Containerized ActiveGate volumes
While running, the ActiveGate container writes data to certain directories within the root filesystem.
Writeable directories
Purpose of directory | Default path |
---|---|
ActiveGate configuration |
|
ActiveGate SSL directory |
|
ActiveGate temporary files |
|
ActiveGate logs |
|
Environment data |
|
Dump files uploaded to ActiveGate by OneAgent |
|
ActiveGate temporary files |
|
Size requirements
See ActiveGate directories for estimated size requirements for each directory.
Hardened security
The ActiveGate example deployment has been hardened to minimize potential attacks: securityContext.readOnlyRootFilesystem
is set to true
.
This prevents the container from modifying any image content, so directories need to be set up using volumes.
Security context
securityContext:allowPrivilegeEscalation: falsecapabilities:drop:- allprivileged: falsereadOnlyRootFilesystem: truerunAsNonRoot: trueseccompProfile:type: RuntimeDefault
Volumes
volumeMounts:- name: server-certs-storagemountPath: /var/lib/dynatrace/gateway/ssl- name: ag-lib-gateway-configmountPath: /var/lib/dynatrace/gateway/config- name: ag-lib-gateway-tempmountPath: /var/lib/dynatrace/gateway/temp- name: ag-lib-gateway-datamountPath: /var/lib/dynatrace/gateway/data- name: ag-log-gatewaymountPath: /var/log/dynatrace/gateway- name: ag-tmp-gatewaymountPath: /var/tmp/dynatrace/gateway
Refer to ActiveGate storage requirements for volume sizing.