrace Cluster from the OneAgent or ActiveGate.Disabled by default.
No default (optional)
boolean
networkZone
Sets a network zone for the OneAgent and ActiveGate Pods.
No default (optional)
string
proxy
Set custom proxy settings either directly or from a secret with the field proxy.Applies to Dynatrace Operator, ActiveGate, and OneAgents.
No default (optional)
DynaKubeProxy
skipCertCheck
Disable certificate check for the connection between Dynatrace Operator and the Dynatrace Cluster.Set to true if you want to skip certification validation checks.
No default (optional)
boolean
tokens
Name of the secret holding the tokens used for connecting to Dynatrace.
No default (optional)
string
trustedCAs
Adds custom RootCAs from a configmap.The key to the data must be certs.This applies to Dynatrace Operator, OneAgent, and ActiveGate.
No default (optional)
string
.spec.oneAgent
Parameter
Description
Default value
Data type
hostGroup
Specify the name of the group to which you want to assign the host. This method is preferred over the now obsolete --set-host-group argument. If both settings are used, this field takes precedence over the --set-host-group argument.
No default (optional)
string
.spec.oneAgent.cloudNativeFullStack
All parameters are Optional.
Recommended
Parameter
Description
Default value
Data type
annotations
Add custom OneAgent annotations.
No default (optional)
map[string]string
args
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent Pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used for host monitoring OneAgents running in the dedicated Pod. This setting doesn't affect the OneAgent version used for application monitoring.
The latest version is used by default.
string
.spec.oneAgent.classicFullStack
All parameters are Optional.
Parameter
Description
Default value
Data type
annotations
Add custom OneAgent annotations.
No default (optional)
map[string]string
args
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
Set the DNS Policy for OneAgent Pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent Pods.
No default (optional)
[]EnvVar
image
Use a custom OneAgent Docker image. Defaults to the image from the Dynatrace cluster.
Name of the image.
string
labels
Your defined labels for OneAgent Pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent Pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used.
The latest version is used by default.
string
.spec.oneAgent.applicationMonitoring
All parameters are Optional.
Parameter
Description
Default value
Data type
codeModulesImage
The OneAgent image that is used to inject into Pods
Set the DNS Policy for OneAgent Pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent Pods.
No default (optional)
[]EnvVar
image
Use a custom OneAgent Docker image.
The image from the Dynatrace cluster.
string
labels
Your defined labels for OneAgent Pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent Pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used.
The latest version is used by default.
string
.spec.activeGate
capabilities parameter is Required.
resources and group parameters are Recommended.
All other parameters are Optional.
Parameter
Description
Default value
Data type
annotations
Add custom ActiveGate annotations.
No default (optional)
map[string]string
capabilities
Defines the ActiveGate pod capabilities: what functionality should be enabled.Possible values:- routing enables OneAgent routing.- kubernetes-monitoring enables Kubernetes API monitoring.- metrics-ingest1 opens the metrics ingest endpoint on the DynaKube ActiveGate and redirects all pods to it.- dynatrace-api1 enables calling the Dynatrace API via ActiveGate.- debugging enables the Live Debugging module in ActiveGate.
No default (required)
string
customProperties
Add a custom properties file by providing it as a value or by referencing it from a secret.When referencing a custom properties file from a secret, make sure that the key is named customProperties. See How to add a custom properties file for details.
No default (optional)
string
dnsPolicy
Set the DNS policy for ActiveGate pods.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the ActiveGate pods.
Use a custom ActiveGate image. Defaults to the latest ActiveGate image from the Dynatrace cluster.
No default (optional)
string
labels
Your defined labels for ActiveGate pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes ActiveGate will be deployed.
No default (optional)
map[string]string
priorityClassName
Assign a priority class to the ActiveGate pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
replicas
Number of replicas of ActiveGate pods.
1
int
resources
Resource settings for ActiveGate container. Consumption of the ActiveGate heavily depends on the workload to monitor; adjust values accordingly.
No default (recommended)
ResourceRequirements
tlsSecretName
Name of a secret containing ActiveGate TLS certificate, key, and password. If not set, a self-signed certificate is used. For details, see How to add a custom certificate for ActiveGate.
kubernetes-monitoring is mandatory and has to be added to the list of ActiveGate capabilities in .spec.activeGate.capabilities and
The feature flag feature.dynatrace.com/automatic-kubernetes-api-monitoring must not be set to false.
.spec.logMonitoring
Available with Dynatrace version 1.306 and OneAgent 1.305
Log Monitoring requires the kubernetes-monitoringActiveGate capability to be enabled, but it doesn't have to be configured in the same DynaKube. If kubernetes-monitoring is missing or the feature flag feature.dynatrace.com/automatic-kubernetes-api-monitoring is set to false, the Operator produces a warning but Log Monitoring still deploys.
All parameters in .spec.logMonitoring are Optional.
Parameter
Description
Default value
Data type
ingestRuleMatchers
Specifies the rules and conditions for matching ingest attributes.
If specified, indicates the Pod's priority. Name must be defined by creating a PriorityClass object wiht that name. If not specified the setting will be removed from the DaemonSet.
No default (optional)
string
resources
Define resource requests and limits for Node Configuration Collector Pods.
No default (optional)
ResourceRequirements
nodeAffinity
Define the nodeAffinity for the DaemonSet of the Node Configuration Collector
No default (optional)
NodeAffinity
tolerations
Set tolerations for the Node Configuration Collector Pods.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
args
Set additional arguments for the Node Configuration Collector main container.
No default (optional)
[]string
env
Set additional environment variables for the Node Configuration Collector main container.
Lables applied to Extension Execution Controller Pod.
No default (optional)
map[string]string
annotations
Annotations applied to Extension Execution Controller Pod.
No default (optional)
map[string]string
tlsRefName
Secret containing a TLS certificate for communication between Extension Execution Controller and Dynatrace Collector.
No default (optional)
string
customConfig
ConfigMap holding a custom Extension Execution Controller configuration.
No default (optional)
string
customExtensionCertificates
Secret holding certificates that have been used to sign custom extensions. Needed for extensions signature validation by Extension Execution Controller.
No default (optional)
string
resources
Resource settings for Extension Execution Controller Pod.
No default (optional)
ResourceRequirements
tolerations
Tolerations for Extension Execution Controller Pod.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
topologySpreadConstraints
Topology spread constraints for Extension Execution Controller Pod.
Topology spread constraints for Dynatrace Collector Pod.
No default (optional)
[]corev1.TopologySpreadConstraint
.spec.templates.otelCollector.imageRef
Available with a future Dynatrace version.
Parameter
Description
Default value
Data type
repository
URL of Dynatrace Collector image.
public.ecr.aws/dynatrace/dynatrace-otel-collector
string
tag
Tag for Dynatrace Collector image.
latest
string
Dynatrace Operator version 1.2.0 - 1.6.0
Deprecation notice
DynaKube API version v1beta2 is no longer available with Dynatrace Operator version 1.7.0+.
.spec
apiUrl parameter is Required.
All other parameters are Optional.
Parameter
Description
Default value
Data type
apiUrl
Dynatrace apiUrl, including the /api path at the end.- For SaaS, set YOUR_ENVIRONMENT_ID to your environment ID.- For Managed, change the apiUrl address.For instructions on how to determine the environment ID and how to configure the apiUrl address, see Environment ID
No default (required)
string
customPullSecret
Defines a custom pull secret in case you use a private registry when pulling images from the Dynatrace environment.Note: For the node image pull feature without the CSI driver, you must manually ensure that pull secrets are available on the injected pod. See node image pull prerequisites for more details.To define a custom pull secret and learn about the expected behavior, see Configure customPullSecret.
No default (optional)
string
dynatraceApiRequestThreshold
Minimum minutes between Dynatrace API requests.
15
integer
enableIstio
When enabled, and if Istio is installed on the Kubernetes environment, Dynatrace Operator will create the corresponding VirtualService and ServiceEntry objects to allow access to the Dynatrace Cluster from the OneAgent or ActiveGate.Disabled by default.
No default (optional)
boolean
networkZone
Sets a network zone for the OneAgent and ActiveGate Pods.
No default (optional)
string
proxy
Set custom proxy settings either directly or from a secret with the field proxy.Applies to Dynatrace Operator, ActiveGate, and OneAgents.
No default (optional)
DynaKubeProxy
skipCertCheck
Disable certificate check for the connection between Dynatrace Operator and the Dynatrace Cluster.Set to true if you want to skip certification validation checks.
No default (optional)
boolean
tokens
Name of the secret holding the tokens used for connecting to Dynatrace.
No default (optional)
string
trustedCAs
Adds custom RootCAs from a configmap.The key to the data must be certs.This applies to Dynatrace Operator, OneAgent, and ActiveGate.
No default (optional)
string
.spec.oneAgent
Parameter
Description
Default value
Data type
hostGroup
Specify the name of the group to which you want to assign the host. This method is preferred over the now obsolete --set-host-group argument. If both settings are used, this field takes precedence over the --set-host-group argument.
No default (optional)
string
.spec.oneAgent.cloudNativeFullStack
All parameters are Optional.
Recommended
Parameter
Description
Default value
Data type
annotations
Add custom OneAgent annotations.
No default (optional)
map[string]string
args
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent Pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used for host monitoring OneAgents running in the dedicated Pod. This setting doesn't affect the OneAgent version used for application monitoring.
The latest version is used by default.
string
.spec.oneAgent.classicFullStack
All parameters are Optional.
Parameter
Description
Default value
Data type
annotations
Add custom OneAgent annotations.
No default (optional)
map[string]string
args
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
Set the DNS Policy for OneAgent Pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent Pods.
No default (optional)
[]EnvVar
image
Use a custom OneAgent Docker image. Defaults to the image from the Dynatrace cluster.
Name of the image.
string
labels
Your defined labels for OneAgent Pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent Pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used.
The latest version is used by default.
string
.spec.oneAgent.applicationMonitoring
All parameters are Optional.
Parameter
Description
Default value
Data type
codeModulesImage
The OneAgent image that is used to inject into Pods
Set the DNS Policy for OneAgent Pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the OneAgent Pods.
No default (optional)
[]EnvVar
image
Use a custom OneAgent Docker image.
The image from the Dynatrace cluster.
string
labels
Your defined labels for OneAgent Pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
No default (optional)
ResourceRequirements
priorityClassName
Assign a priority class to the OneAgent Pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
secCompProfile
The SecComp Profile that will be configured in order to run in secure computing mode.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
version
The OneAgent version to be used.
The latest version is used by default.
string
.spec.activeGate
capabilities parameter is Required.
resources and group parameters are Recommended.
All other parameters are Optional.
Parameter
Description
Default value
Data type
annotations
Add custom ActiveGate annotations.
No default (optional)
map[string]string
capabilities
Defines the ActiveGate pod capabilities: what functionality should be enabled.Possible values:- routing enables OneAgent routing.- kubernetes-monitoring enables Kubernetes API monitoring.- metrics-ingest1 opens the metrics ingest endpoint on the DynaKube ActiveGate and redirects all pods to it.- dynatrace-api1 enables calling the Dynatrace API via ActiveGate.- debugging enables the Live Debugging module in ActiveGate.
No default (required)
string
customProperties
Add a custom properties file by providing it as a value or by referencing it from a secret.When referencing a custom properties file from a secret, make sure that the key is named customProperties. See How to add a custom properties file for details.
No default (optional)
string
dnsPolicy
Set the DNS policy for ActiveGate pods.
ClusterFirstWithHostNet
string
env
Set additional environment variables for the ActiveGate pods.
Use a custom ActiveGate image. Defaults to the latest ActiveGate image from the Dynatrace cluster.
No default (optional)
string
labels
Your defined labels for ActiveGate pods in order to structure workloads as desired.
No default (optional)
map[string]string
nodeSelector
Specify the node selector that controls on which nodes ActiveGate will be deployed.
No default (optional)
map[string]string
priorityClassName
Assign a priority class to the ActiveGate pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
replicas
Number of replicas of ActiveGate pods.
1
int
resources
Resource settings for ActiveGate container. Consumption of the ActiveGate heavily depends on the workload to monitor; adjust values accordingly.
No default (recommended)
ResourceRequirements
tlsSecretName
Name of a secret containing ActiveGate TLS certificate, key, and password. If not set, a self-signed certificate is used. For details, see How to add a custom certificate for ActiveGate.
DynaKube API version v1beta1 is no longer available with Dynatrace Operator version 1.6.0+.
| namespaceSelector | The namespaces where you want Dynatrace Operator to inject. For more information, see Configure monitoring for namespaces and Pods. | No default (optional) | LabelSelector |
Dynatrace Operator version <=1.6.0
Deprecation notice
DynaKube API version v1beta1 is no longer available with Dynatrace Operator version 1.7.0+.
.spec
apiUrl parameter is Required.
All other parameters are Optional.
Parameter
Description
Default value
Data type
apiUrl
Dynatrace apiUrl, including the /api path at the end.- For SaaS, set YOUR_ENVIRONMENT_ID to your environment ID.- For Managed, change the apiUrl address.For instructions on how to determine the environment ID and how to configure the apiUrl address, see Environment ID.
No default (required)
string
tokens
Name of the secret holding the tokens.
Name of custom resource (.metadata.name) if unset
string
skipCertCheck
Disable certificate check for the connection between Dynatrace Operator and the Dynatrace Cluster.Set to true if you want to skip certification validation checks.
false
boolean
proxy
Set custom proxy settings either directly or from a secret with the field proxy.Applies to Dynatrace Operator, ActiveGate, and OneAgents.
No default (optional)
string
trustedCAs
Adds custom RootCAs from a configmap. Put the certificate under certs within your configmap.This applies to Dynatrace Operator, OneAgent, and ActiveGate.
No default (optional)
string
networkZone
Sets a network zone for the OneAgent and ActiveGate Pods.
No default (optional)
string
customPullSecret
Defines a custom pull secret in case you use a private registry when pulling images from the Dynatrace environment.Note: For the node image pull feature without the CSI driver, you must manually ensure that pull secrets are available on the injected pod. See node image pull prerequisites for more details.To define a custom pull secret and learn about the expected behavior, see Configure customPullSecret.
No default (optional)
string
enableIstio
When enabled, and if Istio is installed on the Kubernetes environment, Dynatrace Operator will create the corresponding VirtualService and ServiceEntry objects to allow access to the Dynatrace Cluster from the OneAgent or ActiveGate. Disabled by default.
false
boolean
namespaceSelector
Applicable only for applicationMonitoring or cloudNativeFullStack configuration types. The namespaces where you want Dynatrace Operator to inject. For more information, see Configure monitoring for namespaces and Pods.
No default (optional)
LabelSelector
.spec.oneAgent
Parameter
Description
Default value
Data type
hostGroup
Specify the name of the group to which you want to assign the host. This method is preferred over the now obsolete --set-host-group argument. If both settings are used, this field takes precedence over the --set-host-group argument.
No default (optional)
string
.spec.oneAgent.cloudNativeFullStack
All parameters are Optional.
Recommended
Parameter
Description
Default value
Data type
image
Use a custom OneAgent Docker image.
The image from the Dynatrace cluster.
string
codeModulesImage
The OneAgent image that is used to inject into Pods
No default (optional)
string
version
The OneAgent version to be used for host monitoring OneAgents running in the dedicated Pod. This setting doesn't affect the OneAgent version used for application monitoring.
The latest version is used by default.
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
nodeSelector
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
priorityClassName
Assign a priority class to the OneAgent Pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
Set the DNS Policy for OneAgent Pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
annotations
Add custom OneAgent annotations.
No default (optional)
map[string]string
labels
Your defined labels for OneAgent Pods in order to structure workloads as desired.
No default (optional)
map[string]string
env
Set additional environment variables for the OneAgent Pods.
No default (optional)
[]EnvVar
args
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
No default (optional)
[]string
nodeSelector
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
priorityClassName
Assign a priority class to the OneAgent Pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
No default (optional)
ResourceRequirements
.spec.oneAgent.applicationMonitoring
All parameters are Optional.
Parameter
Description
Default value
Data type
codeModulesImage
The OneAgent image that is used to inject into Pods
No default (optional)
string
version
The OneAgent version to be used.
The latest version is used by default.
string
useCSIDriver
Set if you want to use the CSI driver. Don't enable it if you do not have access to Kubernetes nodes or if you lack privileges.
Specify the name of the group to which you want to assign the host. This method is preferred over the now obsolete --set-host-group argument. If both settings are used, this field takes precedence over the --set-host-group argument.
Specify the node selector that controls on which nodes OneAgent will be deployed.
No default (optional)
map[string]string
priorityClassName
Assign a priority class to the OneAgent Pods. By default, no class is set.For details, see Pod Priority and Preemption.
No default (optional)
string
tolerations
Tolerations to include with the OneAgent DaemonSet.For details, see Taints and Tolerations.
No default (optional)
[]Toleration
oneAgentResources
Resource settings for OneAgent container. Consumption of the OneAgent heavily depends on the workload to monitor. You can use the default settings in the CR.resource.requests shows the values needed to run; resource.limits shows the maximum limits for the Pod.
Set the DNS Policy for OneAgent Pods.For details, see Pods DNS Policy.
ClusterFirstWithHostNet
string
annotations
Add custom OneAgent annotations.
No default (optional)
map[string]string
labels
Your defined labels for OneAgent Pods in order to structure workloads as desired.
No default (optional)
map[string]string
env
Set additional environment variables for the OneAgent Pods.
No default (optional)
[]EnvVar
args
Set additional arguments to the OneAgent installer.For available options, see Linux custom installation.For the list of limitations, see Limitations.
No default (optional)
[]string
.spec.activeGate
capabilities parameter is Required.
resources and group parameters are Recommended.
All other parameters are Optional.
Parameter
Description
Default value
Data type
capabilities
Defines the ActiveGate pod capabilities: what functionality should be enabled.Possible values:- routing enables OneAgent routing.- kubernetes-monitoring enables Kubernetes API monitoring.- metrics-ingest1 opens the metrics ingest endpoint on the DynaKube ActiveGate and redirects all pods to it.- dynatrace-api1 enables calling the Dynatrace API via ActiveGate.- debugging enables the Live Debugging module in ActiveGate.
No default (required)
string
image
Use a custom ActiveGate image. Defaults to the latest ActiveGate image from the Dynatrace cluster.
Add a custom properties file by providing it as a value or by referencing it from a secret.When referencing a custom properties file from a secret, make sure that the key is named customProperties. See How to add a custom properties file for details.
No default (optional)
string
tlsSecretName
Name of a secret containing ActiveGate TLS certificate, key, and password. If not set, a self-signed certificate is used. For details, see How to add a custom certificate for ActiveGate.
No default (optional)
string
dnsPolicy
Set the DNS policy for ActiveGate pods.
ClusterFirstWithHostNet
string
priorityClassName
Assign a priority class to the ActiveGate pods. By default, no class is set.For details, see Pod Priority and Preemption.
