Migrate Dynatrace Operator
If you deployed Dynatrace Operator to a Kubernetes cluster, the easiest way to migrate Kubernetes monitoring from your Managed cluster to your SaaS environment is to reconfigure the Dynatrace Operator deployment. You'll need to update a single configuration to perform Dynatrace Operator reconfiguration at the environment level.
Before you begin
Before installing Dynatrace on your Kubernetes cluster, ensure that you meet the following requirements:
- Your
kubectlCLI is connected to the Kubernetes cluster that you want to monitor. - You have sufficient privileges on the monitored cluster to run
kubectloroccommands.
Cluster setup and configuration
-
You must allow egress for Dynatrace pods (default: Dynatrace namespace) to your Dynatrace environment URL.
For Dynatrace Managed, you can optionally use a Cluster ActiveGate URL.
-
For OpenShift Dedicated, you need the cluster-admin role.
-
Helm installation Use Helm version 3.
Supported versions
See supported Kubernetes/OpenShift platform versions and distributions.
Generate a token
To generate an access token in the target SaaS environment,
- Go to Access Tokens.
- Select Generate new token.
- Enter a name for your token.
Dynatrace doesn't enforce unique token names. You can create multiple tokens with the same name. Be sure to provide a meaningful name for each token you generate. Proper naming helps you to efficiently manage your tokens and perhaps delete them when they're no longer needed. - Select the template Kubernetes: Dynatrace Operator.
This will automatically add the required scopes (see Operator token). - Select Generate token.
- Copy the generated token to the clipboard. Store the token in a password manager for future use.
You can only access your token once upon creation. You can't reveal it afterward.
Generating a token in the target SaaS environment won't affect your Kubernetes cluster nor your Managed cluster.
Create a new secret
To create a new secret (saasdynakube) holding the new token in the Kubernetes cluster, replace the placeholders in the code sample below (saasdynakube and <API-TOKEN>) with your own values, then run the command.
Your Kubernetes cluster will then contain the new secret saasdynakube holding the new token.
Update DynaKube custom resource file
To update an existing DynaKube custom resource file with the new secret,
-
Go to Account Management to find your SaaS [Environment ID].
-
To start modifying
dynakubecustom resource file, run the command below -
Update the configuration parameter values as follows, making sure to replace the placeholders (
{your-saas-environment-id}andsaasdynakube) with your own valuesParameter Updated value apiUrl
https://{your-saas-environment-id}.live.dynatrace.com/apitoken
saasdynakubeYour existing DynaKube custom resource file will then be updated to reference the new secret
saasdynakubeand the SaaS environment. -
Restart your applications.
Your OneAgents will then point to the SaaS environment. Because existing connections to the Dynatrace Managed cluster will no longer be active, we recommend deleting any existing secret that is no longer used for this connection.