This repository has been archived by the owner on Dec 11, 2023. It is now read-only.
v0.8.0
New: Kubernetes Webhook for OneAgent injection on application-only mode
This automates the deployment of Dynatrace's application-only injection at container runtime, including a new init container, and other required configuration.
For this feature, we've also added a new Custom Resource Definition, OneAgentAPM
, where you can configure the tenant and credentials to use for the injection.
The feature can be enabled by creating an OneAgentAPM object, and then adding a label oneagent.dynatrace.com/instance: <OneAgentAPM object name>
to each namespace you want to monitor. All Pods created from now on that belong to those namespaces will now be processed by Operator webhook.
The Operator will:
- Add an initContainer to each Pod to be monitored, in charge of downloading the OneAgent app-only package.
- Configure the required environment variables and volumes on each container for them to have injection.
- Replicate the credentials to monitored namespaces, so that they are available for the initContainer.
Changelog
Features
- Implement webhook to inject the OneAgent in App-only mode (#234, #237, #239, #250)
- This feature can be enabled by setting the label
oneagent.dynatrace.com/instance: <oneagentapm-object-name>
on the namespaces to monitor. - CA and server certificates are generated for the webhook by the Operator, and renewed automatically after 365 and 7 days, respectively (#244)
- OneAgent app-only package and logs will be stored on
/opt/dynatrace/oneagent-paas
inside the containers by default. It can be configured with theoneagent.dynatrace.com/install-path
annotation on Pods (#251) - OneAgent app-only package will be downloaded from the provided tenant by default. It can be configured with the
oneagent.dynatrace.com/installer-url
annotation on Pods (#258, #264) - Certificates location can be configured on the webhook server with the
--certs-dir
,--cert
, and--cert-key
command line arguments (#261)
- This feature can be enabled by setting the label
- Added a setting to configure a NetworkZone via the CR (#270)
Bug fixes
- Phase now gets set to 'Deploying' while the OneAgent gets updated (#267)
Other changes
- Removed kubernetes.yaml and openshift.yaml from master and generate them with kustomize instead (#238, #254)
- Updated the Go version from 1.13 to 1.14 (#242)
- Updated the Operator SDK version from 0.15.0 to 0.17.0 (#243)
- The different operator and webhook modes are encapsulated in a single binary (#252, #253)
- Webhook's init container only downloads 64bits package (#256)
- Include Service and MutatingWebhookConfiguration objects in manifests (#262, #266)
- Upgrade base image to ubi-minimal:8.2 (#255)
- Include Operator version as a custom property for hosts (#212)
- Ignore hosts that haven't been seen in the last 30 minutes when looking for hosts (#271,
#257) - Adjust permissions for the webhook (#263)
- Refactor workflow from OneAgent controller (#268)
- Automatically update conditions if migrating from earlier Operator versions (#269)
- Remove unused metadata from webhook-injected Pods (#272)
- Changes in preparation for v0.8.0 release (#273, #274)
Upgrading
The Operator can be upgraded from 0.7.1 with,
# Kubernetes
$ kubectl apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/download/v0.8.0/kubernetes.yaml
# Openshift
$ oc apply -f https://github.com/Dynatrace/dynatrace-oneagent-operator/releases/download/v0.8.0/openshift.yaml