• Home
  • Deploy
  • Kubernetes
  • Guides
  • Networking, security and compliance
  • Configure read-only CSI volumes injections

Configure read-only CSI volumes injections

Dynatrace Operator version 0.12.0+

Prerequisites

  • The Dynatrace CSI driver installed on the Kubernetes cluster.

  • DynaKube configured to use the CSI driver. For example, ensure that applicationMonitoring is enabled with useCSIDriver: true.

    cloudNativeFullStack is not supported on BottleRocket.

Enable feature flag

To enable the injection of read-only CSI volumes, set the feature.dynatrace.com/injection-readonly-volume feature flag to true. When the feature flag is enabled, the injected CSI volume becomes read-only.

yaml
apiVersion: dynatrace.com/v1beta1
kind: DynaKube
metadata:
  annotations:
    feature.dynatrace.com/injection-readonly-volume: "true"

This enables usage of the CSI driver even on BottleRocket platforms where host monitoring OneAgents don't work. To accommodate this feature, extra ephemeral storage is added to allow the injected OneAgent to store logs and additional configurations.

A drawback to this approach is that if your pods terminate unexpectedly or are otherwise deleted, any logs stored in ephemeral storage will be lost.