Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Dynatrace/dynatrace-oneagent-operator
Kubernetes/Openshift Operator for managing Dynatrace OneAgent deployments
https://github.com/Dynatrace/dynatrace-oneagent-operator
dynatrace integration kubernetes openshift operator rollout
Last synced: 3 months ago
JSON representation
Kubernetes/Openshift Operator for managing Dynatrace OneAgent deployments
- Host: GitHub
- URL: https://github.com/Dynatrace/dynatrace-oneagent-operator
- Owner: Dynatrace
- License: apache-2.0
- Archived: true
- Created: 2018-04-03T13:21:10.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2023-12-11T15:33:17.000Z (11 months ago)
- Last Synced: 2024-05-22T13:32:57.715Z (6 months ago)
- Topics: dynatrace, integration, kubernetes, openshift, operator, rollout
- Language: Go
- Size: 1.77 MB
- Stars: 89
- Watchers: 18
- Forks: 48
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
README
[](https://travis-ci.com/Dynatrace/dynatrace-oneagent-operator)
[](https://quay.io/repository/dynatrace/dynatrace-oneagent-operator)
[](https://github.com/Dynatrace/dynatrace-oneagent-operator/releases)
# Dynatrace OneAgent Operator
>## **NOTE: The Dynatrace OneAgent Operator is end of life and will not be supported anymore starting 1st April 2023. Please refer to [Migrating from OneAgent Operator to Dynatrace Operator](https://www.dynatrace.com/support/help/shortlink/migrate-do-k8).**
This is the home of Dynatrace OneAgent Operator which supports the rollout and lifecycle of [Dynatrace OneAgent](https://www.dynatrace.com/support/help/get-started/introduction/what-is-oneagent/) in Kubernetes and OpenShift clusters.
Rolling out Dynatrace OneAgent via DaemonSet on a cluster is straightforward.
Maintaining its lifecycle places a burden on the operational team.
Dynatrace OneAgent Operator closes this gap by automating the repetitive steps involved in keeping Dynatrace OneAgent at its latest desired version.
## Overview
Dynatrace OneAgent Operator is based on [Operator SDK](https://github.com/operator-framework/operator-sdk) and uses its framework for interacting with Kubernetes and OpenShift environments.
It watches custom resources `OneAgent` and monitors the desired state constantly.
The rollout of Dynatrace OneAgent is managed by a DaemonSet initially.
From here on Dynatrace OneAgent Operator controls the lifecycle and keeps track of new versions and triggers updates if required.
## Supported platforms
Depending of the version of the Dynatrace OneAgent Operator, it supports the following platforms:
| Dynatrace OneAgent Operator version | Kubernetes | OpenShift Container Platform |
| ----------------------------------- | ---------- | ------------------------------------------ |
| master | 1.19+ | 3.11[[1]](#openshift-311), 4.6+ |
| v0.10.2 | 1.19+ | 3.11[[1]](#openshift-311), 4.6+ |
| v0.9.5 | 1.15+ | 3.11[[1]](#openshift-311), 4.3+ |
| v0.8.2 | 1.14+ | 3.11[[1]](#openshift-311), 4.1+ |
| v0.7.1 | 1.14+ | 3.11[[1]](#openshift-311), 4.1+ |
| v0.6.0 | 1.11+ | 3.11+ |
| v0.5.4 | 1.11+ | 3.11+ |
| v0.4.2 | 1.11+ | 3.11+ |
| v0.3.1 | 1.11-1.15 | 3.11+ |
| v0.2.1 | 1.9-1.15 | 3.9+ |
Help topic _How do I deploy Dynatrace OneAgent as a Docker container?_ lists compatible image and OneAgent versions in its [requirements section](https://www.dynatrace.com/support/help/infrastructure/containers/how-do-i-deploy-dynatrace-oneagent-as-docker-container/#requirements).
## Quick Start
The Dynatrace OneAgent Operator acts on its separate namespace `dynatrace`.
It holds the operator deployment and all dependent objects like permissions, custom resources and
corresponding DaemonSets.
Create neccessary objects and observe its logs:
#### Kubernetes
```sh
$ kubectl create namespace dynatrace
$ kubectl apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/kubernetes.yaml
$ kubectl -n dynatrace logs -f deployment/dynatrace-oneagent-operator
```
#### OpenShift
Start by adding a new project as follows:
```sh
$ oc adm new-project --node-selector="" dynatrace
```
If you are installing the Operator on an **OpenShift Container Platform 3.11** environment, in order to use the certified [OneAgent Operator](https://access.redhat.com/containers/#/registry.connect.redhat.com/dynatrace/dynatrace-oneagent-operator) and [OneAgent](https://access.redhat.com/containers/#/registry.connect.redhat.com/dynatrace/oneagent) images from [Red Hat Container Catalog](https://access.redhat.com/containers/) (RHCC), you need to [provide image pull secrets](https://access.redhat.com/documentation/en-us/openshift_container_platform/3.9/html/developer_guide/dev-guide-managing-images#pulling-private-registries-delegated-auth). The Service Accounts on the `openshift.yaml` manifest already have links to the secrets to be created below. Skip this step if you are using OCP 4.x.
```sh
# For OCP 3.11
$ oc -n dynatrace create secret docker-registry redhat-connect --docker-server=registry.connect.redhat.com --docker-username=REDHAT_CONNECT_USERNAME --docker-password=REDHAT_CONNECT_PASSWORD --docker-email=unused
$ oc -n dynatrace create secret docker-registry redhat-connect-sso --docker-server=sso.redhat.com --docker-username=REDHAT_CONNECT_USERNAME --docker-password=REDHAT_CONNECT_PASSWORD --docker-email=unused
```
For 3.11 we apply the `openshift3.11.yaml` manifest to deploy the Operator:
```sh
$ oc apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/openshift3.11.yaml
$ oc -n dynatrace logs -f deployment/dynatrace-oneagent-operator
```
For 4.x we apply the `openshift.yaml` manifest to deploy the Operator:
```sh
$ oc apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/openshift.yaml
$ oc -n dynatrace logs -f deployment/dynatrace-oneagent-operator
```
##### OpenShift 3.11
If using Operator v0.7.0 or greater and OCP 3.11, OCP versions prior to 3.11.188 are suffering of [a bug](https://github.com/openshift/origin/pull/24540) when validating certain CRD objects:
```
The CustomResourceDefinition "oneagents.dynatrace.com" is invalid: spec.validation.openAPIV3Schema: Invalid value: apiextensions.JSONSchemaProps
```
If you have an older OCP 3.11 version then you can remove [this line from openshift.yaml](https://github.com/Dynatrace/dynatrace-oneagent-operator/blob/v0.7.1/deploy/openshift.yaml#L500) (v0.7.1), and deploy it.
#### Create `OneAgent` custom resource for OneAgent rollout
The rollout of Dynatrace OneAgent is governed by a custom resource of type `OneAgent`:
```yaml
apiVersion: dynatrace.com/v1alpha1
kind: OneAgent
metadata:
# a descriptive name for this object.
# all created child objects will be based on it.
name: oneagent
namespace: dynatrace
spec:
# dynatrace api url including `/api` path at the end
apiUrl: https://ENVIRONMENTID.live.dynatrace.com/api
# disable certificate validation checks for installer download and API communication
skipCertCheck: false
# name of secret holding `apiToken` and `paasToken`
# if unset, name of custom resource is used
tokens: ""
# https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ (optional)
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
```
This is the most basic configuration for the OneAgent object. In case you want to have adjustments please have a look at [our OneAgent Custom Resource example](https://raw.githubusercontent.com/Dynatrace/dynatrace-oneagent-operator/master/config/samples/cr.yaml).
Save this to cr.yaml and apply it to your cluster.
A secret holding tokens for authenticating to the Dynatrace cluster needs to be created upfront.
Create access tokens of type *Dynatrace API* and *Platform as a Service* and use its values in the following commands respectively.
For assistance please refere to [Create user-generated access tokens](https://www.dynatrace.com/support/help/get-started/introduction/why-do-i-need-an-access-token-and-an-environment-id/#create-user-generated-access-tokens).
For Openshift, you can change the image from the default available on Quay.io to the one certified on RHCC by setting `.spec.image` to `registry.connect.redhat.com/dynatrace/oneagent` in the custom resource.
Note: `.spec.tokens` denotes the name of the secret holding access tokens. If not specified OneAgent Operator searches for a secret called like the OneAgent custom resource (`.metadata.name`).
##### Kubernetes
```sh
$ kubectl -n dynatrace create secret generic oneagent --from-literal="apiToken=DYNATRACE_API_TOKEN" --from-literal="paasToken=PLATFORM_AS_A_SERVICE_TOKEN"
$ kubectl apply -f cr.yaml
```
##### OpenShift
```sh
$ oc -n dynatrace create secret generic oneagent --from-literal="apiToken=DYNATRACE_API_TOKEN" --from-literal="paasToken=PLATFORM_AS_A_SERVICE_TOKEN"
$ oc apply -f cr.yaml
```
## Uninstall dynatrace-oneagent-operator
Remove OneAgent custom resources and clean-up all remaining OneAgent Operator specific objects:
#### Kubernetes
```sh
$ kubectl delete -n dynatrace oneagent --all
$ kubectl delete -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/kubernetes.yaml
```
#### OpenShift
```sh
$ oc delete -n dynatrace oneagent --all
$ oc delete -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/openshift.yaml
```
## Hacking
See [HACKING](HACKING.md) for details on how to get started enhancing Dynatrace OneAgent Operator.
## Contributing
See [CONTRIBUTING](CONTRIBUTING.md) for details on submitting changes.
## License
Dynatrace OneAgent Operator is under Apache 2.0 license. See [LICENSE](LICENSE) for details.