- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Starting with v6.14.0, the Agent RPM packages are signed with a different GPG key. As a common best practice, Datadog periodically updates the GPG key.
Hosts using RPM packages located in the Datadog Yum repository are affected by this change and need to trust the key by importing the associated public key in their hosts’ keyrings.
Trying to install or upgrade the Agent package without trusting the key results in NOKEY
errors when installing the package.
The fingerprint of the associated public key is: A4C0B90D7443CF6E4E8AA341F1068E14E09422B3
.
If you’re using the latest version for one of the following officially supported install methods, your hosts trust the key automatically and no further action is needed.
To check if a particular host trusts the key, run this command on the host:
rpm -q gpg-pubkey-e09422b3
If the key is trusted, the command has a 0 exit code and outputs:
gpg-pubkey-e09422b3-57744e9e
Otherwise, the command returns a non-0 exit code and the following output:
package gpg-pubkey-e09422b3 is not installed
This step is not required if hosts already trust the keys or if a recent version of an official installation method is used.
Run the following commands on the host:
$ curl -o /tmp/DATADOG_RPM_KEY_CURRENT.public https://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public
$ curl -o /tmp/DATADOG_RPM_KEY_B01082D3.public https://keys.datadoghq.com/DATADOG_RPM_KEY_B01082D3.public
$ curl -o /tmp/DATADOG_RPM_KEY_FD4BF915.public https://keys.datadoghq.com/DATADOG_RPM_KEY_FD4BF915.public
$ curl -o /tmp/DATADOG_RPM_KEY_E09422B3.public https://keys.datadoghq.com/DATADOG_RPM_KEY_E09422B3.public
$ rpm --import /tmp/DATADOG_RPM_KEY_CURRENT.public
$ rpm --import /tmp/DATADOG_RPM_KEY_B01082D3.public
$ rpm --import /tmp/DATADOG_RPM_KEY_FD4BF915.public
$ rpm --import /tmp/DATADOG_RPM_KEY_E09422B3.public
Then check if the keys are trusted by following the steps in Check if a host trusts the GPG key.
On CentOS, RHEL, and Amazon Linux, if your Yum repository file is used to define the Datadog repository (datadog.repo
), update it to add the key as a trusted key:
[datadog]
name = Datadog, Inc.
baseurl = https://yum.datadoghq.com/stable/7/x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public
https://keys.datadoghq.com/DATADOG_RPM_KEY_B01082D3.public
https://keys.datadoghq.com/DATADOG_RPM_KEY_FD4BF915.public
https://keys.datadoghq.com/DATADOG_RPM_KEY_E09422B3.public
[datadog]
name = Datadog, Inc.
baseurl = https://yum.datadoghq.com/stable/6/x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public
https://keys.datadoghq.com/DATADOG_RPM_KEY_B01082D3.public
https://keys.datadoghq.com/DATADOG_RPM_KEY_FD4BF915.public
https://keys.datadoghq.com/DATADOG_RPM_KEY_E09422B3.public
Note: due to a bug in dnf, use repo_gpgcheck=0
instead of repo_gpgcheck=1
on RHEL/CentOS 8.1.
Note: This method doesn’t work on SUSE-based systems. Use the import command instead.