rancher-partner-charts/charts/instana/instana-agent/values.yaml

# name is the value which will be used as the base resource name for various resources associated with the agent.
# name: instana-agent

agent:
  # agent.mode is used to set agent mode and it can be APM, INFRASTRUCTURE or AWS
  # mode: APM

  # agent.key is the secret token which your agent uses to authenticate to Instana's servers.
  key: null
  # agent.downloadKey is key, sometimes known ass "sales key", that allows you to download,
  # software from Instana.
  # downloadKey: null

  # Rather than specifying the agent key and optionally the download key, you can "bring your
  # own secret" creating it in the namespace in which you install the `instana-agent` and
  # specify its name in the `keysSecret` field. The secret you create must contains
  # a field called `key` and optionally one called `downloadKey`, which contain, respectively,
  # the values you'd otherwise set in `.agent.key` and `agent.downloadKey`.
  # keysSecret: null

  # agent.listenAddress is the IP address the agent HTTP server will listen to.
  # listenAddress: "*"

  # agent.endpointHost is the hostname of the Instana server your agents will connect to.
  endpointHost: ingress-red-saas.instana.io
  # agent.endpointPort is the port number (as a String) of the Instana server your agents will connect to.
  endpointPort: 443

  # These are additional backends the Instana agent will report to besides
  # the one configured via the `agent.endpointHost`, `agent.endpointPort` and `agent.key` setting
  additionalBackends: []
    # - endpointHost: ingress.instana.io
    #   endpointPort: 443
    #   key: <agent_key>

  # TLS for end-to-end encryption between Instana agent and clients accessing the agent.
  # The Instana agent does not yet allow enforcing TLS encryption.
  # TLS is only enabled on a connection when requested by the client.
  tls:
    # In order to enable TLS, a secret of type kubernetes.io/tls must be specified.
    # secretName is the name of the secret that has the relevant files.
    # secretName: null
    # Otherwise,  the certificate and the private key must be provided as base64 encoded.
    # certificate: null
    # key: null

  image:
    # agent.image.name is the name of the container image of the Instana agent.
    name: icr.io/instana/agent
    # agent.image.digest is the digest (a.k.a. Image ID) of the agent container image; if specified, it has priority over agent.image.tag, which will be ignored.
    #digest:
    # agent.image.tag is the tag name of the agent container image; if agent.image.digest is specified, this property is ignored.
    tag: latest
    # agent.image.pullPolicy specifies when to pull the image container.
    pullPolicy: Always
    # agent.image.pullSecrets allows you to override the default pull secret that is created when agent.image.name starts with "containers.instana.io"
    # Setting agent.image.pullSecrets prevents the creation of the default "containers-instana-io" secret.
    # pullSecrets:
    #   - name: my_awesome_secret_instead
    # If you want no imagePullSecrets to be specified in the agent pod, you can just pass an empty array to agent.image.pullSecrets
    # pullSecrets: []

  updateStrategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 1

  pod:
    # agent.pod.annotations are additional annotations to be added to the agent pods.
    annotations: {}

    # agent.pod.labels are additional labels to be added to the agent pods.
    labels: {}

    # agent.pod.tolerations are tolerations to influence agent pod assignment.
    #   https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
    tolerations: []

    # agent.pod.affinity are affinities to influence agent pod assignment.
    # https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
    affinity: {}

    # agent.pod.priorityClassName is the name of an existing PriorityClass that should be set on the agent pods
    #   https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
    priorityClassName: null

    # agent.pod.requests and agent.pod.limits adjusts the resource assignments for the DaemonSet agent
    #   regardless of the kubernetes.deployment.enabled setting
    requests:
      # agent.pod.requests.memory is the requested memory allocation in MiB for the agent pods.
      memory: 768Mi
      # agent.pod.requests.cpu are the requested CPU units allocation for the agent pods.
      cpu: 0.5
    limits:
      # agent.pod.limits.memory set the memory allocation limits in MiB for the agent pods.
      memory: 768Mi
      # agent.pod.limits.cpu sets the CPU units allocation limits for the agent pods.
      cpu: 1.5

  # agent.proxyHost sets the INSTANA_AGENT_PROXY_HOST environment variable.
  # proxyHost: null
  # agent.proxyPort sets the INSTANA_AGENT_PROXY_PORT environment variable.
  # proxyPort: 80
  # agent.proxyProtocol sets the INSTANA_AGENT_PROXY_PROTOCOL environment variable.
  # proxyProtocol: HTTP
  # agent.proxyUser sets the INSTANA_AGENT_PROXY_USER environment variable.
  # proxyUser: null
  # agent.proxyPassword sets the INSTANA_AGENT_PROXY_PASSWORD environment variable.
  # proxyPassword: null
  # agent.proxyUseDNS sets the INSTANA_AGENT_PROXY_USE_DNS environment variable.
  # proxyUseDNS: false

  # use this to set additional environment variables for the instana agent
  # for example:
  # env:
  #   INSTANA_AGENT_TAGS: dev
  env: {}

  configuration:
    # When setting this to true, the Helm chart will automatically look up the entries
    # of the default instana-agent ConfigMap, and mount as agent configuration files
    # under /opt/instana/agent/etc/instana all entries with keys that match the
    # 'configuration-*.yaml' scheme
    #
    # IMPORTANT: Needs Helm 3.1+ as it is built on the `lookup` function
    # IMPORTANT: Editing the ConfigMap adding keys requires a `helm upgrade` to take effect
    autoMountConfigEntries: false

    # When setting this to true, the updates of the default instana-agent ConfigMap
    # will be reflected in the pod without requiring a pod restart
    hotreloadEnabled: false

  configuration_yaml: |
    # Manual a-priori configuration. Configuration will be only used when the sensor
    # is actually installed by the agent.
    # The commented out example values represent example configuration and are not
    # necessarily defaults. Defaults are usually 'absent' or mentioned separately.
    # Changes are hot reloaded unless otherwise mentioned.

    # It is possible to create files called 'configuration-abc.yaml' which are
    # merged with this file in file system order. So 'configuration-cde.yaml' comes
    # after 'configuration-abc.yaml'. Only nested structures are merged, values are
    # overwritten by subsequent configurations.

    # Secrets
    # To filter sensitive data from collection by the agent, all sensors respect
    # the following secrets configuration. If a key collected by a sensor matches
    # an entry from the list, the value is redacted.
    #com.instana.secrets:
    #  matcher: 'contains-ignore-case' # 'contains-ignore-case', 'contains', 'regex'
    #  list:
    #    - 'key'
    #    - 'password'
    #    - 'secret'

    # Host
    #com.instana.plugin.host:
    #  tags:
    #    - 'dev'
    #    - 'app1'

    # Hardware & Zone
    #com.instana.plugin.generic.hardware:
    #  enabled: true # disabled by default
    #  availability-zone: 'zone'

  # agent.redactKubernetesSecrets sets the INSTANA_KUBERNETES_REDACT_SECRETS environment variable.
  # redactKubernetesSecrets: null

  # agent.host.repository sets a host path to be mounted as the agent maven repository (for debugging or development purposes)
  host:
    repository: null

cluster:
  # cluster.name represents the name that will be assigned to this cluster in Instana
  name: null

# openshift specifies whether the cluster role should include openshift permissions and other tweaks to the YAML.
# The chart will try to auto-detect if the cluster is OpenShift, so you will likely not even need to set this explicitly.
# openshift: true

rbac:
  # Specifies whether RBAC resources should be created
  create: true

service:
  # Specifies whether to create the instana-agent service to expose within the cluster the Prometheus remote-write, OpenTelemetry GRCP endpoint and other APIs
  # Note: Requires Kubernetes 1.17+, as it uses topologyKeys
  create: true

#opentelemetry:
#  enabled: false # legacy setting, will only enable grpc, defaults to false
#  grpc:
#    enabled: false # takes precedence over legacy settings above, defaults to true if "grpc:" is present
#  http:
#    enabled: false # allows to enable http endpoints, defaults to true if "http:" is present

prometheus:
  remoteWrite:
    enabled: false # If true, it will also apply `service.create=true`

serviceAccount:
  # Specifies whether a ServiceAccount should be created
  create: true
  # The name of the ServiceAccount to use.
  # If not set and `create` is true, a name is generated using the fullname template
  # name: instana-agent

podSecurityPolicy:
  # Specifies whether a PodSecurityPolicy should be authorized for the Instana Agent pods.
  # Requires `rbac.create` to be `true` as well and K8s version below v1.25.
  enable: false
  # The name of an existing PodSecurityPolicy you would like to authorize for the Instana Agent pods.
  # If not set and `enable` is true, a PodSecurityPolicy will be created with a name generated using the fullname template.
  name: null

zone:
  # zone.name is the custom zone that detected technologies will be assigned to
  name: null

k8s_sensor:
  image:
    # k8s_sensor.image.name is the name of the container image of the Instana agent.
    name: icr.io/instana/k8sensor
    # k8s_sensor.image.digest is the digest (a.k.a. Image ID) of the agent container image; if specified, it has priority over agent.image.tag, which will be ignored.
    #digest:
    # k8s_sensor.image.tag is the tag name of the agent container image; if agent.image.digest is specified, this property is ignored.
    tag: latest
    # k8s_sensor.image.pullPolicy specifies when to pull the image container.
    pullPolicy: Always
  deployment:
    # Specifies whether or not to enable the Deployment and turn off the Kubernetes sensor in the DaemonSet
    enabled: true
    # Use three replicas to ensure the HA by the default.
    replicas: 3
    # k8s_sensor.deployment.pod adjusts the resource assignments for the agent independently of the DaemonSet agent when k8s_sensor.deployment.enabled=true
    pod:
      requests:
        # k8s_sensor.deployment.pod.requests.memory is the requested memory allocation in MiB for the agent pods.
        memory: 128Mi
        # k8s_sensor.deployment.pod.requests.cpu are the requested CPU units allocation for the agent pods.
        cpu: 10m
      limits:
        # k8s_sensor.deployment.pod.limits.memory set the memory allocation limits in MiB for the agent pods.
        memory: 1536Mi
        # k8s_sensor.deployment.pod.limits.cpu sets the CPU units allocation limits for the agent pods.
        cpu: 500m
      affinity:
        podAntiAffinity:
          # Soft anti-affinity policy: try not to schedule multiple kubernetes-sensor pods on the same node.
          # If the policy is set to "requiredDuringSchedulingIgnoredDuringExecution", if the cluster has
          # fewer nodes than the amount of desired replicas, `helm install/upgrade --wait` will not return.
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 100
            podAffinityTerm:
              labelSelector:
                matchExpressions:
                - key: instana/agent-mode
                  operator: In
                  values: [ KUBERNETES ]
              topologyKey: "kubernetes.io/hostname"
  podDisruptionBudget:
    # Specifies whether or not to setup a pod disruption budget for the k8sensor deployment
    enabled: false

kubernetes:
  # Configures use of a Deployment for the Kubernetes sensor rather than as a potential member of the DaemonSet. Is only accepted if k8s_sensor.deployment.enabled=false
  deployment:
    # Specifies whether or not to enable the Deployment and turn off the Kubernetes sensor in the DaemonSet
    enabled: false
    # Use a single replica, the impact will generally be low and we need to address a host of other concerns where clusters are large.
    replicas: 1

    # kubernetes.deployment.pod adjusts the resource assignments for the agent independently of the DaemonSet agent when kubernetes.deployment.enabled=true
    pod:
      requests:
        # kubernetes.deployment.pod.requests.memory is the requested memory allocation in MiB for the agent pods.
        memory: 1024Mi
        # kubernetes.deployment.pod.requests.cpu are the requested CPU units allocation for the agent pods.
        cpu: 720m
      limits:
        # kubernetes.deployment.pod.limits.memory set the memory allocation limits in MiB for the agent pods.
        memory: 3072Mi
        # kubernetes.deployment.pod.limits.cpu sets the CPU units allocation limits for the agent pods.
        cpu: 4

# zones:
#  # Configure use of zones to use tolerations as the basis to associate a specific daemonset per tainted node pool
#  - name: pool-01
#    tolerations:
#    - key: "pool"
#      operator: "Equal"
#      value: "pool-01"
#      effect: "NoExecute"
#  - name: pool-02
#    tolerations:
#    - key: "pool"
#      operator: "Equal"
#      value: "pool-02"
#      effect: "NoExecute"