319 lines
14 KiB
YAML
319 lines
14 KiB
YAML
# name is the value which will be used as the base resource name for various resources associated with the agent.
|
|
# name: instana-agent
|
|
|
|
agent:
|
|
# agent.mode is used to set agent mode and it can be APM, INFRASTRUCTURE or AWS
|
|
# mode: APM
|
|
|
|
# agent.key is the secret token which your agent uses to authenticate to Instana's servers.
|
|
key: null
|
|
# agent.downloadKey is key, sometimes known ass "sales key", that allows you to download,
|
|
# software from Instana.
|
|
# downloadKey: null
|
|
|
|
# Rather than specifying the agent key and optionally the download key, you can "bring your
|
|
# own secret" creating it in the namespace in which you install the `instana-agent` and
|
|
# specify its name in the `keysSecret` field. The secret you create must contains
|
|
# a field called `key` and optionally one called `downloadKey`, which contain, respectively,
|
|
# the values you'd otherwise set in `.agent.key` and `agent.downloadKey`.
|
|
# keysSecret: null
|
|
|
|
# agent.listenAddress is the IP address the agent HTTP server will listen to.
|
|
# listenAddress: "*"
|
|
|
|
# agent.endpointHost is the hostname of the Instana server your agents will connect to.
|
|
endpointHost: ingress-red-saas.instana.io
|
|
# agent.endpointPort is the port number (as a String) of the Instana server your agents will connect to.
|
|
endpointPort: 443
|
|
|
|
# These are additional backends the Instana agent will report to besides
|
|
# the one configured via the `agent.endpointHost`, `agent.endpointPort` and `agent.key` setting
|
|
additionalBackends: []
|
|
# - endpointHost: ingress.instana.io
|
|
# endpointPort: 443
|
|
# key: <agent_key>
|
|
|
|
# TLS for end-to-end encryption between Instana agent and clients accessing the agent.
|
|
# The Instana agent does not yet allow enforcing TLS encryption.
|
|
# TLS is only enabled on a connection when requested by the client.
|
|
tls:
|
|
# In order to enable TLS, a secret of type kubernetes.io/tls must be specified.
|
|
# secretName is the name of the secret that has the relevant files.
|
|
# secretName: null
|
|
# Otherwise, the certificate and the private key must be provided as base64 encoded.
|
|
# certificate: null
|
|
# key: null
|
|
|
|
image:
|
|
# agent.image.name is the name of the container image of the Instana agent.
|
|
name: icr.io/instana/agent
|
|
# agent.image.digest is the digest (a.k.a. Image ID) of the agent container image; if specified, it has priority over agent.image.tag, which will be ignored.
|
|
#digest:
|
|
# agent.image.tag is the tag name of the agent container image; if agent.image.digest is specified, this property is ignored.
|
|
tag: latest
|
|
# agent.image.pullPolicy specifies when to pull the image container.
|
|
pullPolicy: Always
|
|
# agent.image.pullSecrets allows you to override the default pull secret that is created when agent.image.name starts with "containers.instana.io"
|
|
# Setting agent.image.pullSecrets prevents the creation of the default "containers-instana-io" secret.
|
|
# pullSecrets:
|
|
# - name: my_awesome_secret_instead
|
|
# If you want no imagePullSecrets to be specified in the agent pod, you can just pass an empty array to agent.image.pullSecrets
|
|
# pullSecrets: []
|
|
|
|
# The minimum number of seconds for which a newly created Pod should be ready without any of its containers crashing, for it to be considered available
|
|
minReadySeconds: 0
|
|
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
rollingUpdate:
|
|
maxUnavailable: 1
|
|
|
|
pod:
|
|
# agent.pod.annotations are additional annotations to be added to the agent pods.
|
|
annotations: {}
|
|
|
|
# agent.pod.labels are additional labels to be added to the agent pods.
|
|
labels: {}
|
|
|
|
# agent.pod.tolerations are tolerations to influence agent pod assignment.
|
|
# https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
tolerations: []
|
|
|
|
# agent.pod.affinity are affinities to influence agent pod assignment.
|
|
# https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
affinity: {}
|
|
|
|
# agent.pod.priorityClassName is the name of an existing PriorityClass that should be set on the agent pods
|
|
# https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
|
|
priorityClassName: null
|
|
|
|
# agent.pod.requests and agent.pod.limits adjusts the resource assignments for the DaemonSet agent
|
|
# regardless of the kubernetes.deployment.enabled setting
|
|
requests:
|
|
# agent.pod.requests.memory is the requested memory allocation in MiB for the agent pods.
|
|
memory: 768Mi
|
|
# agent.pod.requests.cpu are the requested CPU units allocation for the agent pods.
|
|
cpu: 0.5
|
|
limits:
|
|
# agent.pod.limits.memory set the memory allocation limits in MiB for the agent pods.
|
|
memory: 768Mi
|
|
# agent.pod.limits.cpu sets the CPU units allocation limits for the agent pods.
|
|
cpu: 1.5
|
|
|
|
# agent.proxyHost sets the INSTANA_AGENT_PROXY_HOST environment variable.
|
|
# proxyHost: null
|
|
# agent.proxyPort sets the INSTANA_AGENT_PROXY_PORT environment variable.
|
|
# proxyPort: 80
|
|
# agent.proxyProtocol sets the INSTANA_AGENT_PROXY_PROTOCOL environment variable.
|
|
# proxyProtocol: HTTP
|
|
# agent.proxyUser sets the INSTANA_AGENT_PROXY_USER environment variable.
|
|
# proxyUser: null
|
|
# agent.proxyPassword sets the INSTANA_AGENT_PROXY_PASSWORD environment variable.
|
|
# proxyPassword: null
|
|
# agent.proxyUseDNS sets the INSTANA_AGENT_PROXY_USE_DNS environment variable.
|
|
# proxyUseDNS: false
|
|
|
|
# use this to set additional environment variables for the instana agent
|
|
# for example:
|
|
# env:
|
|
# INSTANA_AGENT_TAGS: dev
|
|
env: {}
|
|
|
|
configuration:
|
|
# When setting this to true, the Helm chart will automatically look up the entries
|
|
# of the default instana-agent ConfigMap, and mount as agent configuration files
|
|
# under /opt/instana/agent/etc/instana all entries with keys that match the
|
|
# 'configuration-*.yaml' scheme
|
|
#
|
|
# IMPORTANT: Needs Helm 3.1+ as it is built on the `lookup` function
|
|
# IMPORTANT: Editing the ConfigMap adding keys requires a `helm upgrade` to take effect
|
|
autoMountConfigEntries: false
|
|
|
|
# When setting this to true, the updates of the default instana-agent ConfigMap
|
|
# will be reflected in the pod without requiring a pod restart
|
|
hotreloadEnabled: false
|
|
|
|
configuration_yaml: |
|
|
# Manual a-priori configuration. Configuration will be only used when the sensor
|
|
# is actually installed by the agent.
|
|
# The commented out example values represent example configuration and are not
|
|
# necessarily defaults. Defaults are usually 'absent' or mentioned separately.
|
|
# Changes are hot reloaded unless otherwise mentioned.
|
|
|
|
# It is possible to create files called 'configuration-abc.yaml' which are
|
|
# merged with this file in file system order. So 'configuration-cde.yaml' comes
|
|
# after 'configuration-abc.yaml'. Only nested structures are merged, values are
|
|
# overwritten by subsequent configurations.
|
|
|
|
# Secrets
|
|
# To filter sensitive data from collection by the agent, all sensors respect
|
|
# the following secrets configuration. If a key collected by a sensor matches
|
|
# an entry from the list, the value is redacted.
|
|
#com.instana.secrets:
|
|
# matcher: 'contains-ignore-case' # 'contains-ignore-case', 'contains', 'regex'
|
|
# list:
|
|
# - 'key'
|
|
# - 'password'
|
|
# - 'secret'
|
|
|
|
# Host
|
|
#com.instana.plugin.host:
|
|
# tags:
|
|
# - 'dev'
|
|
# - 'app1'
|
|
|
|
# Hardware & Zone
|
|
#com.instana.plugin.generic.hardware:
|
|
# enabled: true # disabled by default
|
|
# availability-zone: 'zone'
|
|
|
|
# agent.redactKubernetesSecrets sets the INSTANA_KUBERNETES_REDACT_SECRETS environment variable.
|
|
# redactKubernetesSecrets: null
|
|
|
|
# agent.host.repository sets a host path to be mounted as the agent maven repository (for debugging or development purposes)
|
|
host:
|
|
repository: null
|
|
|
|
cluster:
|
|
# cluster.name represents the name that will be assigned to this cluster in Instana
|
|
name: null
|
|
|
|
leaderElector:
|
|
image:
|
|
# leaderElector.image.name is the name of the container image of the leader elector.
|
|
name: icr.io/instana/leader-elector
|
|
# leaderElector.image.digest is the digest (a.k.a. Image ID) of the leader elector container image; if specified, it has priority over leaderElector.image.digest, which will be ignored.
|
|
#digest:
|
|
# leaderElector.image.tag is the tag name of the agent container image; if leaderElector.image.digest is specified, this property is ignored.
|
|
tag: 0.5.19
|
|
port: 42655
|
|
|
|
# openshift specifies whether the cluster role should include openshift permissions and other tweaks to the YAML.
|
|
# The chart will try to auto-detect if the cluster is OpenShift, so you will likely not even need to set this explicitly.
|
|
# openshift: true
|
|
|
|
rbac:
|
|
# Specifies whether RBAC resources should be created
|
|
create: true
|
|
|
|
service:
|
|
# Specifies whether to create the instana-agent service to expose within the cluster the Prometheus remote-write, OpenTelemetry GRCP endpoint and other APIs
|
|
# Note: Requires Kubernetes 1.17+, as it uses topologyKeys
|
|
create: true
|
|
|
|
#opentelemetry:
|
|
# enabled: false # legacy setting, will only enable grpc, defaults to false
|
|
# grpc:
|
|
# enabled: false # takes precedence over legacy settings above, defaults to true if "grpc:" is present
|
|
# http:
|
|
# enabled: false # allows to enable http endpoints, defaults to true if "http:" is present
|
|
|
|
prometheus:
|
|
remoteWrite:
|
|
enabled: false # If true, it will also apply `service.create=true`
|
|
|
|
serviceAccount:
|
|
# Specifies whether a ServiceAccount should be created
|
|
create: true
|
|
# The name of the ServiceAccount to use.
|
|
# If not set and `create` is true, a name is generated using the fullname template
|
|
# name: instana-agent
|
|
# Annotations to add to the service account
|
|
annotations: {}
|
|
|
|
podSecurityPolicy:
|
|
# Specifies whether a PodSecurityPolicy should be authorized for the Instana Agent pods.
|
|
# Requires `rbac.create` to be `true` as well and K8s version below v1.25.
|
|
enable: false
|
|
# The name of an existing PodSecurityPolicy you would like to authorize for the Instana Agent pods.
|
|
# If not set and `enable` is true, a PodSecurityPolicy will be created with a name generated using the fullname template.
|
|
name: null
|
|
|
|
zone:
|
|
# zone.name is the custom zone that detected technologies will be assigned to
|
|
name: null
|
|
|
|
k8s_sensor:
|
|
image:
|
|
# k8s_sensor.image.name is the name of the container image of the Instana agent.
|
|
name: icr.io/instana/k8sensor
|
|
# k8s_sensor.image.digest is the digest (a.k.a. Image ID) of the agent container image; if specified, it has priority over agent.image.tag, which will be ignored.
|
|
#digest:
|
|
# k8s_sensor.image.tag is the tag name of the agent container image; if agent.image.digest is specified, this property is ignored.
|
|
tag: latest
|
|
# k8s_sensor.image.pullPolicy specifies when to pull the image container.
|
|
pullPolicy: Always
|
|
deployment:
|
|
# Specifies whether or not to enable the Deployment and turn off the Kubernetes sensor in the DaemonSet
|
|
enabled: true
|
|
# Use three replicas to ensure the HA by the default.
|
|
replicas: 3
|
|
# k8s_sensor.deployment.pod adjusts the resource assignments for the agent independently of the DaemonSet agent when k8s_sensor.deployment.enabled=true
|
|
pod:
|
|
requests:
|
|
# k8s_sensor.deployment.pod.requests.memory is the requested memory allocation in MiB for the agent pods.
|
|
memory: 128Mi
|
|
# k8s_sensor.deployment.pod.requests.cpu are the requested CPU units allocation for the agent pods.
|
|
cpu: 10m
|
|
limits:
|
|
# k8s_sensor.deployment.pod.limits.memory set the memory allocation limits in MiB for the agent pods.
|
|
memory: 1536Mi
|
|
# k8s_sensor.deployment.pod.limits.cpu sets the CPU units allocation limits for the agent pods.
|
|
cpu: 500m
|
|
affinity:
|
|
podAntiAffinity:
|
|
# Soft anti-affinity policy: try not to schedule multiple kubernetes-sensor pods on the same node.
|
|
# If the policy is set to "requiredDuringSchedulingIgnoredDuringExecution", if the cluster has
|
|
# fewer nodes than the amount of desired replicas, `helm install/upgrade --wait` will not return.
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 100
|
|
podAffinityTerm:
|
|
labelSelector:
|
|
matchExpressions:
|
|
- key: instana/agent-mode
|
|
operator: In
|
|
values: [ KUBERNETES ]
|
|
topologyKey: "kubernetes.io/hostname"
|
|
# The minimum number of seconds for which a newly created Pod should be ready without any of its containers crashing, for it to be considered available
|
|
minReadySeconds: 0
|
|
podDisruptionBudget:
|
|
# Specifies whether or not to setup a pod disruption budget for the k8sensor deployment
|
|
enabled: false
|
|
|
|
kubernetes:
|
|
# Configures use of a Deployment for the Kubernetes sensor rather than as a potential member of the DaemonSet. Is only accepted if k8s_sensor.deployment.enabled=false
|
|
deployment:
|
|
# Specifies whether or not to enable the Deployment and turn off the Kubernetes sensor in the DaemonSet
|
|
enabled: false
|
|
# Use a single replica, the impact will generally be low and we need to address a host of other concerns where clusters are large.
|
|
replicas: 1
|
|
# The minimum number of seconds for which a newly created Pod should be ready without any of its containers crashing, for it to be considered available
|
|
minReadySeconds: 0
|
|
# kubernetes.deployment.pod adjusts the resource assignments for the agent independently of the DaemonSet agent when kubernetes.deployment.enabled=true
|
|
pod:
|
|
requests:
|
|
# kubernetes.deployment.pod.requests.memory is the requested memory allocation in MiB for the agent pods.
|
|
memory: 1024Mi
|
|
# kubernetes.deployment.pod.requests.cpu are the requested CPU units allocation for the agent pods.
|
|
cpu: 720m
|
|
limits:
|
|
# kubernetes.deployment.pod.limits.memory set the memory allocation limits in MiB for the agent pods.
|
|
memory: 3072Mi
|
|
# kubernetes.deployment.pod.limits.cpu sets the CPU units allocation limits for the agent pods.
|
|
cpu: 4
|
|
|
|
# zones:
|
|
# # Configure use of zones to use tolerations as the basis to associate a specific daemonset per tainted node pool
|
|
# - name: pool-01
|
|
# tolerations:
|
|
# - key: "pool"
|
|
# operator: "Equal"
|
|
# value: "pool-01"
|
|
# effect: "NoExecute"
|
|
# - name: pool-02
|
|
# tolerations:
|
|
# - key: "pool"
|
|
# operator: "Equal"
|
|
# value: "pool-02"
|
|
# effect: "NoExecute"
|