Run the Datadog Agent in your Kubernetes cluster as a DaemonSet in order to start collecting your cluster and applications metrics, traces, and logs. You can deploy it with a Helm chart or directly with a DaemonSet object YAML definition.
Note: Agent version 6.0 and above only support versions of Kubernetes higher than 1.7.6. For prior versions of Kubernetes, consult the Legacy Kubernetes versions section.
To install the chart with a custom release name,
If this is a fresh install, add the Helm stable repo:
helm repo add stable https://kubernetes-charts.storage.googleapis.com/ && helm repo update
Retrieve your Datadog API key from your Agent installation instructions and run:
helm install <RELEASE_NAME> -f values.yaml --set datadog.apiKey=<DATADOG_API_KEY> stable/datadog --set targetSystem=<TARGET_SYSTEM>
<TARGET_SYSTEM> with the name of your OS:
helm install -f values.yaml --name <RELEASE_NAME> --set datadog.apiKey=<DATADOG_API_KEY> stable/datadog
This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally deploys the kube-state-metrics chart and uses it as an additional source of metrics about the cluster. A few minutes after installation, Datadog begins to report hosts and metrics.
Note: For a full list of the Datadog chart’s configurable parameters and their default values, refer to the Datadog Helm repository README.
The Datadog chart has been refactored in v2.0 to regroup the
values.yaml parameters in a more logical way.
If your current chart version deployed is earlier than
v2.0.0, follow the migration guide to map your previous settings with the new fields.
Take advantage of DaemonSets to deploy the Datadog Agent on all your nodes (or on specific nodes by using nodeSelectors).
To install the Datadog Agent on your Kubernetes cluster:
Configure Agent permissions: If your Kubernetes has role-based access control (RBAC) enabled, configure RBAC permissions for your Datadog Agent service account. From Kubernetes 1.6 onwards, RBAC is enabled by default. Create the appropriate ClusterRole, ServiceAccount, and ClusterRoleBinding with the following command:
kubectl apply -f "https://raw.githubusercontent.com/DataDog/datadog-agent/master/Dockerfiles/manifests/rbac/clusterrole.yaml" kubectl apply -f "https://raw.githubusercontent.com/DataDog/datadog-agent/master/Dockerfiles/manifests/rbac/serviceaccount.yaml" kubectl apply -f "https://raw.githubusercontent.com/DataDog/datadog-agent/master/Dockerfiles/manifests/rbac/clusterrolebinding.yaml"
Note: Those RBAC configurations are set for the
default namespace by default. If you are in a custom namespace, update the
namespace parameter before applying them.
Create a secret that contains your Datadog API Key. Replace the
<DATADOG_API_KEY> below with the API key for your organization. This secret is used in the manifest to deploy the Datadog Agent.
kubectl create secret generic datadog-secret --from-literal api-key="<DATADOG_API_KEY>" --namespace="default"
Note: This create a secret in the
default namespace. If you are in a custom namespace, update the
namespace parameter of the command before running it.
Create the Datadog Agent manifest. Create the
datadog-agent.yaml manifest out of one of the following templates:
To enable trace collection completely, extra steps are required on your application pod configuration. Refer also to the logs, APM, processes, and Network Performance Monitoring documentation pages to learn how to enable each feature individually.
Note: Those manifests are set for the
default namespace by default. If you are in a custom namespace, update the
metadata.namespace parameter before applying them.
Optional - Set your Datadog site. If you are using the Datadog EU site, set the
DD_SITE environment variable to
datadoghq.eu in the
Deploy the DaemonSet with the command:
kubectl apply -f datadog-agent.yaml
Verification: To verify the Datadog Agent is running in your environment as a DaemonSet, execute:
kubectl get daemonset
If the Agent is deployed, you will see output similar to the text below, where
CURRENT are equal to the number of nodes running in your cluster.
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE datadog-agent 2 2 2 2 2 <none> 10s
kubectl apply -f <NAME_OF_THE_KUBE_STATE_MANIFESTS_FOLDER>
The Datadog Operator is in public beta. The Datadog Operator is a way to deploy the Datadog Agent on Kubernetes and OpenShift. It reports deployment status, health, and errors in its Custom Resource status, and it limits the risk of misconfiguration thanks to higher-level configuration options. To get started, check out the Getting Started page in the Datadog Operator repo or install the operator from the OperatorHub.io Datadog Operator page.
(Optional) To run an unprivileged installation, add the following to your pod template:
spec: securityContext: runAsUser: <USER_ID> fsGroup: <DOCKER_GROUP_ID>
agents.rbac.create options to
true in your
value.yaml file order to enable Kubernetes event collection.
If you want to collect events from your kubernetes cluster set the environment variables
true in your Agent manifest. Alternatively, use the Datadoc Cluster Agent Event collection
Once the Agent is up and running in your cluster, use Datadog’s Autodiscovery feature to collect metrics and logs automatically from your pods.
Find below the list of environment variables available for the Datadog Agent. If you want to setup those with Helm, see the full list of configuration options for the
datadog-value.yaml file in the helm/charts Github repository.
|Your Datadog API key (required)|
|Sets the global |
|Hostname to use for metrics (if autodetection fails)|
|Host tags separated by spaces. For example: |
|Destination site for your metrics, traces, and logs. Valid options are |
|Optional setting to override the URL for metric submission.|
|The Agent runs all checks concurrently by default (default value = |
|If multiple Agent are running in your cluster, set this variable to |
Starting with Agent v6.4.0 (and v6.5.0 for the Trace Agent), you can override the Agent proxy settings with the following environment variables:
|An HTTP URL to use as a proxy for |
|An HTTPS URL to use as a proxy for |
|A space-separated list of URLs for which no proxy should be used.|
For more information about proxy settings, see the Agent v6 Proxy documentation.
Optional collection Agents are disabled by default for security or performance reasons. Use these environment variables to enable them:
|Enable trace collection with the Trace Agent.|
|Enable log collection with the Logs Agent.|
|Enable live process collection with the Process Agent. The live container view is already enabled by default if the Docker socket is available. If set to |
|Enable event collection with the Agent. If you are running multiple Agent in your cluster, set |
Send custom metrics with the StatsD protocol:
|Listen to DogStatsD packets from other containers (required to send custom metrics).|
|The histogram percentiles to compute (separated by spaces). The default is |
|The histogram aggregates to compute (separated by spaces). The default is “max median avg count”.|
|Path to the Unix socket to listen to. Must be in a |
|Enable container detection and tagging for unix socket metrics.|
|Additional tags to append to all metrics, events, and service checks received by this DogStatsD server, for example: |
Learn more about DogStatsD over Unix Domain Sockets.
Datadog automatically collects common tags from Kubernetes. To extract even more tags, use the following options:
|Extract pod labels|
|Extract pod annotations|
See the Kubernetes Tag Extraction documentation to learn more.
Integration credentials can be stored in Docker or Kubernetes secrets and used in Autodiscovery templates. For more information, see the Secrets Management documentation.
Exclude containers from logs collection, metrics collection, and Autodiscovery. Datadog excludes Kubernetes and OpenShift
pause containers by default. These allowlists and blocklists apply to Autodiscovery only; traces and DogStatsD are not affected.
|Allowlist of containers to include (separated by spaces). Use |
|Blocklist of containers to exclude (separated by spaces). Use |
|Allowlist of containers whose metrics you wish to include.|
|Blocklist of containers whose metrics you wish to exclude.|
|Allowlist of containers whose logs you wish to include.|
|Blocklist of containers whose logs you wish to exclude.|
|Deprecated. Allowlist of containers to include (separated by spaces). Use |
|Deprecated. Blocklist of containers to exclude (separated by spaces). Use |
Additional examples are available on the Container Discover Management page.
.stopped.total metrics are not affected by these settings. All containers are counted. This does not affect your per-container billing.
|Overrides container source auto-detection to force a single source. e.g |
|Set this to |
Note: If you are using the containerd runtime, set
DD_PROCESS_AGENT_CONTAINER_SOURCE="kubelet" in order to see your containers on the containers page.
You can add extra listeners and config providers using the
DD_EXTRA_CONFIG_PROVIDERS environment variables. They are added in addition to the variables defined in the
config_providers section of the
datadog.yaml configuration file.
See the Agent Commands guides to discover all the Docker Agent commands.