rancher-partner-charts/charts/instana/instana-agent/templates/k8s-sensor-deployment.yaml

{{- if .Values.k8s_sensor.deployment.enabled  -}}
{{- if or .Values.agent.key .Values.agent.keysSecret -}}
{{- if or .Values.zone.name .Values.cluster.name -}}

{{- $user_name_password := "" -}}
{{ if .Values.agent.proxyUser }}
  {{- $user_name_password = print .Values.agent.proxyUser ":" .Values.agent.proxyPass "@" -}}
{{ end}}

apiVersion: apps/v1
kind: Deployment
metadata:
  name: k8sensor
  namespace: {{ .Release.Namespace }}
  labels:
    app: k8sensor
    {{- include "instana-agent.commonLabels" . | nindent 4 }}
spec:
  replicas: {{ default "1" .Values.k8s_sensor.deployment.replicas }}
  selector:
    matchLabels:
      {{- include "k8s-sensor.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      labels:
      {{- if .Values.agent.pod.labels }}
        {{- toYaml .Values.agent.pod.labels | nindent 8 }}
      {{- end }}
        {{- include "k8s-sensor.commonLabels" . | nindent 8 }}
        instana/agent-mode: KUBERNETES
      annotations:
      {{- if .Values.agent.pod.annotations }}
        {{- toYaml .Values.agent.pod.annotations | nindent 8 }}
      {{- end }}
        # To ensure that changes to agent.configuration_yaml or agent.additional_backends trigger a Pod recreation, we keep a SHA here
        # Unfortunately, we cannot use the lookup function to check on the values in the configmap, otherwise we break Helm < 3.2
        instana-configuration-hash: {{ cat ( join "," .Values.agent.additionalBackends ) | sha1sum }}
    spec:
      serviceAccountName: k8sensor
      {{- if .Values.k8s_sensor.deployment.pod.nodeSelector }}
      nodeSelector:
      {{- range $key, $value := .Values.k8s_sensor.deployment.pod.nodeSelector }}
        {{ $key }}: {{ $value | quote }}
      {{- end }}
      {{- end }}
      {{- if .Values.k8s_sensor.deployment.pod.priorityClassName }}
      priorityClassName: {{ .Values.k8s_sensor.deployment.pod.priorityClassName | quote }}
      {{- end }}
      {{- if typeIs "[]interface {}" .Values.agent.image.pullSecrets }}
      imagePullSecrets:
        {{- toYaml .Values.agent.image.pullSecrets | nindent 8 }}
      {{- else if .Values.agent.image.name | hasPrefix "containers.instana.io" }}
      imagePullSecrets:
        - name: containers-instana-io
      {{- end }}
      containers:
        - name: instana-agent
          image: {{ include "image" .Values.k8s_sensor.image | quote }}
          imagePullPolicy: {{ .Values.k8s_sensor.image.pullPolicy }}
          env:
            - name: AGENT_KEY
              valueFrom:
                secretKeyRef:
                  name: {{ template "instana-agent.keysSecretName" . }}
                  key: key
            - name: BACKEND
              valueFrom:
                configMapKeyRef:
                  name: k8sensor
                  key: backend
            - name: BACKEND_URL
              value: "https://$(BACKEND)"
            - name: AGENT_ZONE
              value: {{ empty .Values.cluster.name | ternary .Values.zone.name .Values.cluster.name}}
            - name: POD_UID
              valueFrom:
                fieldRef:
                  fieldPath: metadata.uid
            - name: POD_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: POD_NAME
              valueFrom:
                fieldRef:
                  fieldPath: metadata.name
            - name: POD_IP
              valueFrom:
                fieldRef:
                  fieldPath: status.podIP
            {{- if not (empty .Values.agent.proxyHost) }}
            - name: HTTPS_PROXY
              value: "http://{{ $user_name_password }}{{ .Values.agent.proxyHost }}:{{ .Values.agent.proxyPort }}"
            - name: NO_PROXY
              value: "kubernetes.default.svc"
            {{- end }}
            {{- if .Values.agent.redactKubernetesSecrets }}
            - name: INSTANA_KUBERNETES_REDACT_SECRETS
              value: {{ .Values.agent.redactKubernetesSecrets | quote }}
            {{- end }}
            {{- if .Values.agent.configuration_yaml }}
            - name: CONFIG_PATH
              value: /root
            {{- end }}
              {{- include "k8sensor.commonEnv" . | nindent 12 }}

          volumeMounts:
            - name: configuration
              subPath: configuration.yaml
              mountPath: /root/configuration.yaml
          resources:
            requests:
              {{- include "instana-agent.resources" .Values.k8s_sensor.deployment.pod.requests | nindent 14 }}
            limits:
              {{- include "instana-agent.resources" .Values.k8s_sensor.deployment.pod.limits | nindent 14 }}
          ports:
            - containerPort: 42699
      volumes:
        - name: configuration
          configMap:
            name: {{ include "instana-agent.fullname" . }}
      {{- if .Values.k8s_sensor.deployment.pod.tolerations }}
      tolerations:
        {{- toYaml .Values.k8s_sensor.deployment.pod.tolerations | nindent 8 }}
      {{- end }}
      affinity:
        podAntiAffinity:
          # Soft anti-affinity policy: try not to schedule multiple kubernetes-sensor pods on the same node.
          # If the policy is set to "requiredDuringSchedulingIgnoredDuringExecution", if the cluster has
          # fewer nodes than the amount of desired replicas, `helm install/upgrade --wait` will not return.
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 100
            podAffinityTerm:
              labelSelector:
                matchExpressions:
                - key: instana/agent-mode
                  operator: In
                  values: [ KUBERNETES ]
              topologyKey: "kubernetes.io/hostname"
{{- end -}}
{{- end -}}
{{- end -}}
Charts CI ``` Updated: argo/argo-cd: - 5.13.9 asserts/asserts: - 1.13.0 bitnami/mariadb: - 11.4.0 bitnami/mysql: - 9.4.4 bitnami/spark: - 6.3.11 bitnami/wordpress: - 15.2.16 hashicorp/consul: - 1.0.0 instana/instana-agent: - 1.2.48 jenkins/jenkins: - 4.2.14 redpanda/redpanda: - 2.3.1 yugabyte/yugabyte: - 2.14.5 yugabyte/yugaware: - 2.14.5 ``` 2022-11-18 23:16:29 +00:00			`{{- if .Values.k8s_sensor.deployment.enabled -}}`
			`{{- if or .Values.agent.key .Values.agent.keysSecret -}}`
			`{{- if or .Values.zone.name .Values.cluster.name -}}`

			`{{- $user_name_password := "" -}}`
			`{{ if .Values.agent.proxyUser }}`
			`{{- $user_name_password = print .Values.agent.proxyUser ":" .Values.agent.proxyPass "@" -}}`
			`{{ end}}`

			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
			`name: k8sensor`
			`namespace: {{ .Release.Namespace }}`
			`labels:`
			`app: k8sensor`
			`{{- include "instana-agent.commonLabels" . \| nindent 4 }}`
			`spec:`
			`replicas: {{ default "1" .Values.k8s_sensor.deployment.replicas }}`
			`selector:`
			`matchLabels:`
Charts CI ``` Updated: argo/argo-cd: - 5.33.4 avesha/kubeslice-controller: - 0.10.0 avesha/kubeslice-worker: - 0.10.0 bitnami/airflow: - 14.2.1 bitnami/postgresql: - 12.5.2 bitnami/spark: - 6.6.1 bitnami/zookeeper: - 11.4.1 cockroach-labs/cockroachdb: - 11.0.0 datadog/datadog: - 3.29.1 instana/instana-agent: - 1.2.59 kubecost/cost-analyzer: - 1.103.3 mongodb/community-operator: - 0.8.0 new-relic/nri-bundle: - 5.0.13 pixie/pixie-operator-chart: - 0.1.0 speedscale/speedscale-operator: - 1.3.2 ``` 2023-05-16 14:17:24 +00:00			`{{- include "k8s-sensor.selectorLabels" . \| nindent 6 }}`
Charts CI ``` Updated: argo/argo-cd: - 5.13.9 asserts/asserts: - 1.13.0 bitnami/mariadb: - 11.4.0 bitnami/mysql: - 9.4.4 bitnami/spark: - 6.3.11 bitnami/wordpress: - 15.2.16 hashicorp/consul: - 1.0.0 instana/instana-agent: - 1.2.48 jenkins/jenkins: - 4.2.14 redpanda/redpanda: - 2.3.1 yugabyte/yugabyte: - 2.14.5 yugabyte/yugaware: - 2.14.5 ``` 2022-11-18 23:16:29 +00:00			`template:`
			`metadata:`
			`labels:`
			`{{- if .Values.agent.pod.labels }}`
			`{{- toYaml .Values.agent.pod.labels \| nindent 8 }}`
			`{{- end }}`
Charts CI ``` Updated: argo/argo-cd: - 5.33.4 avesha/kubeslice-controller: - 0.10.0 avesha/kubeslice-worker: - 0.10.0 bitnami/airflow: - 14.2.1 bitnami/postgresql: - 12.5.2 bitnami/spark: - 6.6.1 bitnami/zookeeper: - 11.4.1 cockroach-labs/cockroachdb: - 11.0.0 datadog/datadog: - 3.29.1 instana/instana-agent: - 1.2.59 kubecost/cost-analyzer: - 1.103.3 mongodb/community-operator: - 0.8.0 new-relic/nri-bundle: - 5.0.13 pixie/pixie-operator-chart: - 0.1.0 speedscale/speedscale-operator: - 1.3.2 ``` 2023-05-16 14:17:24 +00:00			`{{- include "k8s-sensor.commonLabels" . \| nindent 8 }}`
Charts CI ``` Updated: argo/argo-cd: - 5.13.9 asserts/asserts: - 1.13.0 bitnami/mariadb: - 11.4.0 bitnami/mysql: - 9.4.4 bitnami/spark: - 6.3.11 bitnami/wordpress: - 15.2.16 hashicorp/consul: - 1.0.0 instana/instana-agent: - 1.2.48 jenkins/jenkins: - 4.2.14 redpanda/redpanda: - 2.3.1 yugabyte/yugabyte: - 2.14.5 yugabyte/yugaware: - 2.14.5 ``` 2022-11-18 23:16:29 +00:00			`instana/agent-mode: KUBERNETES`
			`annotations:`
			`{{- if .Values.agent.pod.annotations }}`
			`{{- toYaml .Values.agent.pod.annotations \| nindent 8 }}`
			`{{- end }}`
			`# To ensure that changes to agent.configuration_yaml or agent.additional_backends trigger a Pod recreation, we keep a SHA here`
			`# Unfortunately, we cannot use the lookup function to check on the values in the configmap, otherwise we break Helm < 3.2`
			`instana-configuration-hash: {{ cat ( join "," .Values.agent.additionalBackends ) \| sha1sum }}`
			`spec:`
			`serviceAccountName: k8sensor`
			`{{- if .Values.k8s_sensor.deployment.pod.nodeSelector }}`
			`nodeSelector:`
			`{{- range $key, $value := .Values.k8s_sensor.deployment.pod.nodeSelector }}`
			`{{ $key }}: {{ $value \| quote }}`
			`{{- end }}`
			`{{- end }}`
			`{{- if .Values.k8s_sensor.deployment.pod.priorityClassName }}`
			`priorityClassName: {{ .Values.k8s_sensor.deployment.pod.priorityClassName \| quote }}`
			`{{- end }}`
			`{{- if typeIs "[]interface {}" .Values.agent.image.pullSecrets }}`
			`imagePullSecrets:`
			`{{- toYaml .Values.agent.image.pullSecrets \| nindent 8 }}`
			`{{- else if .Values.agent.image.name \| hasPrefix "containers.instana.io" }}`
			`imagePullSecrets:`
			`- name: containers-instana-io`
			`{{- end }}`
			`containers:`
			`- name: instana-agent`
			`image: {{ include "image" .Values.k8s_sensor.image \| quote }}`
			`imagePullPolicy: {{ .Values.k8s_sensor.image.pullPolicy }}`
			`env:`
			`- name: AGENT_KEY`
			`valueFrom:`
			`secretKeyRef:`
			`name: {{ template "instana-agent.keysSecretName" . }}`
			`key: key`
			`- name: BACKEND`
			`valueFrom:`
			`configMapKeyRef:`
			`name: k8sensor`
			`key: backend`
			`- name: BACKEND_URL`
			`value: "https://$(BACKEND)"`
			`- name: AGENT_ZONE`
			`value: {{ empty .Values.cluster.name \| ternary .Values.zone.name .Values.cluster.name}}`
			`- name: POD_UID`
			`valueFrom:`
			`fieldRef:`
			`fieldPath: metadata.uid`
			`- name: POD_NAMESPACE`
			`valueFrom:`
			`fieldRef:`
			`fieldPath: metadata.namespace`
			`- name: POD_NAME`
			`valueFrom:`
			`fieldRef:`
			`fieldPath: metadata.name`
			`- name: POD_IP`
			`valueFrom:`
			`fieldRef:`
			`fieldPath: status.podIP`
			`{{- if not (empty .Values.agent.proxyHost) }}`
			`- name: HTTPS_PROXY`
			`value: "http://{{ $user_name_password }}{{ .Values.agent.proxyHost }}:{{ .Values.agent.proxyPort }}"`
			`- name: NO_PROXY`
			`value: "kubernetes.default.svc"`
			`{{- end }}`
			`{{- if .Values.agent.redactKubernetesSecrets }}`
			`- name: INSTANA_KUBERNETES_REDACT_SECRETS`
			`value: {{ .Values.agent.redactKubernetesSecrets \| quote }}`
			`{{- end }}`
Charts CI ``` Updated: argo/argo-cd: - 5.16.14 asserts/asserts: - 1.26.0 bitnami/postgresql: - 12.1.7 bitnami/redis: - 17.4.1 cockroach-labs/cockroachdb: - 10.0.2 datadog/datadog: - 3.6.8 external-secrets/external-secrets: - 0.7.1 instana/instana-agent: - 1.2.49 jenkins/jenkins: - 4.2.19 jfrog/artifactory-ha: - 107.49.3 jfrog/artifactory-jcr: - 107.49.3 minio/minio-operator: - 4.5.6 pixie/pixie-operator-chart: - 0.0.35 sumologic/sumologic: - 2.19.1 sysdig/sysdig: - 1.15.69 ``` 2023-01-05 15:42:23 +00:00			`{{- if .Values.agent.configuration_yaml }}`
			`- name: CONFIG_PATH`
			`value: /root`
			`{{- end }}`
Charts CI ``` Updated: argo/argo-cd: - 5.19.8 bitnami/airflow: - 14.0.9 bitnami/postgresql: - 12.1.11 bitnami/spark: - 6.3.15 bitnami/wordpress: - 15.2.34 citrix/citrix-cpx-with-ingress-controller: - 1.29.5 citrix/citrix-ingress-controller: - 1.29.5 cockroach-labs/cockroachdb: - 10.0.3 datadog/datadog: - 3.10.1 f5/nginx-ingress: - 0.16.1 instana/instana-agent: - 1.2.50 kong/kong: - 2.15.3 new-relic/nri-bundle: - 5.0.4 pixie/pixie-operator-chart: - 0.0.36 redpanda/redpanda: - 2.6.1 speedscale/speedscale-operator: - 1.2.17 ``` 2023-01-26 17:16:07 +00:00			`{{- include "k8sensor.commonEnv" . \| nindent 12 }}`
Charts CI ``` Updated: argo/argo-cd: - 5.16.14 asserts/asserts: - 1.26.0 bitnami/postgresql: - 12.1.7 bitnami/redis: - 17.4.1 cockroach-labs/cockroachdb: - 10.0.2 datadog/datadog: - 3.6.8 external-secrets/external-secrets: - 0.7.1 instana/instana-agent: - 1.2.49 jenkins/jenkins: - 4.2.19 jfrog/artifactory-ha: - 107.49.3 jfrog/artifactory-jcr: - 107.49.3 minio/minio-operator: - 4.5.6 pixie/pixie-operator-chart: - 0.0.35 sumologic/sumologic: - 2.19.1 sysdig/sysdig: - 1.15.69 ``` 2023-01-05 15:42:23 +00:00
Charts CI ``` Updated: argo/argo-cd: - 5.13.9 asserts/asserts: - 1.13.0 bitnami/mariadb: - 11.4.0 bitnami/mysql: - 9.4.4 bitnami/spark: - 6.3.11 bitnami/wordpress: - 15.2.16 hashicorp/consul: - 1.0.0 instana/instana-agent: - 1.2.48 jenkins/jenkins: - 4.2.14 redpanda/redpanda: - 2.3.1 yugabyte/yugabyte: - 2.14.5 yugabyte/yugaware: - 2.14.5 ``` 2022-11-18 23:16:29 +00:00			`volumeMounts:`
Charts CI ``` Updated: argo/argo-cd: - 5.16.14 asserts/asserts: - 1.26.0 bitnami/postgresql: - 12.1.7 bitnami/redis: - 17.4.1 cockroach-labs/cockroachdb: - 10.0.2 datadog/datadog: - 3.6.8 external-secrets/external-secrets: - 0.7.1 instana/instana-agent: - 1.2.49 jenkins/jenkins: - 4.2.19 jfrog/artifactory-ha: - 107.49.3 jfrog/artifactory-jcr: - 107.49.3 minio/minio-operator: - 4.5.6 pixie/pixie-operator-chart: - 0.0.35 sumologic/sumologic: - 2.19.1 sysdig/sysdig: - 1.15.69 ``` 2023-01-05 15:42:23 +00:00			`- name: configuration`
Charts CI ``` Updated: argo/argo-cd: - 5.13.9 asserts/asserts: - 1.13.0 bitnami/mariadb: - 11.4.0 bitnami/mysql: - 9.4.4 bitnami/spark: - 6.3.11 bitnami/wordpress: - 15.2.16 hashicorp/consul: - 1.0.0 instana/instana-agent: - 1.2.48 jenkins/jenkins: - 4.2.14 redpanda/redpanda: - 2.3.1 yugabyte/yugabyte: - 2.14.5 yugabyte/yugaware: - 2.14.5 ``` 2022-11-18 23:16:29 +00:00			`subPath: configuration.yaml`
			`mountPath: /root/configuration.yaml`
			`resources:`
			`requests:`
			`{{- include "instana-agent.resources" .Values.k8s_sensor.deployment.pod.requests \| nindent 14 }}`
			`limits:`
			`{{- include "instana-agent.resources" .Values.k8s_sensor.deployment.pod.limits \| nindent 14 }}`
			`ports:`
			`- containerPort: 42699`
Charts CI ``` Updated: argo/argo-cd: - 5.16.14 asserts/asserts: - 1.26.0 bitnami/postgresql: - 12.1.7 bitnami/redis: - 17.4.1 cockroach-labs/cockroachdb: - 10.0.2 datadog/datadog: - 3.6.8 external-secrets/external-secrets: - 0.7.1 instana/instana-agent: - 1.2.49 jenkins/jenkins: - 4.2.19 jfrog/artifactory-ha: - 107.49.3 jfrog/artifactory-jcr: - 107.49.3 minio/minio-operator: - 4.5.6 pixie/pixie-operator-chart: - 0.0.35 sumologic/sumologic: - 2.19.1 sysdig/sysdig: - 1.15.69 ``` 2023-01-05 15:42:23 +00:00			`volumes:`
			`- name: configuration`
			`configMap:`
			`name: {{ include "instana-agent.fullname" . }}`
Charts CI ``` Updated: argo/argo-cd: - 5.13.9 asserts/asserts: - 1.13.0 bitnami/mariadb: - 11.4.0 bitnami/mysql: - 9.4.4 bitnami/spark: - 6.3.11 bitnami/wordpress: - 15.2.16 hashicorp/consul: - 1.0.0 instana/instana-agent: - 1.2.48 jenkins/jenkins: - 4.2.14 redpanda/redpanda: - 2.3.1 yugabyte/yugabyte: - 2.14.5 yugabyte/yugaware: - 2.14.5 ``` 2022-11-18 23:16:29 +00:00			`{{- if .Values.k8s_sensor.deployment.pod.tolerations }}`
			`tolerations:`
			`{{- toYaml .Values.k8s_sensor.deployment.pod.tolerations \| nindent 8 }}`
			`{{- end }}`
			`affinity:`
			`podAntiAffinity:`
			`# Soft anti-affinity policy: try not to schedule multiple kubernetes-sensor pods on the same node.`
			`# If the policy is set to "requiredDuringSchedulingIgnoredDuringExecution", if the cluster has`
			# fewer nodes than the amount of desired replicas, `helm install/upgrade --wait` will not return.
			`preferredDuringSchedulingIgnoredDuringExecution:`
			`- weight: 100`
			`podAffinityTerm:`
			`labelSelector:`
			`matchExpressions:`
			`- key: instana/agent-mode`
			`operator: In`
			`values: [ KUBERNETES ]`
			`topologyKey: "kubernetes.io/hostname"`
			`{{- end -}}`
			`{{- end -}}`
			`{{- end -}}`