Skip to content

Datadog Cluster Agent 1.20.0

Choose a tag to compare

View all tags
@vboulineau vboulineau released this 19 Jul 16:03
· 26088 commits to main since this release
dca-1.20.0
d42cb11
This commit was signed with the committer’s verified signature.
vboulineau Vincent Boulineau
GPG key ID: A8CD01780ED0570C
Verified
Learn about vigilant mode.

Prelude

Released on: 2022-05-22
Pinned to datadog-agent v7.36.0: CHANGELOG

New Features

  • The Datadog Admission Controller supports multiple configuration injection
    modes through the admission_controller.inject_config.mode parameter
    or the DD_ADMISSION_CONTROLLER_INJECT_CONFIG_MODE environment variable:

    • hostip: Inject the host IP. (default)
    • service: Inject Datadog's local-service DNS name.
    • socket: Inject the Datadog socket path.

  • Collect ResourceRequirements for jobs and cronjobs for kubernetes live containers.

Enhancement Notes

  • Added a configuration option to admission controller to allow
    configuration of the failure policy. Defaults to Ignore which
    was the previous default. The default of Ignore means that pods
    will still be admitted even if the webhook is unavailable to
    inject them. Setting to Fail will require the admission controller
    to be present and pods to be injected before they are allowed to run.

  • The admission controller's reinvocation policy is now set to IfNeeded by default.
    It can be changed using the admission_controller.reinvocation_policy parameter.

  • The Datadog Cluster Agent now supports internal profiling.

  • KSM core check: add a new kubernetes_state.cronjob.complete
    service check that returns the status of the most recent job for
    a cronjob.

Security Notes

  • Cluster Agent API (only used by Node Agents) is now only server with TLS >= 1.3 by default. Setting "cluster_agent.allow_legacy_tls" to true allows to fallback to TLS 1.0.

Bug Fixes

  • Fix the node count reported for Kubernetes clusters.

  • Fixed an issue that created lots of log messages when the DCA admission controller was enabled on AKS.

  • Time-based metrics (for example, kubernetes_state.pod.age, kubernetes_state.pod.uptime) are now comparable in the Kubernetes state core check.

  • Fix a risk of panic when multiple KSM Core check instances run concurrently.

  • Remove noisy Kubernetes API deprecation warnings in the Cluster Agent logs.

Other Notes

  • Change the default value of the external metrics provider port from 443 to 8443.
    This will allow to run the cluster agent with a non-root user for better security.
    This was already the default value in the Helm chart and in the datadog operator.
Assets 2
Loading