Set up Kubernetes Platform Monitoring with DaemonSet

deprecated

Manually configuring a daemonset to rollout OneAgent on a Kubernetes cluster is deprecated.

We recommend that you leverage Dynatrace Operator and benefit from automated lifecycle management and metadata enrichment. For a clear view of all the deployment strategies, see How it works.

This page describes how you can set up OneAgent on Kubernetes using the OneAgent DaemonSet. DaemonSet is a feature that makes sure that if a copy of a pod on a node dies, the copy is recreated, and if nodes are added to the cluster, copies of the pod are added as well.

Prerequisites

Pods must allow egress to your Dynatrace environment or to your Environment ActiveGate in order for metric routing to work properly.
Locate the ONEAGENT_INSTALLER_SCRIPT_URL. This information is shared during Dynatrace OneAgent installation.

To get your ONEAGENT_INSTALLER_SCRIPT_URL

In Dynatrace Hub, select OneAgent.
Select Set up > Linux.
Determine the installer script URL and token from the UI-provided wget command:

This is the URL:

OneAgent URL

Replace the value of arch parameter with <arch>. Ignore the flavor=default parameter.
For the API-Token value, you need a PaaS token.

Your URL should look like this: https://host.domain.com/api/v1/deployment/installer/agent/unix/default/latest?arch=<arch>

This is your ONEAGENT_INSTALLER_SCRIPT_URL.

This your URL and API token.

OneAgent installation page with URL to be modified

Append the API token to the URL using the API-Token parameter. Your URL should look like this:

https://host.domain.com/api/v1/deployment/installer/agent/unix/default/latest?arch=x86&flavor=default&Api-Token=<token>

This is your ONEAGENT_INSTALLER_SCRIPT_URL.

Install DaemonSet

Download or copy the dynatrace-oneagent.yml Kubernetes template.

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: dynatrace-oneagent
spec:
  selector:
    matchLabels:
      name: dynatrace-oneagent
  template:
    metadata:
      labels:
        name: dynatrace-oneagent
    spec:
      hostPID: true
      hostIPC: true
      hostNetwork: true
      nodeSelector:
        beta.kubernetes.io/os: linux
      volumes:
        - name: host-root
          hostPath:
            path: /
      containers:
        - name: dynatrace-oneagent
          image: dynatrace/oneagent
          env:
            - name: ONEAGENT_INSTALLER_SCRIPT_URL
              value: your_URL
            - name: ONEAGENT_INSTALLER_SKIP_CERT_CHECK
              value: 'false'
            - name: ONEAGENT_INSTALLER_DOWNLOAD_TOKEN
              value: '<API-Token>'
          args:
            - '--set-network-zone=<your.network.zone>'
          volumeMounts:
            - name: host-root
              mountPath: /mnt/root
          securityContext:
            privileged: true

ONEAGENT_INSTALLER_DOWNLOAD_TOKEN is only needed for OneAgent container image versions 1.39+ and is ignored for earlier versions.
The --set-app-log-content-access parameter is passed to the OneAgent installer and, when set to true (or 1), allows OneAgent to access log files for the purpose of log monitoring. For more about this and other parameters, see Customize OneAgent installation on Linux.
You can configure network zones by setting the --set-network-zone=<your.network.zone> parameter. See network zones for more information.

Deploy Dynatrace OneAgent using the created file dynatrace-oneagent.yml.

kubectl apply -f dynatrace-oneagent.yml --namespace=kube-system
daemonset "dynatrace-oneagent" created

oc apply -f dynatrace-oneagent.yml --namespace=kube-system
daemonset "dynatrace-oneagent" created

Verify that the dynatrace-oneagent DaemonSet has deployed pods to the cluster nodes successfully:

kubectl get pods --namespace=kube-system
NAME                       READY     STATUS              RESTARTS   AGE
dynatrace-oneagent-abcde   1/1       Running             0          1m

oc get pods --namespace=kube-system
NAME                       READY     STATUS              RESTARTS   AGE
dynatrace-oneagent-abcde   1/1       Running             0          1m

kubectl logs -f dynatrace-oneagent-abcde
09:46:18 Using volume-based storage
09:46:18 Started agent deployment as a Docker container, PID 1234.
09:46:18 Downloading agent to /tmp/Dynatrace-OneAgent-Linux.sh via https://EnvironmentID.live.dynatrace.com/api/v1/deployment/installer/agent/unix/default/latest?Api-Token=***&arch=x86&flavor=default
09:46:21 Download complete
09:46:21 Downloaded version: 1.x
09:46:21 Validating downloaded agent installer
09:46:23 Verification successful
...

oc logs -f dynatrace-oneagent-abcde
09:46:18 Using volume-based storage
09:46:18 Started agent deployment as a Docker container, PID 1234.
09:46:18 Downloading agent to /tmp/Dynatrace-OneAgent-Linux.sh via https://EnvironmentID.live.dynatrace.com/api/v1/deployment/installer/agent/unix/default/latest?Api-Token=***&arch=x86&flavor=default
09:46:21 Download complete
09:46:21 Downloaded version: 1.x
09:46:21 Validating downloaded agent installer
09:46:23 Verification successful
...

Limitations

When you set up Kubernetes/OpenShift monitoring with DaemonSet, the shutdown state of the host is not detected. For details, see Host availability states.
See Docker limitations.

Connect your Kubernetes clusters to Dynatrace

Now that you have OneAgent running on your Kubernetes nodes, you're able to monitor those nodes and the applications running in Kubernetes. The next step is to connect the Kubernetes API to Dynatrace in order to get native Kubernetes metrics, like request limits, and differences in pods requested vs running pods.
For further instructions, see Connect your Kubernetes clusters to Dynatrace.

Update OneAgent DaemonSet

Whenever a new version of OneAgent becomes available in Dynatrace, you can redeploy OneAgent as explained in the steps below. The dynatrace-oneagent container will automatically fetch the latest version of Dynatrace OneAgent.

If you've specified a default OneAgent installation version for new hosts and applications in your OneAgent updates settings, the dynatrace-oneagent container will automatically fetch the defined default version of OneAgent.

Delete the dynatrace-oneagent DaemonSet.

kubectl delete ds/dynatrace-oneagent

oc delete ds/dynatrace-oneagent

Deploy Dynatrace OneAgent using the dynatrace-oneagent.yml DaemonSet file.

kubectl apply -f dynatrace-oneagent.yml --namespace=kube-system

oc apply -f dynatrace-oneagent.yml --namespace=kube-system

Uninstall OneAgent DaemonSet

Delete the dynatrace-oneagent DaemonSet.

kubectl delete ds/dynatrace-oneagent

oc delete ds/dynatrace-oneagent

optional After deleting the dynatrace-oneagent DaemonSet, the OneAgent binary remains on the node in an inactive state. To uninstall it completely, run the uninstall.sh script and delete logs and configuration files.
See Linux related information.