Set up Kubernetes monitoring with DaemonSet

deprecated

Manually configuring a daemonset to rollout OneAgent on a Kubernetes cluster is deprecated.

We recommend that you leverage Dynatrace Operator and benefit from automated lifecycle management and metadata enrichment. For a clear view of all the deployment strategies, see How it works.

This page describes how you can set up OneAgent on Kubernetes using the OneAgent DaemonSet. DaemonSet is a feature that makes sure that if a copy of a pod on a node dies, the copy is recreated, and if nodes are added to the cluster, copies of the pod are added as well.

Prerequisites

Pods must allow egress to your Dynatrace environment or to your Environment ActiveGate in order for metric routing to work properly.
Locate the ONEAGENT_INSTALLER_SCRIPT_URL. This information is shared during Dynatrace OneAgent installation.

To get your ONEAGENT_INSTALLER_SCRIPT_URL

In the Dynatrace menu, go to Deploy Dynatrace.
Select Start installation, and then Linux.
Determine the installer script URL and token from the UI-provided wget command:

This is the URL:

OneAgent URL

Replace the value of arch parameter with <arch>. Ignore the flavor=default parameter.
For the API-Token value, you need a PaaS token.

Your URL should look like this: https://host.domain.com/api/v1/deployment/installer/agent/unix/default/latest?arch=<arch>

This is your ONEAGENT_INSTALLER_SCRIPT_URL.

Install DaemonSet

Download or copy the dynatrace-oneagent.yml Kubernetes template.

1apiVersion: apps/v1
2kind: DaemonSet
3metadata:
4  name: dynatrace-oneagent
5spec:
6  selector:
7    matchLabels:
8      name: dynatrace-oneagent
9  template:
10    metadata:
11      labels:
12        name: dynatrace-oneagent
13    spec:
14      hostPID: true
15      hostIPC: true
16      hostNetwork: true
17      nodeSelector:
18        beta.kubernetes.io/os: linux
19      volumes:
20        - name: host-root
21          hostPath:
22            path: /
23      containers:
24        - name: dynatrace-oneagent
25          image: dynatrace/oneagent
26          env:
27            - name: ONEAGENT_INSTALLER_SCRIPT_URL
28              value: your_URL
29            - name: ONEAGENT_INSTALLER_SKIP_CERT_CHECK
30              value: 'false'
31            - name: ONEAGENT_INSTALLER_DOWNLOAD_TOKEN
32              value: '<API-Token>'
33          args:
34            - '--set-network-zone=<your.network.zone>'
35          volumeMounts:
36            - name: host-root
37              mountPath: /mnt/root
38          securityContext:
39            privileged: true

ONEAGENT_INSTALLER_DOWNLOAD_TOKEN is only needed for OneAgent container image versions 1.39+ and is ignored for earlier versions.
The --set-app-log-content-access parameter is passed to the OneAgent installer and, when set to true (or 1), allows OneAgent to access log files for the purpose of log monitoring. For more about this and other parameters, see Customize OneAgent installation on Linux.
You can configure network zones by setting the --set-network-zone=<your.network.zone> parameter. See network zones for more information.

Deploy Dynatrace OneAgent using the created file dynatrace-oneagent.yml.

1kubectl apply -f dynatrace-oneagent.yml --namespace=kube-system
2daemonset "dynatrace-oneagent" created

Verify that the dynatrace-oneagent DaemonSet has deployed pods to the cluster nodes successfully:

1kubectl get pods --namespace=kube-system
2NAME                       READY     STATUS              RESTARTS   AGE
3dynatrace-oneagent-abcde   1/1       Running             0          1m

1kubectl logs -f dynatrace-oneagent-abcde
209:46:18 Using volume-based storage
309:46:18 Started agent deployment as a Docker container, PID 1234.
409:46:18 Downloading agent to /tmp/Dynatrace-OneAgent-Linux.sh via https://EnvironmentID.live.dynatrace.com/api/v1/deployment/installer/agent/unix/default/latest?Api-Token=***&arch=x86&flavor=default
509:46:21 Download complete
609:46:21 Downloaded version: 1.x
709:46:21 Validating downloaded agent installer
809:46:23 Verification successful
9...

Limitations

When you set up Kubernetes/OpenShift monitoring with DaemonSet, the shutdown state of the host is not detected. For details, see Host availability states.
See Docker limitations.

Connect your Kubernetes clusters to Dynatrace

Now that you have OneAgent running on your Kubernetes nodes, you're able to monitor those nodes and the applications running in Kubernetes. The next step is to connect the Kubernetes API to Dynatrace in order to get native Kubernetes metrics, like request limits, and differences in pods requested vs running pods.
For further instructions, see Connect your Kubernetes clusters to Dynatrace.

Update OneAgent DaemonSet

Whenever a new version of OneAgent becomes available in Dynatrace, you can redeploy OneAgent as explained in the steps below. The dynatrace-oneagent container will automatically fetch the latest version of Dynatrace OneAgent.

If you've specified a default OneAgent installation version for new hosts and applications in your OneAgent updates settings, the dynatrace-oneagent container will automatically fetch the defined default version of OneAgent.

Delete the dynatrace-oneagent DaemonSet.
1kubectl delete ds/dynatrace-oneagent
Deploy Dynatrace OneAgent using the dynatrace-oneagent.yml DaemonSet file.
1kubectl apply -f dynatrace-oneagent.yml --namespace=kube-system

Uninstall OneAgent DaemonSet

Delete the dynatrace-oneagent DaemonSet.
1kubectl delete ds/dynatrace-oneagent
optional After deleting the dynatrace-oneagent DaemonSet, the OneAgent binary remains on the node in an inactive state. To uninstall it completely, run the uninstall.sh script and delete logs and configuration files.
See Linux related information.