mhubig · February 1, 2020 10:33
diff --git a/dd-all.yaml b/dd-all.yaml
 apiVersion: apps/v1
 kind: DaemonSet
 metadata:
  name: datadog-agent
  namespace: datadog-agent
  labels:
    app: datadog-agent
 spec:
  selector:
    matchLabels:
      app: datadog-agent
  template:
    metadata:
      labels:
        app: datadog-agent
      name: datadog-agent
    spec:
      serviceAccountName: datadog-agent
      containers:
        - image: datadog/agent:latest
          imagePullPolicy: Always
          name: datadog-agent
          resources: # QoS class of Guaranteed
           limits:
             cpu: 250m
             memory: 512Mi
           requests:
             cpu: 250m
             memory: 512Mi
          livenessProbe:
            exec:
              command:
                - ./probe.sh
            initialDelaySeconds: 15
            periodSeconds: 5
          ports:
            # Custom metrics via DogStatsD - enables custom metrics collection
            - containerPort: 8125
              hostPort: 8125
              name: dogstatsdport
              protocol: UDP
            # Trace Collection (APM) - enables APM
            - containerPort: 8126
              hostPort: 8126
              name: traceport
              protocol: TCP
          env:
            - name: DD_API_KEY
              valueFrom:
                secretKeyRef:
                  name: datadog-secret
                  key: api-key
            - name: DD_SITE
              value: "datadoghq.eu"
            - name: DD_COLLECT_KUBERNETES_EVENTS
              value: "true"
            - name: DD_LEADER_ELECTION
              value: "true"
            - name: KUBERNETES
              value: "true"
            - name: DD_KUBERNETES_KUBELET_HOST
              valueFrom:
                fieldRef:
                  fieldPath: status.hostIP
            - name: DD_APM_ENABLED
              value: "true"
            - name: DD_LOGS_ENABLED
              value: "true"
            - name: DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL
              value: "true"
            - name: DD_PROCESS_AGENT_ENABLED
              value: "true"
            - name: DD_LOG_LEVEL
              value: warn
            - name: DD_APM_NON_LOCAL_TRAFFIC
              value: "true"
          volumeMounts:
            - name: dockersocket
              mountPath: /var/run/docker.sock
            - name: procdir
              mountPath: /host/proc
              readOnly: true
            - name: cgroups
              mountPath: /host/sys/fs/cgroup
              readOnly: true
            - name: passwd
              mountPath: /etc/passwd
              readOnly: true
            - name: pointdir
              mountPath: /opt/datadog-agent/run
      volumes:
        - name: dockersocket
          hostPath:
            path: /var/run/docker.sock
        - name: procdir
          hostPath:
            path: /proc
        - name: cgroups
          hostPath:
            path: /sys/fs/cgroup
        - name: passwd
          hostPath:
            path: /etc/passwd
        - name: pointdir
          hostPath:
            path: /var/run/datadog-agent
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: datadog-agent
 rules:
 - apiGroups:
  - ""
  resources:
  - services
  - events
  - endpoints
  - pods
  - nodes
  - componentstatuses
  verbs:
  - get
  - list
  - watch
 - apiGroups: ["quota.openshift.io"]
  resources:
  - clusterresourcequotas
  verbs:
  - get
  - list
 - apiGroups:
  - ""
  resources:
  - configmaps
  resourceNames:
  - datadogtoken             # Kubernetes event collection state
  - datadog-leader-election  # Leader election token
  verbs:
  - get
  - update
 - apiGroups:  # To create the leader election token
  - ""
  resources:
  - configmaps
  verbs:
  - create
 - nonResourceURLs:
  - "/version"
  - "/healthz"
  - "/metrics"
  verbs:
  - get
 - apiGroups:  # Kubelet connectivity
  - ""
  resources:
  - nodes/metrics
  - nodes/spec
  - nodes/proxy
  - nodes/stats
  verbs:
  - get
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  name: datadog-agent
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: datadog-agent
 subjects:
 - kind: ServiceAccount
  name: datadog-agent
  namespace: datadog-agent
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
  name: datadog-agent
  labels:
    name: datadog-agent
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: datadog-agent
  namespace: datadog-agent
	apiVersion: apps/v1
	kind: DaemonSet
	metadata:
	name: datadog-agent
	namespace: datadog-agent
	labels:
	app: datadog-agent
	spec:
	selector:
	matchLabels:
	app: datadog-agent
	template:
	metadata:
	labels:
	app: datadog-agent
	name: datadog-agent
	spec:
	serviceAccountName: datadog-agent
	containers:
	- image: datadog/agent:latest
	imagePullPolicy: Always
	name: datadog-agent
	resources: # QoS class of Guaranteed
	limits:
	cpu: 250m
	memory: 512Mi
	requests:
	cpu: 250m
	memory: 512Mi
	livenessProbe:
	exec:
	command:
	- ./probe.sh
	initialDelaySeconds: 15
	periodSeconds: 5
	ports:
	# Custom metrics via DogStatsD - enables custom metrics collection
	- containerPort: 8125
	hostPort: 8125
	name: dogstatsdport
	protocol: UDP
	# Trace Collection (APM) - enables APM
	- containerPort: 8126
	hostPort: 8126
	name: traceport
	protocol: TCP
	env:
	- name: DD_API_KEY
	valueFrom:
	secretKeyRef:
	name: datadog-secret
	key: api-key
	- name: DD_SITE
	value: "datadoghq.eu"
	- name: DD_COLLECT_KUBERNETES_EVENTS
	value: "true"
	- name: DD_LEADER_ELECTION
	value: "true"
	- name: KUBERNETES
	value: "true"
	- name: DD_KUBERNETES_KUBELET_HOST
	valueFrom:
	fieldRef:
	fieldPath: status.hostIP
	- name: DD_APM_ENABLED
	value: "true"
	- name: DD_LOGS_ENABLED
	value: "true"
	- name: DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL
	value: "true"
	- name: DD_PROCESS_AGENT_ENABLED
	value: "true"
	- name: DD_LOG_LEVEL
	value: warn
	- name: DD_APM_NON_LOCAL_TRAFFIC
	value: "true"
	volumeMounts:
	- name: dockersocket
	mountPath: /var/run/docker.sock
	- name: procdir
	mountPath: /host/proc
	readOnly: true
	- name: cgroups
	mountPath: /host/sys/fs/cgroup
	readOnly: true
	- name: passwd
	mountPath: /etc/passwd
	readOnly: true
	- name: pointdir
	mountPath: /opt/datadog-agent/run
	volumes:
	- name: dockersocket
	hostPath:
	path: /var/run/docker.sock
	- name: procdir
	hostPath:
	path: /proc
	- name: cgroups
	hostPath:
	path: /sys/fs/cgroup
	- name: passwd
	hostPath:
	path: /etc/passwd
	- name: pointdir
	hostPath:
	path: /var/run/datadog-agent
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRole
	metadata:
	name: datadog-agent
	rules:
	- apiGroups:
	- ""
	resources:
	- services
	- events
	- endpoints
	- pods
	- nodes
	- componentstatuses
	verbs:
	- get
	- list
	- watch
	- apiGroups: ["quota.openshift.io"]
	resources:
	- clusterresourcequotas
	verbs:
	- get
	- list
	- apiGroups:
	- ""
	resources:
	- configmaps
	resourceNames:
	- datadogtoken # Kubernetes event collection state
	- datadog-leader-election # Leader election token
	verbs:
	- get
	- update
	- apiGroups: # To create the leader election token
	- ""
	resources:
	- configmaps
	verbs:
	- create
	- nonResourceURLs:
	- "/version"
	- "/healthz"
	- "/metrics"
	verbs:
	- get
	- apiGroups: # Kubelet connectivity
	- ""
	resources:
	- nodes/metrics
	- nodes/spec
	- nodes/proxy
	- nodes/stats
	verbs:
	- get
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRoleBinding
	metadata:
	name: datadog-agent
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: datadog-agent
	subjects:
	- kind: ServiceAccount
	name: datadog-agent
	namespace: datadog-agent
	---
	apiVersion: v1
	kind: Namespace
	metadata:
	name: datadog-agent
	labels:
	name: datadog-agent
	---
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: datadog-agent
	namespace: datadog-agent