Merge pull request #253 from 0sewa0/dynatrace-oneagent-operator-0-10-2

Dynatrace oneagent operator v0.10.2 release
pull/266/head
alex-isv 2021-11-24 16:01:13 -07:00 committed by GitHub
commit fdb6993607
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
51 changed files with 2770 additions and 12 deletions

View File

@ -0,0 +1,25 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
# Test folder
tests/

View File

@ -0,0 +1,20 @@
annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Dynatrace Oneagent Operator
catalog.cattle.io/release-name: dynatrace-oneagent-operator
apiVersion: v2
appVersion: 0.10.2
description: The Dynatrace OneAgent Operator Helm chart for Kubernetes and Openshift
home: https://www.dynatrace.com/
icon: https://assets.dynatrace.com/global/resources/Signet_Logo_RGB_CP_512x512px.png
kubeVersion: '>= 1.19'
maintainers:
- email: marco.mader@dynatrace.com
name: DTMad
- email: michael.mayr@dynatrace.com
name: mmayr-at
name: dynatrace-oneagent-operator
sources:
- https://github.com/Dynatrace/helm-charts
type: application
version: 0.10.201

View File

@ -0,0 +1,15 @@
apiVersion: v2
appVersion: 0.10.2
description: The Dynatrace OneAgent Operator Helm chart for Kubernetes and Openshift
home: https://www.dynatrace.com/
icon: https://assets.dynatrace.com/global/resources/Signet_Logo_RGB_CP_512x512px.png
maintainers:
- email: marco.mader@dynatrace.com
name: DTMad
- email: michael.mayr@dynatrace.com
name: mmayr-at
name: dynatrace-oneagent-operator
sources:
- https://github.com/Dynatrace/helm-charts
type: application
version: 0.10.2

View File

@ -0,0 +1,121 @@
# Welcome
Dynatrace automatically discovers, baselines, and intelligently monitors Kubernetes clusters and workloads. Learn more about Dynatrace at [our website](https://www.dynatrace.com/platform/).
# Dynatrace OneAgent Operator Helm Chart
The Dynatrace OneAgent Operator Helm Chart which supports the rollout and lifecycle of [Dynatrace OneAgent](https://www.dynatrace.com/support/help/get-started/introduction/what-is-oneagent/) in Kubernetes and OpenShift clusters.
This Helm Chart requires Helm 3.
### Platforms
Depending on the version of the Dynatrace OneAgent Operator, it supports the following platforms:
| Dynatrace OneAgent Operator Helm Chart version | Kubernetes | OpenShift Container Platform |
| ---------------------------------------------- | ---------- | ---------------------------- |
| v0.10.2 | 1.18+ | 3.11.188+, 4.5+ |
| v0.9.5 | 1.15+ | 3.11.188+, 4.3+ |
| v0.8.2 | 1.14+ | 3.11.188+, 4.1+ |
| v0.7.1 | 1.14+ | 3.11.188+, 4.1+ |
| v0.6.0 | 1.11+ | 3.11+ |
| v0.5.4 | 1.11+ | 3.11+ |
## Quick Start
The Dynatrace OneAgent Operator acts on its separate namespace `dynatrace`.
It holds the operator deployment and all dependent objects like permissions, custom resources and
corresponding DaemonSets.
To install the Dynatrace OneAgent Operator via Helm run the following command:
### Adding Dynatrace OneAgent Helm repository
```
$ helm repo add dynatrace https://raw.githubusercontent.com/Dynatrace/helm-charts/master/repos/stable
```
### Prepare tokens
Generate an API and a PaaS token in your Dynatrace environment.
https://www.dynatrace.com/support/help/reference/dynatrace-concepts/why-do-i-need-an-environment-id/#create-user-generated-access-tokens
### Chart installation
To install the Dynatrace OneAgent Operator first create the dynatrace namespace, apply the latest CRD from [the latest release](https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest) and replace the APIUrl, the API token and the PaaS token in command and execute it
#### Kubernetes
```
$ kubectl create namespace dynatrace
$ kubectl apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagents.yaml
$ kubectl apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagentapms.yaml
$ helm install dynatrace-oneagent-operator dynatrace/dynatrace-oneagent-operator -n dynatrace --set platform="kubernetes",oneagent.apiUrl="https://ENVIRONMENTID.live.dynatrace.com/api",secret.apiToken="DYNATRACE_API_TOKEN",secret.paasToken="PLATFORM_AS_A_SERVICE_TOKEN"
```
#### OpenShift
```
$ oc adm new-project --node-selector="" dynatrace
$ oc apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagents.yaml
$ oc apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagentapms.yaml
$ helm install dynatrace-oneagent-operator dynatrace/dynatrace-oneagent-operator -n dynatrace --set platform="openshift",oneagent.apiUrl="https://ENVIRONMENTID.live.dynatrace.com/api",secret.apiToken="DYNATRACE_API_TOKEN",secret.paasToken="PLATFORM_AS_A_SERVICE_TOKEN"
```
##### OpenShift 3.11
```
$ oc adm new-project --node-selector="" dynatrace
$ oc apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagents-v1beta1.yaml
$ oc apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagentapms-v1beta1.yaml
$ helm install dynatrace-oneagent-operator dynatrace/dynatrace-oneagent-operator -n dynatrace --set platform="openshift-3-11",oneagent.apiUrl="https://ENVIRONMENTID.live.dynatrace.com/api",secret.apiToken="DYNATRACE_API_TOKEN",secret.paasToken="PLATFORM_AS_A_SERVICE_TOKEN"
```
This will automatically install the Dynatrace OneAgent Operator and create OneAgents for every of your nodes.
## Update procedure
To update simply update your helm repositories and check the latest version
```
$ helm repo update
```
You can then check for the latest version by searching your Helm repositories for the Dynatrace OneAgent Operator
```
$ helm search repo dynatrace-oneagent-operator
```
To update to the latest version apply the latest version of the CRD attached to [the latest release](https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest) and run this command.
Do not forget to add the `reuse-values` flag to keep your configuration
##### Kubernetes
```
$ kubectl apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagents.yaml
$ kubectl apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagentapms.yaml
$ helm upgrade dynatrace-oneagent-operator dynatrace/dynatrace-oneagent-operator -n dynatrace --reuse-values
```
##### OpenShift
```
$ oc apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagents.yaml
$ oc apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagentapms.yaml
$ helm upgrade dynatrace-oneagent-operator dynatrace/dynatrace-oneagent-operator -n dynatrace --reuse-values
```
##### OpenShift 3.11
```
$ oc apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagents-v1beta1.yaml
$ oc apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagentapms-v1beta1.yaml
$ helm upgrade dynatrace-oneagent-operator dynatrace/dynatrace-oneagent-operator -n dynatrace --reuse-values
```
## Uninstall dynatrace-oneagent-operator
Remove OneAgent custom resources and clean-up all remaining OneAgent Operator specific objects:
```sh
$ helm uninstall dynatrace-oneagent-operator -n dynatrace
```
## License
Dynatrace OneAgent Operator Helm Chart is under Apache 2.0 license. See [LICENSE](../LICENSE) for details.

View File

@ -0,0 +1,19 @@
# Dynatrace OneAgent Operator
This is the home of the Dynatrace OneAgent Operator's Helm Chart which supports the rollout and lifecycle of [Dynatrace OneAgent](https://www.dynatrace.com/support/help/get-started/introduction/what-is-oneagent/) in Kubernetes and OpenShift clusters.
Rolling out Dynatrace OneAgent via DaemonSet on a cluster is straightforward.
Maintaining its lifecycle places a burden on the operational team.
Dynatrace OneAgent Operator closes this gap by automating the repetitive steps involved in keeping Dynatrace OneAgent at its latest desired version.
## Additional Instructions
Please make sure the CRD is applied before using this chart!
```
kubectl apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagents.yaml
kubectl apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/latest/download/dynatrace.com_oneagentapms.yaml
```
To apply the CRD for Openshift or Openshift 3.11 follow the instructions in the [Github Repository](https://github.com/Dynatrace/helm-charts/tree/master/dynatrace-oneagent-operator/chart/default#chart-installation).

Binary file not shown.

After

Width:  |  Height:  |  Size: 9.7 KiB

File diff suppressed because one or more lines are too long

After

Width:  |  Height:  |  Size: 20 KiB

View File

@ -0,0 +1,267 @@
categories:
- APM
- Monitoring
questions:
- variable: crdApplied
label: "CRD manually applied"
description: "Please make sure you have applied the latest CRD by following the instructions in the description above."
default: ""
required: true
type: enum
options:
- "yes"
group: "Prerequisites"
#################### Agent Configuration (REQUIRED) ####################
- variable: mode
label: "Monitoring mode"
description: "Either fullstack for full monitoring or apm for application only monitoring"
default: "fullstack"
type: enum
group: "Agent Configuration (REQUIRED)"
show_if: "crdApplied=yes"
options:
- "fullstack"
- "apm"
- variable: oneagent.apiUrl
label: "Dynatrace API URL"
description: "Dynatrace API URL including `/api` path at the end"
default: "https://ENVIRONMENTID.live.dynatrace.com/api"
type: string
required: true
group: "Agent Configuration (REQUIRED)"
show_if: "crdApplied=yes"
- variable: secret.apiToken
label: "Dynatrace API token"
description: "Your Dynatrace API token - You can generate this token in your Dynatrace environment"
default: ""
type: string
required: false
group: "Agent Configuration (REQUIRED)"
show_if: "crdApplied=yes"
- variable: secret.paasToken
label: "Dynatrace PaaS token"
description: "Your Dynatrace Platform as a Service token - You can generate this token in your Dynatrace environment"
default: ""
type: string
required: true
group: "Agent Configuration (REQUIRED)"
show_if: "crdApplied=yes"
#################### Use custom limits settings ###################
- variable: use_custom_limits_settings
label: "Use custom limits settings"
description: "Use custom resource limits for the Dynatrace OneAgent"
default: false
type: boolean
group: "Use custom limits settings"
show_if: "crdApplied=yes"
show_subquestion_if: true
subquestions:
- variable: oneagent.resources.requests.cpu
label: "CPU resource request"
description: "Defines the minimum requested CPU by the OneAgent"
type: string
show_if: "crdApplied=yes"
group: "Use custom limits settings"
- variable: oneagent.resources.requests.memory
label: "Memory resource request"
description: "Defines the minimum requested memory by the OneAgent"
type: string
show_if: "crdApplied=yes"
group: "Use custom limits settings"
- variable: oneagent.resources.limits.cpu
label: "CPU resource limits"
description: "Defines the maximum provided CPU for the OneAgent"
type: string
show_if: "crdApplied=yes"
group: "Use custom limits settings"
- variable: oneagent.resources.limits.memory
label: "Memory resource limits"
description: "Defines the maximum provided memory for the OneAgent"
type: string
show_if: "crdApplied=yes"
group: "Use custom limits settings"
#################### Advanced Agent Configuration (OPTIONAL) ####################
- variable: show_advanced_config
label: "Show advanced configuration"
description: "Show advanced configuration options for the Dynatrace OneAgent Operator"
default: false
type: boolean
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes"
show_subquestion_if: true
subquestions:
- variable: operator.image
label: "Custom Operator image location"
description: "The location from where to grab the Dynatrace OneAgent operator image - default is quay.io/dynatrace/dynatrace-oneagent-operator"
default: ""
type: string
show_if: "crdApplied=yes"
group: "Advanced Agent Configuration (OPTIONAL)"
- variable: oneagent.name
label: "OneAgent CustomResource name"
default: "oneagent"
type: string
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"
- variable: oneagent.disableAgentUpdate
label: "Disable automatic OneAgent updates"
description: "Disables automatic restarts of oneagent pods in case a new version is available"
default: false
type: boolean
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"
- variable: oneagent.dnsPolicy
label: "Set custom DNS Policy"
description: "DNS Policy for OneAgent pods. Empty for default (ClusterFirst), more at https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy"
default: ""
type: string
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"
- variable: oneagent.enableIstio
label: "Enable istio"
description: "When enabled, and if Istio is installed on the Kubernetes environment, then the Operator will create the corresponding VirtualService and ServiceEntries objects to allow access to the Dynatrace cluster from the agent."
default: false
type: boolean
show_if: "crdApplied=yes"
group: "Advanced Agent Configuration (OPTIONAL)"
- variable: oneagent.image
label: "Custom OneAgent image location"
description: "The location from where to grab the Dynatrace OneAgent image - default for Kubernetes is docker.io/dynatrace/oneagent"
default: ""
type: string
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"
- variable: oneagent.skipCertCheck
label: "Skip certificate check"
description: "Disable certificate validation checks for installer download and API communication"
default: false
type: boolean
show_if: "crdApplied=yes"
group: "Advanced Agent Configuration (OPTIONAL)"
- variable: oneagent.priorityClassName
label: "Assign priority class to OneAgent pods"
description: "Priority class to assign to OneAgent pods, more at https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/"
default: ""
type: string
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"
- variable: oneagent.proxy
label: "Define a proxy"
description: "Configures a proxy for the Agent, AgentDownload and the Operator. Provide the proxy here"
default: ""
type: string
show_if: "crdApplied=yes"
group: "Advanced Agent Configuration (OPTIONAL)"
- variable: oneagent.trustedCAs
label: "Add custom CA certificates"
description: "Adds the provided CA certificates to the Operator and the OneAgent. Provide your custom certificates here. If this is not set the default embedded certificates on the images will be used"
default: ""
type: multiline
show_if: "crdApplied=yes"
group: "Advanced Agent Configuration (OPTIONAL)"
- variable: oneagent.waitReadySeconds
label: "Wait seconds until ready"
description: "Define the time to wait until OneAgent pod is ready after update - defaults to 300s"
default: ""
type: int
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"
- variable: oneagent.args
label: "Arguments to OneAgent installer"
description: "Defines additional arguments which get passed to the OneAgent installer - Please edit as Yaml for the best experience. The expected format is YAML and not a string"
default: ""
type: string
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"
- variable: oneagent.env
label: "Environment variables for OneAgent"
description: "Defines additional environment variables which get passed to the OneAgent - Please edit as Yaml for the best experience"
type: string
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"
- variable: oneagent.nodeSelector
label: "Node selector to control the selection of nodes"
description: "Defines a NodeSelector to customize to which nodes the OneAgent will be rolled out - Please edit as Yaml for the best experience"
type: string
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"
- variable: oneagent.labels
label: "Custom labels for the OneAgent pods"
description: "Defines labels for OneAgent pods to structure workloads as desired - Please edit as Yaml for the best experience"
type: string
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"
- variable: oneagent.tolerations
label: "Custom tolerations for the OneAgent"
description: "Defines custom tolerations to the OneAgent - Please edit as Yaml for the best experience - see https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/"
default: ""
type: string
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"
- variable: oneagent.networkZone
label: "Network zone"
description: "Configures a network zone for your OneAgents"
default: ""
type: string
show_if: "crdApplied=yes"
group: "Advanced Agent Configuration (OPTIONAL)"
- variable: oneagent.useUnprivilegedMode
label: "Early Adopter: run unprivileged"
description: "Early Adopter: support full-stack OneAgent running on unprivileged mode"
default: true
type: boolean
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"
- variable: oneagent.useImmutableImage
label: "Use immutable OneAgent image"
description: "If set the immutable OneAgent image will be used"
default: false
type: boolean
show_if: "crdApplied=yes"
group: "Advanced Agent Configuration (OPTIONAL)"
- variable: oneagent.agentVersion
label: "Agent version for immutable image"
description: "Defines the agent version used when immutable image is used - defaults to latest"
default: ""
type: string
show_if: "crdApplied=yes"
group: "Advanced Agent Configuration (OPTIONAL)"
- variable: oneagent.customPullSecret
label: "Custom PullSecret for the immutable image"
description: "Defines a custom pull secret for the immutable image in case you have your own registry"
default: ""
type: string
group: "Advanced Agent Configuration (OPTIONAL)"
show_if: "crdApplied=yes && mode=fullstack"

View File

@ -0,0 +1,47 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: dynatrace-oneagent-operator
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
rules:
- apiGroups:
- "" # "" indicates the core API group
resources:
- nodes
- namespaces
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- apiGroups:
- ""
resources:
- secrets
resourceNames:
- dynatrace-oneagent-config
- dynatrace-oneagent-pull-secret
verbs:
- get
- update
- delete

View File

@ -0,0 +1,46 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: dynatrace-oneagent-webhook
labels:
{{- include "dynatrace-oneagent-operator.commonlabelswebhook" . | nindent 4 }}
rules:
- apiGroups:
- ""
resources:
- namespaces
verbs:
- get
- list
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
verbs:
- list
- create
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
resourceNames:
- dynatrace-oneagent-webhook
verbs:
- get
- update

View File

@ -0,0 +1,28 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: dynatrace-oneagent-operator
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: dynatrace-oneagent-operator
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: dynatrace-oneagent-operator
apiGroup: rbac.authorization.k8s.io

View File

@ -0,0 +1,28 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: dynatrace-oneagent-webhook
labels:
{{- include "dynatrace-oneagent-operator.commonlabelswebhook" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: dynatrace-oneagent-webhook
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: dynatrace-oneagent-webhook
apiGroup: rbac.authorization.k8s.io

View File

@ -0,0 +1,26 @@
# Copyright 2020 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if .Values.oneagent.trustedCAs }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Values.oneagent.name }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
data:
certs: |
{{ .Values.oneagent.trustedCAs | indent 4 }}
{{- end }}

View File

@ -0,0 +1,136 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if and (eq .Values.mode "fullstack") (ne .Values.oneagent.apiUrl "") }}
apiVersion: dynatrace.com/v1alpha1
kind: OneAgent
metadata:
name: {{ .Values.oneagent.name }}
namespace: {{ .Release.Namespace }}
annotations:
{{- if ne .Values.platform "google"}}
"helm.sh/hook": post-install
{{ end }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
spec:
apiUrl: {{ .Values.oneagent.apiUrl }}
tokens: {{ .Values.oneagent.name }}
image: {{ include "dynatrace-oneagent.image" . | quote }}
{{- if ne (printf "%T" .Values.oneagent.args) "string" }}
args: {{- toYaml .Values.oneagent.args | nindent 4 }}
{{- end }}
{{- if .Values.oneagent.env }}
env: {{- toYaml .Values.oneagent.env | nindent 4 }}
{{- end }}
{{- if .Values.oneagent.labels }}
labels: {{- toYaml .Values.oneagent.labels | nindent 4 }}
{{- end }}
{{- if .Values.oneagent.nodeSelector }}
nodeSelector: {{- toYaml .Values.oneagent.nodeSelector | nindent 4 }}
{{- end }}
{{- if .Values.oneagent.proxy }}
proxy:
valueFrom: {{ .Values.oneagent.name }}
{{- end }}
{{- if ne (printf "%T" .Values.oneagent.tolerations) "string" }}
tolerations: {{- toYaml .Values.oneagent.tolerations | nindent 4 }}
{{- else }}
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
{{- end }}
{{- if .Values.oneagent.resources }}
resources:
{{- if or (.Values.oneagent.resources.requests.cpu) (.Values.oneagent.resources.requests.memory) }}
requests:
{{- if .Values.oneagent.resources.requests.cpu }}
cpu: {{ .Values.oneagent.resources.requests.cpu }}
{{- end }}
{{ if .Values.oneagent.resources.requests.memory }}
memory: {{ .Values.oneagent.resources.requests.memory }}
{{- end }}
{{- end }}
{{- if or (.Values.oneagent.resources.limits.cpu) (.Values.oneagent.resources.limits.memory) }}
limits:
{{- if .Values.oneagent.resources.limits.cpu }}
cpu: {{ .Values.oneagent.resources.limits.cpu }}
{{- end }}
{{- if .Values.oneagent.resources.limits.memory }}
memory: {{ .Values.oneagent.resources.limits.memory }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.oneagent.dnsPolicy }}
dnsPolicy: {{ .Values.oneagent.dnsPolicy }}
{{- end }}
{{- if .Values.oneagent.enableIstio }}
enableIstio: {{ .Values.oneagent.enableIstio }}
{{- end }}
{{- if .Values.oneagent.disableAgentUpdate }}
disableAgentUpdate: {{ .Values.oneagent.disableAgentUpdate }}
{{- end }}
{{- if .Values.oneagent.skipCertCheck }}
skipCertCheck: {{ .Values.oneagent.skipCertCheck }}
{{- end }}
{{- if .Values.oneagent.waitReadySeconds }}
waitReadySeconds: {{ .Values.oneagent.waitReadySeconds }}
{{- end }}
{{- if .Values.oneagent.priorityClassName }}
priorityClassName: {{ .Values.oneagent.priorityClassName }}
{{- end }}
{{- if .Values.oneagent.serviceAccountName }}
serviceAccountName: {{ .Values.oneagent.serviceAccountName }}
{{- end }}
{{- if .Values.oneagent.trustedCAs }}
trustedCAs: {{ .Values.oneagent.name }}
{{- end }}
{{- if .Values.oneagent.networkZone }}
networkZone: {{ .Values.oneagent.networkZone }}
{{- end }}
{{- if .Values.oneagent.useUnprivilegedMode }}
useUnprivilegedMode: {{ .Values.oneagent.useUnprivilegedMode }}
{{- end }}
{{- if .Values.oneagent.useImmutableImage }}
useImmutableImage: {{ .Values.oneagent.useImmutableImage }}
{{- end }}
{{- if .Values.oneagent.agentVersion }}
agentVersion: {{ .Values.oneagent.agentVersion }}
{{- end }}
{{- if .Values.oneagent.customPullSecret }}
customPullSecret: {{ .Values.oneagent.customPullSecret }}
{{- end }}
{{ end }}

View File

@ -0,0 +1,88 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if and (eq .Values.mode "apm") (ne .Values.oneagent.apiUrl "") }}
apiVersion: dynatrace.com/v1alpha1
kind: OneAgentAPM
metadata:
name: {{ include "oneagentapm.name" . }}
namespace: {{ .Release.Namespace }}
annotations:
{{- if ne .Values.platform "google"}}
"helm.sh/hook": post-install
{{ end }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
spec:
apiUrl: {{ .Values.oneagent.apiUrl }}
tokens: {{ .Values.oneagent.name }}
{{- if .Values.oneagent.skipCertCheck }}
skipCertCheck: {{ .Values.oneagent.skipCertCheck }}
{{- end }}
{{- if .Values.oneagent.enableIstio }}
enableIstio: {{ .Values.oneagent.enableIstio }}
{{- end }}
{{- if .Values.oneagent.proxy }}
proxy:
valueFrom: {{ .Values.oneagent.name }}
{{- end }}
{{- if .Values.oneagent.trustedCAs }}
trustedCAs: {{ .Values.oneagent.name }}
{{- end }}
{{- if .Values.oneagent.networkZone }}
networkZone: {{ .Values.oneagent.networkZone }}
{{- end }}
{{- if .Values.oneagent.useImmutableImage }}
useImmutableImage: {{ .Values.oneagent.useImmutableImage }}
{{- end }}
{{- if .Values.oneagent.agentVersion }}
agentVersion: {{ .Values.oneagent.agentVersion }}
{{- end }}
{{- if .Values.oneagent.resources }}
resources:
{{- if or (.Values.oneagent.resources.requests.cpu) (.Values.oneagent.resources.requests.memory) }}
requests:
{{- if .Values.oneagent.resources.requests.cpu }}
cpu: {{ .Values.oneagent.resources.requests.cpu }}
{{- end }}
{{- if .Values.oneagent.resources.requests.memory }}
memory: {{ .Values.oneagent.resources.requests.memory }}
{{- end }}
{{- end }}
{{- if or (.Values.oneagent.resources.limits.cpu) (.Values.oneagent.resources.limits.memory) }}
limits:
{{- if .Values.oneagent.resources.limits.cpu }}
cpu: {{ .Values.oneagent.resources.limits.cpu }}
{{- end }}
{{- if .Values.oneagent.resources.limits.memory }}
memory: {{ .Values.oneagent.resources.limits.memory }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.oneagent.flavor }}
flavor: {{ .Values.oneagent.flavor }}
{{- end }}
{{end}}

View File

@ -0,0 +1,112 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: dynatrace-oneagent-operator
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
spec:
replicas: 1
revisionHistoryLimit: 1
selector:
matchLabels:
name: {{ .Release.Name }}
strategy:
type: Recreate
template:
metadata:
labels:
name: {{ .Release.Name }}
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 8 }}
spec:
containers:
- name: dynatrace-oneagent-operator
args:
- operator
image: {{ include "dynatrace-oneagent-operator.image" . }}
imagePullPolicy: Always
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
ports:
- containerPort: 8080
name: metrics
- containerPort: 10080
name: server-port
resources:
requests:
cpu: 10m
memory: 64Mi
limits:
cpu: 100m
memory: 256Mi
readinessProbe:
httpGet:
path: /healthz
port: server-port
scheme: HTTP
initialDelaySeconds: 15
periodSeconds: 10
livenessProbe:
httpGet:
path: /healthz
port: server-port
scheme: HTTP
initialDelaySeconds: 15
periodSeconds: 10
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- amd64
- arm64
- key: beta.kubernetes.io/os
operator: In
values:
- linux
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- arm64
- key: kubernetes.io/os
operator: In
values:
- linux
serviceAccountName: dynatrace-oneagent-operator
{{- if .Values.operator.customPullSecret }}
imagePullSecrets:
- name: {{ .Values.operator.customPullSecret }}
{{- end }}
{{- if .Values.operator.nodeSelector }}
nodeSelector: {{- toYaml .Values.operator.nodeSelector | nindent 8 }}
{{- end }}
{{- if .Values.operator.tolerations }}
tolerations: {{- toYaml .Values.operator.tolerations | nindent 8 }}
{{- end -}}

View File

@ -0,0 +1,164 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: dynatrace-oneagent-webhook
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
dynatrace.com/operator: oneagent
spec:
replicas: 1
revisionHistoryLimit: 1
selector:
matchLabels:
internal.oneagent.dynatrace.com/component: webhook
internal.oneagent.dynatrace.com/app: webhook
strategy:
type: Recreate
template:
metadata:
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 8 }}
dynatrace.com/operator: oneagent
internal.oneagent.dynatrace.com/component: webhook
internal.oneagent.dynatrace.com/app: webhook
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- amd64
- arm64
- key: beta.kubernetes.io/os
operator: In
values:
- linux
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- arm64
- key: kubernetes.io/os
operator: In
values:
- linux
containers:
- name: webhook
args:
- webhook-server
image: {{ include "dynatrace-oneagent-operator.image" . }}
imagePullPolicy: Always
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
readinessProbe:
httpGet:
path: /healthz
port: server-port
scheme: HTTPS
initialDelaySeconds: 60
periodSeconds: 10
livenessProbe:
httpGet:
path: /healthz
port: server-port
scheme: HTTPS
initialDelaySeconds: 60
periodSeconds: 10
ports:
- name: metrics
containerPort: 8383
- name: server-port
containerPort: 8443
resources:
requests:
cpu: 10m
memory: 64Mi
limits:
cpu: 100m
memory: 256Mi
volumeMounts:
- name: certs-volume
mountPath: /mnt/webhook-certs
- name: bootstrapper
args:
- webhook-bootstrapper
image: {{ include "dynatrace-oneagent-operator.image" . }}
imagePullPolicy: Always
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
ports:
- name: metrics
containerPort: 8484
- name: server-port
containerPort: 9080
readinessProbe:
httpGet:
path: /healthz
port: server-port
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 10
livenessProbe:
httpGet:
path: /healthz
port: server-port
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 10
resources:
requests:
cpu: 10m
memory: 64Mi
limits:
cpu: 100m
memory: 256Mi
volumeMounts:
- name: certs-volume
mountPath: /mnt/webhook-certs
serviceAccountName: dynatrace-oneagent-webhook
{{- if .Values.operator.customPullSecret }}
imagePullSecrets:
- name: {{ .Values.operator.customPullSecret }}
{{- end }}
{{- if .Values.operator.nodeSelector }}
nodeSelector: {{- toYaml .Values.operator.nodeSelector | nindent 8 }}
{{- end }}
{{- if .Values.operator.tolerations }}
tolerations: {{- toYaml .Values.operator.tolerations | nindent 8 }}
{{- end }}
volumes:
- name: certs-volume
emptyDir: {}

View File

@ -0,0 +1,42 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if ne .Values.platform "openshift-3-11"}}
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: dynatrace-oneagent-webhook
labels:
{{- include "dynatrace-oneagent-operator.commonlabelswebhook" . | nindent 4 }}
webhooks:
- name: webhook.oneagent.dynatrace.com
rules:
- apiGroups: [""]
apiVersions: ["v1"]
operations: ["CREATE"]
resources: ["pods"]
scope: Namespaced
namespaceSelector:
matchExpressions:
- key: oneagent.dynatrace.com/instance
operator: Exists
clientConfig:
service:
name: dynatrace-oneagent-webhook
namespace: {{ .Release.Namespace }}
path: /inject
admissionReviewVersions: ["v1beta1", "v1"]
sideEffects: None
{{ end }}

View File

@ -0,0 +1,29 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: dynatrace-oneagent-operator
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: dynatrace-oneagent-operator
namespace: {{ .Release.Namespace }}
roleRef:
kind: Role
name: dynatrace-oneagent-operator
apiGroup: rbac.authorization.k8s.io

View File

@ -0,0 +1,29 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: dynatrace-oneagent-webhook
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabelswebhook" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: dynatrace-oneagent-webhook
namespace: {{ .Release.Namespace }}
roleRef:
kind: Role
name: dynatrace-oneagent-webhook
apiGroup: rbac.authorization.k8s.io

View File

@ -0,0 +1,32 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if and (.Values.secret.autoCreate) (ne .Values.oneagent.apiUrl "")}}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.oneagent.name }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
data:
{{- if or (eq .Values.mode "fullstack") (eq .Values.oneagent.useImmutableImage true) }}
apiToken: {{ .Values.secret.apiToken | b64enc }}
{{- end }}
paasToken: {{ .Values.secret.paasToken | b64enc }}
{{- if .Values.oneagent.proxy }}
proxy: {{ .Values.oneagent.proxy | b64enc }}
{{- end }}
type: Opaque
{{- end }}

View File

@ -0,0 +1,30 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
apiVersion: v1
kind: Service
metadata:
name: dynatrace-oneagent-webhook
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabelswebhook" . | nindent 4 }}
spec:
selector:
internal.oneagent.dynatrace.com/app: webhook
internal.oneagent.dynatrace.com/component: webhook
ports:
- port: 443
protocol: TCP
targetPort: server-port

View File

@ -0,0 +1,21 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: dynatrace-oneagent-unprivileged
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}

View File

@ -0,0 +1,21 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: dynatrace-oneagent-webhook
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}

View File

@ -0,0 +1,134 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if or (eq .Values.platform "kubernetes") (eq .Values.platform "google")}}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: dynatrace-oneagent-operator
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
rules:
- apiGroups:
- dynatrace.com
resources:
- oneagents
- oneagentapms
verbs:
- get
- list
- watch
- update
- apiGroups:
- apps
resources:
- daemonsets
verbs:
- get
- list
- watch
- create
- update
- delete
- apiGroups:
- apps
resources:
- replicasets
- deployments
verbs:
- get
- list
- watch
- apiGroups:
- apps
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- "" # "" indicates the core API group
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- delete
- apiGroups:
- "" # "" indicates the core API group
resources:
- pods
verbs:
- get
- list
- watch
- delete
- apiGroups:
- "" # "" indicates the core API group
resources:
- secrets
verbs:
- create
- update
- delete
- get
- list
- watch
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- dynatrace.com
resources:
- oneagents/finalizers
- oneagents/status
- oneagentapms/finalizers
- oneagentapms/status
verbs:
- update
- apiGroups:
- networking.istio.io
resources:
- serviceentries
- virtualservices
verbs:
- get
- list
- create
- update
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- list
- create
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- update
- create
{{ end }}

View File

@ -0,0 +1,68 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if or (eq .Values.platform "kubernetes") (eq .Values.platform "google")}}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: dynatrace-oneagent-webhook
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabelswebhook" . | nindent 4 }}
rules:
- apiGroups:
- ""
resources:
- services
- configmaps
- secrets
verbs:
- get
- list
- watch
- create
- update
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- list
- watch
- apiGroups:
- dynatrace.com
resources:
- oneagentapms
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- list
- create
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- update
- create
{{ end }}

View File

@ -0,0 +1,24 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift or google" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if or (eq .Values.platform "kubernetes") (eq .Values.platform "google")}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: dynatrace-oneagent
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
{{ end }}

View File

@ -0,0 +1,24 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if or (eq .Values.platform "kubernetes") (eq .Values.platform "google")}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: dynatrace-oneagent-operator
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
{{ end }}

View File

@ -0,0 +1,58 @@
Thank you for installing {{ .Chart.Name }}.
Your release is named {{ .Release.Name }}.
To find more information about the Dynatrace OneAgent Operator, try:
https://github.com/Dynatrace/dynatrace-oneagent-operator
To verify the current state of the OneAgent deployment, try:
$ kubectl get pods -n {{ .Release.Namespace }}
$ kubectl logs -f deployment/{{ .Release.Name }} -n {{ .Release.Namespace }}
$ kubectl get oneagent {{ .Values.oneagent.name }} -n {{ .Release.Namespace }}
{{- if eq .Values.mode "apm" -}}
{{- if .Values.oneagent.image -}}
WARNING:
The following argument did not get applied since it can only be used with fullstack: oneagent.image
{{- end -}}
{{- if .Values.oneagent.args -}}
WARNING:
The following argument did not get applied since it can only be used with fullstack: oneagent.args
{{- end -}}
{{- if .Values.oneagent.env -}}
WARNING:
The following argument did not get applied since it can only be used with fullstack: oneagent.env
{{- end -}}
{{- if .Values.oneagent.nodeSelector -}}
WARNING:
The following argument did not get applied since it can only be used with fullstack: oneagent.nodeSelector
{{- end -}}
{{- if .Values.oneagent.labels -}}
WARNING:
The following argument did not get applied since it can only be used with fullstack: oneagent.labels
{{- end -}}
{{- if .Values.oneagent.disableAgentUpdate -}}
WARNING:
The following argument did not get applied since it can only be used with fullstack: oneagent.disableAgentUpdate
{{- end -}}
{{- if .Values.oneagent.dnsPolicy -}}
WARNING:
The following argument did not get applied since it can only be used with fullstack: oneagent.dnsPolicy
{{- end -}}
{{- if .Values.oneagent.resources -}}
WARNING:
The following argument did not get applied since it can only be used with fullstack: oneagent.resources
{{- end -}}
{{- if .Values.oneagent.tolerations -}}
WARNING:
The following argument did not get applied since it can only be used with fullstack: oneagent.tolerations
{{- end -}}
{{- if .Values.oneagent.waitReadySeconds -}}
WARNING:
The following argument did not get applied since it can only be used with fullstack: oneagent.waitReadySeconds
{{- end -}}
{{- if .Values.oneagent.priorityClassName -}}
WARNING:
The following argument did not get applied since it can only be used with fullstack: oneagent.priorityClassName
{{- end -}}
{{- end -}}

View File

@ -0,0 +1,45 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if eq .Values.platform "openshift-3-11"}}
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
name: dynatrace-oneagent-webhook
labels:
{{- include "dynatrace-oneagent-operator.commonlabelswebhook" . | nindent 4 }}
dynatrace.com/operator: oneagent
internal.oneagent.dynatrace.com/component: webhook
webhooks:
- name: webhook.oneagent.dynatrace.com
rules:
- apiGroups: [""]
apiVersions: ["v1"]
operations: ["CREATE"]
resources: ["pods"]
scope: Namespaced
namespaceSelector:
matchExpressions:
- key: oneagent.dynatrace.com/instance
operator: Exists
clientConfig:
service:
name: dynatrace-oneagent-webhook
namespace: dynatrace
path: /inject
admissionReviewVersions: ["v1beta1"]
{{ end }}

View File

@ -0,0 +1,134 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if eq .Values.platform "openshift-3-11" }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: dynatrace-oneagent-operator
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
rules:
- apiGroups:
- dynatrace.com
resources:
- oneagents
- oneagentapms
verbs:
- get
- list
- watch
- update
- apiGroups:
- apps
resources:
- daemonsets
verbs:
- get
- list
- watch
- create
- update
- delete
- apiGroups:
- apps
resources:
- replicasets
- deployments
verbs:
- get
- list
- watch
- apiGroups:
- apps
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- "" # "" indicates the core API group
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- delete
- apiGroups:
- "" # "" indicates the core API group
resources:
- pods
verbs:
- get
- list
- watch
- delete
- apiGroups:
- "" # "" indicates the core API group
resources:
- secrets
verbs:
- create
- update
- delete
- get
- list
- watch
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- dynatrace.com
resources:
- oneagents/finalizers
- oneagents/status
- oneagentapms/finalizers
- oneagentapms/status
verbs:
- update
- apiGroups:
- networking.istio.io
resources:
- serviceentries
- virtualservices
verbs:
- get
- list
- create
- update
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- list
- create
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- update
- create
{{ end }}

View File

@ -0,0 +1,68 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if eq .Values.platform "openshift-3-11" }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: dynatrace-oneagent-webhook
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabelswebhook" . | nindent 4 }}
rules:
- apiGroups:
- ""
resources:
- services
- configmaps
- secrets
verbs:
- get
- list
- watch
- create
- update
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- list
- watch
- apiGroups:
- dynatrace.com
resources:
- oneagentapms
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- list
- create
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- update
- create
{{ end }}

View File

@ -0,0 +1,65 @@
# Copyright 2020 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if and (eq .Values.platform "openshift-3-11") (.Values.createSecurityContextConstraints) }}
apiVersion: security.openshift.io/v1
kind: SecurityContextConstraints
metadata:
annotations:
kubernetes.io/description: "dynatrace-oneagent-privileged allows access to all privileged and host features and the ability to run as any user, any group, any fsGroup, and with any SELinux context. This is a copy of privileged scc."
name: dynatrace-oneagent-unprivileged
allowHostDirVolumePlugin: true
allowHostIPC: true
allowHostNetwork: true
allowHostPID: true
allowHostPorts: true
allowPrivilegedContainer: false
allowedCapabilities:
- CHOWN
- DAC_OVERRIDE
- DAC_READ_SEARCH
- FOWNER
- FSETID
- KILL
- NET_ADMIN
- NET_RAW
- SETFCAP
- SETGID
- SETUID
- SYS_ADMIN
- SYS_CHROOT
- SYS_PTRACE
- SYS_RESOURCE
allowedFlexVolumes: null
defaultAddCapabilities: []
fsGroup:
type: RunAsAny
priority: 1
readOnlyRootFilesystem: false
requiredDropCapabilities:
- ALL
runAsUser:
type: RunAsAny
seLinuxContext:
type: RunAsAny
seccompProfiles:
- "*"
supplementalGroups:
type: RunAsAny
users:
- system:serviceaccount:dynatrace:dynatrace-oneagent-unprivileged
volumes:
- "*"
{{ end }}

View File

@ -0,0 +1,50 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if and (eq .Values.platform "openshift-3-11") (.Values.createSecurityContextConstraints) }}
apiVersion: security.openshift.io/v1
kind: SecurityContextConstraints
metadata:
annotations:
kubernetes.io/description: "dynatrace-oneagent-privileged allows access to all privileged and host features and the ability to run as any user, any group, any fsGroup, and with any SELinux context. This is a copy of privileged scc."
name: dynatrace-oneagent-privileged
allowHostDirVolumePlugin: true
allowHostIPC: true
allowHostNetwork: true
allowHostPID: true
allowHostPorts: true
allowPrivilegedContainer: true
allowedCapabilities:
- "*"
allowedFlexVolumes: null
defaultAddCapabilities: []
fsGroup:
type: RunAsAny
priority: 1
readOnlyRootFilesystem: false
requiredDropCapabilities: []
runAsUser:
type: RunAsAny
seLinuxContext:
type: RunAsAny
seccompProfiles:
- "*"
supplementalGroups:
type: RunAsAny
users:
- system:serviceaccount:dynatrace:dynatrace-oneagent
volumes:
- "*"
{{ end }}

View File

@ -0,0 +1,25 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if eq .Values.platform "openshift-3-11" }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: dynatrace-oneagent
namespace: {{ .Release.Namespace }}
imagePullSecrets:
- name: redhat-connect
- name: redhat-connect-sso
{{ end }}

View File

@ -0,0 +1,25 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if eq .Values.platform "openshift-3-11" }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: dynatrace-oneagent-operator
namespace: {{ .Release.Namespace }}
imagePullSecrets:
- name: redhat-connect
- name: redhat-connect-sso
{{ end }}

View File

@ -0,0 +1,134 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if eq .Values.platform "openshift" }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: dynatrace-oneagent-operator
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
rules:
- apiGroups:
- dynatrace.com
resources:
- oneagents
- oneagentapms
verbs:
- get
- list
- watch
- update
- apiGroups:
- apps
resources:
- daemonsets
verbs:
- get
- list
- watch
- create
- update
- delete
- apiGroups:
- apps
resources:
- replicasets
- deployments
verbs:
- get
- list
- watch
- apiGroups:
- apps
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- "" # "" indicates the core API group
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- delete
- apiGroups:
- "" # "" indicates the core API group
resources:
- pods
verbs:
- get
- list
- watch
- delete
- apiGroups:
- "" # "" indicates the core API group
resources:
- secrets
verbs:
- create
- update
- delete
- get
- list
- watch
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- dynatrace.com
resources:
- oneagents/finalizers
- oneagents/status
- oneagentapms/finalizers
- oneagentapms/status
verbs:
- update
- apiGroups:
- networking.istio.io
resources:
- serviceentries
- virtualservices
verbs:
- get
- list
- create
- update
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- list
- create
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- update
- create
{{ end }}

View File

@ -0,0 +1,68 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if eq .Values.platform "openshift" }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: dynatrace-oneagent-webhook
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabelswebhook" . | nindent 4 }}
rules:
- apiGroups:
- ""
resources:
- services
- configmaps
- secrets
verbs:
- get
- list
- watch
- create
- update
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- list
- watch
- apiGroups:
- dynatrace.com
resources:
- oneagentapms
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- list
- create
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- update
- create
{{ end }}

View File

@ -0,0 +1,65 @@
# Copyright 2020 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if and (eq .Values.platform "openshift") (.Values.createSecurityContextConstraints) }}
apiVersion: security.openshift.io/v1
kind: SecurityContextConstraints
metadata:
annotations:
kubernetes.io/description: "dynatrace-oneagent-privileged allows access to all privileged and host features and the ability to run as any user, any group, any fsGroup, and with any SELinux context. This is a copy of privileged scc."
name: dynatrace-oneagent-unprivileged
allowHostDirVolumePlugin: true
allowHostIPC: true
allowHostNetwork: true
allowHostPID: true
allowHostPorts: true
allowPrivilegedContainer: false
allowedCapabilities:
- CHOWN
- DAC_OVERRIDE
- DAC_READ_SEARCH
- FOWNER
- FSETID
- KILL
- NET_ADMIN
- NET_RAW
- SETFCAP
- SETGID
- SETUID
- SYS_ADMIN
- SYS_CHROOT
- SYS_PTRACE
- SYS_RESOURCE
allowedFlexVolumes: null
defaultAddCapabilities: []
fsGroup:
type: RunAsAny
priority: 1
readOnlyRootFilesystem: false
requiredDropCapabilities:
- ALL
runAsUser:
type: RunAsAny
seLinuxContext:
type: RunAsAny
seccompProfiles:
- "*"
supplementalGroups:
type: RunAsAny
users:
- system:serviceaccount:dynatrace:dynatrace-oneagent-unprivileged
volumes:
- "*"
{{ end }}

View File

@ -0,0 +1,50 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if and (eq .Values.platform "openshift") (.Values.createSecurityContextConstraints) }}
apiVersion: security.openshift.io/v1
kind: SecurityContextConstraints
metadata:
annotations:
kubernetes.io/description: "dynatrace-oneagent-privileged allows access to all privileged and host features and the ability to run as any user, any group, any fsGroup, and with any SELinux context. This is a copy of privileged scc."
name: dynatrace-oneagent-privileged
allowHostDirVolumePlugin: true
allowHostIPC: true
allowHostNetwork: true
allowHostPID: true
allowHostPorts: true
allowPrivilegedContainer: true
allowedCapabilities:
- "*"
allowedFlexVolumes: null
defaultAddCapabilities: []
fsGroup:
type: RunAsAny
priority: 1
readOnlyRootFilesystem: false
requiredDropCapabilities: []
runAsUser:
type: RunAsAny
seLinuxContext:
type: RunAsAny
seccompProfiles:
- "*"
supplementalGroups:
type: RunAsAny
users:
- system:serviceaccount:dynatrace:dynatrace-oneagent
volumes:
- "*"
{{ end }}

View File

@ -0,0 +1,25 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if eq .Values.platform "openshift" }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: dynatrace-oneagent
namespace: {{ .Release.Namespace }}
imagePullSecrets:
- name: redhat-connect
- name: redhat-connect-sso
{{ end }}

View File

@ -0,0 +1,25 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes or openshift" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if eq .Values.platform "openshift" }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: dynatrace-oneagent-operator
namespace: {{ .Release.Namespace }}
imagePullSecrets:
- name: redhat-connect
- name: redhat-connect-sso
{{ end }}

View File

@ -0,0 +1,132 @@
// Copyright 2019 Dynatrace LLC
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "dynatrace-oneagent-operator.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "dynatrace-oneagent-operator.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "dynatrace-oneagent-operator.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Selector labels
*/}}
{{- define "dynatrace-operator.selectorLabels" -}}
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "dynatrace-oneagent-operator.commonlabels" -}}
{{ include "dynatrace-operator.selectorLabels" . }}
dynatrace: operator
operator: oneagent
{{- end -}}
{{/*
Common labels webhook
*/}}
{{- define "dynatrace-oneagent-operator.commonlabelswebhook" -}}
{{ include "dynatrace-operator.selectorLabels" . }}
dynatrace.com/operator: oneagent
internal.oneagent.dynatrace.com/component: webhook
{{- end -}}
{{/*
Check if platform is set
*/}}
{{- define "dynatrace-oneagent-operator.platformSet" -}}
{{- if or (eq .Values.platform "kubernetes") (eq .Values.platform "openshift") (eq .Values.platform "google") -}}
{{ default "set" }}
{{- end -}}
{{- if (eq .Values.platform "openshift-3-11") -}}
{{ default "set" }}
{{- end -}}
{{- end -}}
{{/*
Check if default oneagent image is used
*/}}
{{- define "dynatrace-oneagent.image" -}}
{{- if .Values.oneagent.image -}}
{{- printf "%s" .Values.oneagent.image -}}
{{- else -}}
{{- if eq .Values.oneagent.useImmutableImage false -}}
{{- if eq .Values.platform "kubernetes" -}}
{{- printf "docker.io/dynatrace/oneagent" }}
{{- end -}}
{{- if eq .Values.platform "openshift" -}}
{{- printf "registry.connect.redhat.com/dynatrace/oneagent" }}
{{- end -}}
{{- else -}}
{{- printf "" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Check if default operator image is used
*/}}
{{- define "dynatrace-oneagent-operator.image" -}}
{{- if .Values.operator.image -}}
{{- printf "%s" .Values.operator.image -}}
{{- else -}}
{{- if eq .Values.platform "google" -}}
{{- printf "%s:%s" "gcr.io/dynatrace-marketplace-prod/dynatrace-oneagent-operator" "{{ .Chart.AppVersion }}" }}
{{- else -}}
{{- printf "%s:v%s" "docker.io/dynatrace/dynatrace-oneagent-operator" .Chart.AppVersion }}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Check for correct oneagentapm name
*/}}
{{- define "oneagentapm.name" -}}
{{- if eq .Values.mode "apm" }}
{{- if eq .Values.oneagent.name "oneagent" -}}
{{- printf "oneagentapm" -}}
{{- else -}}
{{- printf "%s" .Values.oneagent.name -}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@ -0,0 +1,89 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- $platformIsSet := printf "%s" (required "Platform needs to be set to kubernetes, openshift or openshift-3-11" (include "dynatrace-oneagent-operator.platformSet" .))}}
{{- if eq .Values.platform "google"}}
---
apiVersion: app.k8s.io/v1beta1
kind: Application
metadata:
name: {{ .Release.Name }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "dynatrace-oneagent-operator.commonlabels" . | nindent 4 }}
annotations:
kubernetes-engine.cloud.google.com/icon: data:image/png;base64,{{ .Files.Get "logo.png" | b64enc }}
marketplace.cloud.google.com/deploy-info: '{"partner_id": "dynatrace-marketplace-prod", "product_id": "dynatrace-oneagent-operator", "partner_name": "Dynatrace LLC"}'
spec:
descriptor:
type: "Dynatrace OneAgent Operator"
version: "0.10.0"
maintainers:
- name: Dynatrace LLC
url: https://www.dynatrace.com/
keywords:
- "dynatrace"
- "operator"
- "oneagent"
- "k8s"
- "monitoring"
- "apm"
description: |
The Dynatrace OneAgent Operator allows users to easily deploy full-stack monitoring for [Kubernetes clusters](https://www.dynatrace.com/technologies/kubernetes-monitoring/). The Dynatrace OneAgent automatically monitors workloads in containers down to the code and request level.
For deployment instructions please consult the [Operator Deploy Guide](https://www.dynatrace.com/support/help/shortlink/kubernetes-deploy).
links:
- description: Dynatrace Website
url: https://www.dynatrace.com/
- description: Operator Deploy Guide
url: https://www.dynatrace.com/support/help/shortlink/kubernetes-deploy
- description: Kubernetes Monitoring Info
url: https://www.dynatrace.com/technologies/kubernetes-monitoring
selector:
matchLabels:
app.kubernetes.io/name: "{{ .Release.Name }}"
componentKinds:
- group: dynatrace.com/v1alpha1
kind: OneAgent
- group: dynatrace.com/v1alpha1
kind: OneAgentAPM
- group: apps/v1
kind: DaemonSet
- group: v1
kind: Pod
- group: v1
kind: ConfigMap
- group: apps/v1
kind: Deployment
- group: v1
kind: Secret
- group: batch/v1
kind: Job
- group: v1
kind: Service
- group: v1
kind: ServiceAccount
- group: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
- group: rbac.authorization.k8s.io/v1
kind: ClusterRole
- group: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
- group: rbac.authorization.k8s.io/v1
kind: Role
- group: rbac.authorization.k8s.io/v1
kind: RoleBinding
{{end}}

View File

@ -0,0 +1,70 @@
# Copyright 2019 Dynatrace LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# may be set to "kubernetes", "openshift", "openshift-3-11", "google"
platform: "kubernetes"
mode: "fullstack"
# Only applicable for Openshift
createSecurityContextConstraints: true
operator:
image: ""
customPullSecret: ""
# The expected format is YAML and not a string
nodeSelector: ""
# The expected format is YAML and not a string
tolerations: ""
oneagent:
name: "oneagent"
apiUrl: ""
image: ""
# The expected format is YAML and not a string
args: ""
# The expected format is YAML and not a string
env: ""
# The expected format is YAML and not a string
nodeSelector: ""
# The expected format is YAML and not a string
labels: ""
skipCertCheck: false
disableAgentUpdate: false
enableIstio: false
dnsPolicy: ""
# resources:
# requests:
# cpu: 100m
# memory: 512Mi
# limits:
# cpu: 300m
# memory: 1.5Gi
# The expected format is YAML and not a string
tolerations: ""
waitReadySeconds: null
priorityClassName: ""
serviceAccountName: ""
proxy: ""
trustedCAs: ""
networkZone: ""
useUnprivilegedMode: true
useImmutableImage: false
agentVersion: ""
customPullSecret: ""
flavor: ""
secret:
autoCreate: true
apiToken: ""
paasToken: ""

View File

@ -823,6 +823,30 @@ entries:
- assets/datadog/datadog-2.4.200.tgz
version: 2.4.200
dynatrace-oneagent-operator:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Dynatrace Oneagent Operator
catalog.cattle.io/release-name: dynatrace-oneagent-operator
apiVersion: v2
appVersion: 0.10.2
created: "2021-11-23T09:20:04.285619054+01:00"
description: The Dynatrace OneAgent Operator Helm chart for Kubernetes and Openshift
digest: ccc0483eeb2993ac47f09721d96307efb99f60dfe1d72f9746b832bc6fa7a361
home: https://www.dynatrace.com/
icon: https://assets.dynatrace.com/global/resources/Signet_Logo_RGB_CP_512x512px.png
kubeVersion: '>= 1.19'
maintainers:
- email: marco.mader@dynatrace.com
name: DTMad
- email: michael.mayr@dynatrace.com
name: mmayr-at
name: dynatrace-oneagent-operator
sources:
- https://github.com/Dynatrace/helm-charts
type: application
urls:
- assets/dynatrace-oneagent-operator/dynatrace-oneagent-operator-0.10.201.tgz
version: 0.10.201
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/release-name: dynatrace-oneagent-operator

View File

@ -0,0 +1,15 @@
apiVersion: v2
appVersion: 0.10.2
description: The Dynatrace OneAgent Operator Helm chart for Kubernetes and Openshift
home: https://www.dynatrace.com/
icon: https://assets.dynatrace.com/global/resources/Signet_Logo_RGB_CP_512x512px.png
maintainers:
- email: marco.mader@dynatrace.com
name: DTMad
- email: michael.mayr@dynatrace.com
name: mmayr-at
name: dynatrace-oneagent-operator
sources:
- https://github.com/Dynatrace/helm-charts
type: application
version: 0.10.2

View File

@ -1,9 +1,11 @@
--- charts-original/Chart.yaml
+++ charts/Chart.yaml
@@ -15,3 +15,6 @@
@@ -13,3 +13,8 @@
- https://github.com/Dynatrace/helm-charts
type: application
version: 0.8.0
version: 0.10.2
+kubeVersion: ">= 1.19"
+annotations:
+ catalog.cattle.io/certified: partner
+ catalog.cattle.io/release-name: dynatrace-oneagent-operator
+ catalog.cattle.io/display-name: Dynatrace Oneagent Operator

View File

@ -1,9 +0,0 @@
--- charts-original/questions.yml
+++ charts/questions.yml
@@ -1,6 +1,3 @@
-categories:
-- APM
-- Monitoring
questions:
#################### Agent Configuration (REQUIRED) ####################

View File

@ -1,2 +1,2 @@
url: https://raw.githubusercontent.com/Dynatrace/helm-charts/master/repos/stable/dynatrace-oneagent-operator-0.8.0.tgz
url: https://raw.githubusercontent.com/Dynatrace/helm-charts/master/repos/stable/dynatrace-oneagent-operator-0.10.2.tgz
packageVersion: 01