How to disable control plane monitoring for gke?

[jtim08515]

Currently, we have the helm chart deployed to monitor our k8s clusters in gke. I noticed the controlplane daemonset was deployed but it not associated to any nodes. I believe this is because we are on gke which is a managed kubernetes solution which means we do not have access to the master nodes. What is the proper way to prevent the daemonset from being created since it wont be utilized in GKE? I've looked at the newrelic documentation but it's still not clear on what to do.

[workato-integration]

https://issues.newrelic.com/browse/NR-141577

[iSuslov]

Same issue here. GKE Autopilot.

Error: 1 error occurred:
* admission webhook "warden-validating.common-webhooks.networking.gke.io" denied the request: GKE Warden rejected the request because it violates one or more constraints.
Violations details: {"[denied by autogke-disallow-hostnamespaces]":["enabling hostNetwork is not allowed in Autopilot."],"[denied by autogke-no-host-port]":["container forwarder specifies host ports [8001], which are disallowed in Autopilot."],"[denied by autogke-node-affinity-selector-limitation]":["Key 'node-role.kubernetes.io/control-plane' is not allowed with node affinity; Autopilot only allows labels with keys: cloud.google.com/compute-class,cloud.google.com/gke-spot,cloud.google.com/gke-placement-group,topology.kubernetes.io/region,topology.kubernetes.io/zone,failure-domain.beta.kubernetes.io/region,failure-domain.beta.kubernetes.io/zone,cloud.google.com/gke-os-distribution,kubernetes.io/os,kubernetes.io/arch,cloud.google.com/private-node,sandbox.gke.io/runtime,cloud.google.com/gke-accelerator,cloud.google.com/gke-accelerator-count,iam.gke.io/gke-metadata-server-enabled.","Key 'node-role.kubernetes.io/controlplane' is not allowed with node affinity; Autopilot only allows labels with keys: cloud.google.com/compute-class,cloud.google.com/gke-spot,cloud.google.com/gke-placement-group,topology.kubernetes.io/region,topology.kubernetes.io/zone,failure-domain.beta.kubernetes.io/region,failure-domain.beta.kubernetes.io/zone,cloud.google.com/gke-os-distribution,kubernetes.io/os,kubernetes.io/arch,cloud.google.com/private-node,sandbox.gke.io/runtime,cloud.google.com/gke-accelerator,cloud.google.com/gke-accelerator-count,iam.gke.io/gke-metadata-server-enabled.","Key 'node-role.kubernetes.io/etcd' is not allowed with node affinity; Autopilot only allows labels with keys: cloud.google.com/compute-class,cloud.google.com/gke-spot,cloud.google.com/gke-placement-group,topology.kubernetes.io/region,topology.kubernetes.io/zone,failure-domain.beta.kubernetes.io/region,failure-domain.beta.kubernetes.io/zone,cloud.google.com/gke-os-distribution,kubernetes.io/os,kubernetes.io/arch,cloud.google.com/private-node,sandbox.gke.io/runtime,cloud.google.com/gke-accelerator,cloud.google.com/gke-accelerator-count,iam.gke.io/gke-metadata-server-enabled.","Key 'node-role.kubernetes.io/master' is not allowed with node affinity; Autopilot only allows labels with keys: cloud.google.com/compute-class,cloud.google.com/gke-spot,cloud.google.com/gke-placement-group,topology.kubernetes.io/region,topology.kubernetes.io/zone,failure-domain.beta.kubernetes.io/region,failure-domain.beta.kubernetes.io/zone,cloud.google.com/gke-os-distribution,kubernetes.io/os,kubernetes.io/arch,cloud.google.com/private-node,sandbox.gke.io/runtime,cloud.google.com/gke-accelerator,cloud.google.com/gke-accelerator-count,iam.gke.io/gke-metadata-server-enabled."]}

Second day it is wasting my time.
This thread is locked more than a year.

[davidgit]

Hi ,

The next best step is to visit New Relic Support, where you can engage the New Relic Support Community or open a support ticket depending on your support level. The support team is best positioned to assist with your specific needs.

Please provide a link to this GitHub issue when submitting your community post or support ticket.

Thanks!