This topic explains how to run OneAgent as a Docker container, as opposed to the standard script-based Linux installation approach.
To monitor applications that run in Docker containers, run Dynatrace OneAgent on the host—either as a separate container or by installing Dynatrace OneAgent on the host. You don't need to embed OneAgent into any of your Docker images or inherit it from a special base image.
Before you begin
What you'll need:
- Dynatrace environment credentials
Your Docker environment must allow your OneAgent container to run in privileged mode.
Locate your Dynatrace OneAgent installer URL
The first step is to obtain the location for
ONEAGENT_INSTALLER_SCRIPT_URL. This information is presented to you during Dynatrace OneAgent installation.
To get your
- Select Deploy Dynatrace from the navigation menu.
- Click Start installation and select Linux.
- Copy the URL, shown below. This is your
Run Dynatrace OneAgent as a Docker container
To run Dynatrace OneAgent as a Docker container you need to execute the following
docker run command on all your Docker hosts:
$ docker run -d --restart=unless-stopped --privileged=true --pid=host --net=host --ipc=host -v /:/mnt/root -e ONEAGENT_INSTALLER_SCRIPT_URL="REPLACE_WITH_YOUR_URL" dynatrace/oneagent APP_LOG_CONTENT_ACCESS=1 <INSTALLER_PARAMETERS>
Be sure to replace
REPLACE_WITH_YOUR_URL placeholder with the Dynatrace OneAgent installer URL as explained above.
Using a container orchestration tool
If you use a container orchestration tool, your orchestrator can deploy the Dynatrace OneAgent container for you. The example snippets below show you how to take advantage of orchestration tools in deploying Dynatrace OneAgent to all your nodes.
Custom installation with command line parameters
You can alternatively perform a custom installation with command line parameters.
Dynatrace OneAgent is what is referred to as a "super-privileged container." It's designed to have almost complete access to the host system as a root user. The following Docker command options open selected privileges to the host:
--ipc=host - Allows processes running inside the container to directly access the host’s IPC namespace.
--net=host - Allows processes running inside the container to directly access host network interfaces.
--pid=host - Allows processes running inside the container to see and work with all processes in the host process table.
-v /:/mnt/root - Mounts the host's root directory into the container at
/mnt/root to enable the installation of Dynatrace OneAgent on the host at
Running Dynatrace OneAgent as a Docker container gives you full-stack visibility into your complete containerized environment. This includes deep monitoring of supported applications, services, and databases.
To update Dynatrace OneAgent you need only to restart the container using the following command
$ docker restart oneagent
provided that you have added the parameter
--name=oneagent in the suggested Docker run command (see above).
The OneAgent Docker image will automatically fetch the latest version of Dynatrace OneAgent. If you've specified a default OneAgent install version for new hosts and applications in your OneAgent updates settings, the OneAgent Docker image will automatically fetch the defined default version of Dynatrace OneAgent. Please note that when Dynatrace OneAgent is deployed as a Docker image, Dynatrace OneAgent auto-update isn't supported.
Deep monitoring for native (i.e., non-containerized) processes on the host is disabled. In addition, log analytics functionality doesn't have access to logs stored at the Docker-host level, including logs gathered by the Docker JSON logging driver.