Kubernetes

Note: Agent version 6.0 and above only support versions of Kubernetes higher than 1.7.6. For prior versions of Kubernetes, consult the Legacy Kubernetes versions section.

There are a number of different ways to monitor your Kubernetes system using Datadog. Choosing one depends on how your system is structured and the type of monitoring you desire. There are four options for installing the Datadog Agent for Kubernetes: DaemonSets, Helm charts, installing the Agent directly on the host, and the Datadog Cluster Agent.

Installation

To gather metrics, traces, and logs from your Kubernetes clusters, there are four options:

• Container installation (recommended) - The Agent runs inside a Pod. This implementation is sufficient for the majority of use cases, but does not monitor the starting phase of your Kubernetes cluster.
• Helm installation - Helm is a package manager for Kubernetes that allows you to easily install the Datadog Agent and enable its various capabilities.
• Host installation - If the kubelet runs into an issue, and the Agent as a container dies, you will lose visibility into the node. However, if the Agent runs on the node, you can monitor the kubelet throughout its lifecycle. If this is a significant concern for you, install the Agent as a host.
• Cluster Agent - For systems with very large Kubernetes clusters, the Datadog Cluster Agent can help to alleviate server load.

Note: Only one Datadog Agent shound run on each node; a sidecar per pod is not generally recommended and may not function as expected.

RBAC

In the context of using the Kubernetes integration, and when deploying Agents in a Kubernetes cluster, a set of rights are required for the Agent to integrate seamlessly.

You must allow the Agent to perform a few actions:

• get and update the Configmaps named datadogtoken to update and query the most up-to-date version token corresponding to the latest event stored in ETCD.
• list and watch the Events to pull the events from the API Server, format, and submit them.
• get, update, and create for the Endpoint. The Endpoint used by the Agent for the Leader election feature is named datadog-leader-election.
• list the componentstatuses resource, in order to submit service checks for the Control Plane’s components status.

You can find the templates in manifests/rbac in the datadog-agent GitHub repository. This creates a Service Account in the default namespace, a Cluster Role with the above rights, and a Cluster Role Binding.

Custom Integrations

For details on the usage of ConfigMaps in Kubernetes, consult Datadog’s Kubernetes Custom Integrations documentation.

Troubleshooting

• Can I install the Agent on my Kubernetes master node(s)
• Why is the Kubernetes check failing with a ConnectTimeout error to port 10250?
• Client Authentication against the apiserver and kubelet
• Using RBAC permission with your Kubernetes integration

Further Reading

Additional helpful documentation, links, and articles:

Kubernetes DaemonSet SetupDOCUMENTATION Kubernetes Host SetupDOCUMENTATION Kubernetes MetricsDOCUMENTATION Kubernetes Legacy VersionsDOCUMENTATION