Deploy OneAgent Operator via kubectl

Learn how you can set up OneAgent on Kubernetes using the OneAgent Operator. To understand all available Kubernetes deployment strategies, including our recommended Helm approach, see Kubernetes deployment strategies.

Prerequisites

OneAgent Operator requires two different tokens for interacting with Dynatrace servers. These two tokens are made available to OneAgent Operator by means of a Kubernetes secret as explained at a later step.

  1. Get an API token for the Dynatrace API.
    Make sure the Access problem and event feed, metrics, and topology permission switch is enabled for this token.

  2. Get a PaaS token.

Install OneAgent Operator

Create the necessary objects for OneAgent Operator. OneAgent Operator acts on its separate namespace dynatrace. It holds the operator deployment and all dependent objects like permissions, custom resources and the corresponding DaemonSet. You can also observe the logs of OneAgent Operator.

$ kubectl create namespace dynatrace
$ LATEST_RELEASE=$(curl -s https://api.github.com/repos/dynatrace/dynatrace-oneagent-operator/releases/latest | grep tag_name | cut -d '"' -f 4)
$ kubectl create -f https://raw.githubusercontent.com/Dynatrace/dynatrace-oneagent-operator/$LATEST_RELEASE/deploy/kubernetes.yaml
$ kubectl -n dynatrace logs -f deployment/dynatrace-oneagent-operator

Create the secret holding API and PaaS tokens for authenticating to the Dynatrace cluster. The name of the secret is important in a later step when you configure the custom resource (.spec.tokens). In the following code-snippet the name is oneagent. Be sure to replace API_TOKEN and PAAS_TOKEN with the values explained above.

$ kubectl -n dynatrace create secret generic oneagent --from-literal="apiToken=API_TOKEN" --from-literal="paasToken=PAAS_TOKEN"

Save custom resource

The rollout of Dynatrace OneAgent is governed by a custom resource of type OneAgent.

Retrieve the cr.yaml file from the GitHub repository.

$ curl -o cr.yaml https://raw.githubusercontent.com/Dynatrace/dynatrace-oneagent-operator/$LATEST_RELEASE/deploy/cr.yaml

Adapt custom resource

Adapt the values of the custom resource as indicated in the following table.

Parameter Description Default value
apiUrl
  • For Dynatrace SaaS, where OneAgent can connect to the internet, replace the Dynatrace ENVIRONMENTID in https://ENVIRONMENTID.live.dynatrace.com/api.

  • For Dynatrace SaaS, where OneAgent can't connect to the internet, use the following to download the OneAgent, as well as to communicate OneAgent traffic through the ActiveGate: https://YourActiveGateIP or FQDN:9999/e/<ENVIRONMENTID>/api.

  • For Dynatrace Managed, use the following either for an ActiveGate or to connect directly to your server: https://ag, or server IP, or FQDN/e/<ENVIRONMENTID>/api. Note that depending on your settings, you may need the port as well.
tokens Name of the secret that holds the API and PaaS tokens from above. Name of custom resource (.metadata.name) if unset
args Parameters to be passed to the OneAgent installer. All the command line parameters of the installer are supported, with the exception of INSTALL_PATH. We recommend to set APP_LOG_CONTENT_ACCESS=1 []
env Environment variables for OneAgent container. []

Required configuration for Anthos, CaaS, GKE, and PKS

There are some extra configuration steps in the custom resource file that need to be performed for the following Kubernetes flavors:

Create the custom resource

$ kubectl apply -f cr.yaml

Configure proxy (optional)

  • For Operator version 0.7.0, you can configure optional parameters like proxy settings in the custom resource.
  • For earlier versions of the Operator, add environment variables as needed to the corresponding containers.

Limitations

See Docker limitations for details.

Troubleshooting

Find out how to troubleshoot issues that you may encounter when deploying OneAgent on Kubernetes.

Connect your Kubernetes clusters to Dynatrace

Now that you have OneAgent running on your Kubernetes nodes, you are able to monitor those nodes, and the applications running in Kubernetes. The next step is to connect the Kubernetes API to Dynatrace in order to get native Kubernetes metrics, like request limits, and differences in pods requested vs. running pods.
For further instructions see Monitor your Kubernetes clusters with Dynatrace.