Getting Started with the Datadog Operator

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

The Datadog Operator is an open source Kubernetes Operator that enables you to deploy and configure the Datadog Agent in a Kubernetes environment. This guide describes how to use the Operator to deploy the Datadog Agent.

Prerequisites

  • Kubernetes v1.20.X+
  • Helm for deploying the Datadog Operator
  • The Kubernetes command-line tool, kubectl, for installing the Datadog Agent

Installation and deployment

  1. Install the Datadog Operator with Helm:
helm repo add datadog https://helm.datadoghq.com
helm install my-datadog-operator datadog/datadog-operator
  1. Create a Kubernetes secret with your API and application keys:
kubectl create secret generic datadog-secret --from-literal api-key=<DATADOG_API_KEY> --from-literal app-key=<DATADOG_APP_KEY>

Replace <DATADOG_API_KEY> and <DATADOG_APP_KEY> with your Datadog API and application keys.

  1. Create a datadog-agent.yaml file with the spec of your DatadogAgent deployment configuration. The following sample configuration enables metrics, logs, and APM:
apiVersion: datadoghq.com/v2alpha1
kind: DatadogAgent
metadata:
  name: datadog
spec:
  global:
    credentials:
      apiSecret:
        secretName: datadog-secret
        keyName: api-key
      appSecret:
        secretName: datadog-secret
        keyName: app-key
  features:
    apm:
      enabled: true
    logCollection:
      enabled: true

For all configuration options, see the Operator configuration spec.

  1. Deploy the Datadog Agent:
kubectl apply -f /path/to/your/datadog-agent.yaml

Running Agents in a single container

Available in Operator v1.4.0 or later

By default, the Datadog Operator creates an Agent DaemonSet with pods running multiple Agent containers. Datadog Operator v1.4.0 introduces a configuration which allows users to run Agents in a single container. In order to avoid elevating privileges for all Agents in the single container, this feature is only applicable when system-probe or security-agent is not required. For more details, see Running as an unprivileged user on the Agent Data Security page.

To enable this feature add global.containerStrategy: single to the DatadogAgent manifest:

  apiVersion: datadoghq.com/v2alpha1
  kind: DatadogAgent
  metadata:
    name: datadog
  spec:
    global:
      containerStrategy: single
      credentials:
        apiSecret:
          secretName: datadog-secret
          keyName: api-key
        appSecret:
          secretName: datadog-secret
          keyName: app-key
    features:
      apm:
        enabled: true
      logCollection:
        enabled: true
With the above configuration, Agent pods run as single containers with three Agent processes. The default for global.containerStrategy is optimized and runs each Agent process in a separate container.

Note: Running multiple Agent processes in a single container is discouraged in orchestrated environments such as Kubernetes. Pods running multiple processes need their lifecycles to be managed by a process manager, which is not directly controllable by Kubernetes and potentially leads to inconsistencies or conflicts in the container lifecycle management.

Validation

Use kubectl get daemonset and kubectl get pod -owide to validate your installation.

In a cluster with two worker Nodes, you should see Agent Pods created on each Node:

$ kubectl get daemonset
NAME            DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE
datadog-agent   2         2         2       2            2           <none>          5m30s

$ kubectl get pod -owide
NAME                                         READY   STATUS    RESTARTS   AGE     IP            NODE
agent-datadog-operator-d897fc9b-7wbsf        1/1     Running   0          1h      10.244.2.11   kind-worker
datadog-agent-k26tp                          1/1     Running   0          5m59s   10.244.2.13   kind-worker
datadog-agent-zcxx7                          1/1     Running   0          5m59s   10.244.1.7    kind-worker2

Cleanup

The following commands delete all Kubernetes resources created in this guide:

kubectl delete datadogagent datadog
helm delete my-datadog-operator

Further Reading