- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
To automatically instrument your application, you can:
For more information, see Automatic Instrumentation.
How to inject the library locally, without touching the application code at all, varies depending on where and how your Agent and application are installed. Select the scenario that represents your environment:
With the Admission Controller approach, the Agent uses the Kubernetes Admission Controller to intercept requests to the Kubernetes API and mutate new pods to inject the specified instrumentation library.
To learn more about Kubernetes Admission Controller, read Kubernetes Admission Controllers Reference.
BUNDLE_PATH
).Datadog publishes instrumentation libraries images on gcr.io, Docker Hub, and Amazon ECR:
The DD_ADMISSION_CONTROLLER_AUTO_INSTRUMENTATION_CONTAINER_REGISTRY
environment variable in the Datadog Cluster Agent configuration specifies the registry used by the Admission Controller. The default value is gcr.io/datadoghq
.
You can pull the tracing library from a different registry by changing it to docker.io/datadog
, public.ecr.aws/datadog
, or another URL if you are hosting the images in a local container registry.
For your Kubernetes applications whose traces you want to send to Datadog, configure the Datadog Admission Controller to inject Java, JavaScript, Python, .NET or Ruby instrumentation libraries automatically. From a high level, this involves the following steps, described in detail below:
By default, Datadog Admission controller mutates only pods labeled with a specific label. To enable mutation on your pods, add the label admission.datadoghq.com/enabled: "true"
to your pod spec.
Note: You can configure Datadog Admission Controller to enable injection config without having this pod label by configuring the Cluster Agent with clusterAgent.admissionController.mutateUnlabelled
(or DD_ADMISSION_CONTROLLER_MUTATE_UNLABELLED
) to true
.
For more details on how to configure, read Datadog Admission Controller page.
For example:
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
# (...)
spec:
template:
metadata:
labels:
admission.datadoghq.com/enabled: "true" # Enable Admission Controller to mutate new pods part of this deployment
spec:
containers:
- # (...)
To select your pods for library injection, use the annotations provided in the following table within your pod spec:
Language | Pod annotation |
---|---|
Java | admission.datadoghq.com/java-lib.version: "<CONTAINER IMAGE TAG>" |
JavaScript | admission.datadoghq.com/js-lib.version: "<CONTAINER IMAGE TAG>" |
Python | admission.datadoghq.com/python-lib.version: "<CONTAINER IMAGE TAG>" |
.NET | admission.datadoghq.com/dotnet-lib.version: "<CONTAINER IMAGE TAG>" |
Ruby | admission.datadoghq.com/ruby-lib.version: "<CONTAINER IMAGE TAG>" |
The available library versions are listed in each container registry, as well as in the tracer source repositories for each language:
-musl
to the pod annotation tag for versions 2.55 and earlier. For example, use v2.29.0-musl
instead of v2.29.0
. The -musl
suffix is not required for versions after 2.55, including v3.0+.Note: If you already have an application instrumented using version X of the library, and then use library injection to instrument using version Y of the same tracer library, the tracer does not break. Rather, the library version loaded first is used. Because library injection happens at the admission controller level prior to runtime, it takes precedence over manually configured libraries.
latest
tag is supported, but use it with caution because major library releases can introduce breaking changes.For example, to inject a Java library:
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
# (...)
spec:
template:
metadata:
labels:
admission.datadoghq.com/enabled: "true" # Enable Admission Controller to mutate new pods in this deployment
annotations:
admission.datadoghq.com/java-lib.version: "<CONTAINER IMAGE TAG>"
spec:
containers:
- # (...)
With Unified Service Tags, you can tie Datadog telemetry together and navigate seamlessly across traces, metrics, and logs with consistent tags. Set the Unified Service Tagging on both the deployment object and the pod template specs. Set Unified Service tags by using the following labels:
metadata:
labels:
tags.datadoghq.com/env: "<ENV>"
tags.datadoghq.com/service: "<SERVICE>"
tags.datadoghq.com/version: "<VERSION>"
Note: It is not necessary to set the environment variables for universal service tagging (DD_ENV
, DD_SERVICE
, DD_VERSION
) in the pod template spec, because the Admission Controller propagates the tag values as environment variables when injecting the library.
For example:
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
tags.datadoghq.com/env: "prod" # Unified service tag - Deployment Env tag
tags.datadoghq.com/service: "my-service" # Unified service tag - Deployment Service tag
tags.datadoghq.com/version: "1.1" # Unified service tag - Deployment Version tag
# (...)
spec:
template:
metadata:
labels:
tags.datadoghq.com/env: "prod" # Unified service tag - Pod Env tag
tags.datadoghq.com/service: "my-service" # Unified service tag - Pod Service tag
tags.datadoghq.com/version: "1.1" # Unified service tag - Pod Version tag
admission.datadoghq.com/enabled: "true" # Enable Admission Controller to mutate new pods part of this deployment
annotations:
admission.datadoghq.com/java-lib.version: "<CONTAINER IMAGE TAG>"
spec:
containers:
- # (...)
Your pods are ready to be instrumented when their new configuration is applied.
Library injection leverages the injection of a dedicated init
container in pods.
If the injection was successful you can see an init
container called datadog-lib-init
in your pod:
Or run kubectl describe pod <my-pod>
to see the datadog-lib-init
init container listed.
The instrumentation also starts sending telemetry to Datadog (for example, traces to APM).
If the application pod fails to start, run kubectl logs <my-pod> --all-containers
to print out the logs and compare them to the known issues below.
dotnet: error while loading shared libraries: libc.musl-x86_64.so.1: cannot open shared object file: No such file or directory
-musl
suffix, but the application container runs on a Linux distribution that uses glibc.-musl
suffix from the dotnet library version.Error loading shared library ld-linux-x86-64.so.2: No such file or directory (needed by /datadog-lib/continuousprofiler/Datadog.Linux.ApiWrapper.x64.so)
-musl
suffix.-musl
suffix to the dotnet library version.In Python < 1.20.3
, Python injection logs output to stderr
. Upgrade to 1.20.3
or above to suppress the logs by default. The logs can be enabled by setting the environment variable DD_TRACE_DEBUG
to 1
.
The library injection mechanism for Python only supports injecting the Python library in Python v3.7+.
user-installed ddtrace found, aborting
ddtrace
library is already installed on the system so the injection logic aborts injecting the library to avoid introducing a breaking change in the application.ddtrace
if library injection is desired. Otherwise, use the installed library (see documentation) instead of library injection.tls: protocol version not supported
Problem: Since Cluster Agent v1.20, the API is only served using TLS v1.3 by default. If the Kubernetes cluster is configured with TLS v1.2 or older, library injection fails.
Solution: Set DD_CLUSTER_AGENT_ALLOW_LEGACY_TLS
to true
for Cluster Agent.
When both the Agent and your services are running on a host, real or virtual, Datadog injects the tracing library by using a preload library that overrides calls to execve
. Any newly started processes are intercepted and the specified instrumentation library is injected into the services.
Note: Injection on arm64 is not supported.
Requirements: A host running Linux.
If the host does not yet have a Datadog Agent installed, or if you want to upgrade your Datadog Agent installation, use the Datadog Agent install script to install both the injection libraries and the Datadog Agent:
DD_APM_INSTRUMENTATION_ENABLED=host DD_APM_INSTRUMENTATION_LIBRARIES="java:1,python:2,js:5,dotnet:3" DD_API_KEY=<YOUR KEY> DD_SITE="<YOUR SITE>" bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)"
By default, running the script installs support for Java, Node.js, Python, Ruby, and .NET all pinned to the latest major version. If you want to specify which language support is installed, also set the DD_APM_INSTRUMENTATION_LIBRARIES
environment variable. The valid values are java
, js
, python
and dotnet
. Use a comma-separated list to specify more than one language:
DD_APM_INSTRUMENTATION_LIBRARIES=java:1,js:5 DD_APM_INSTRUMENTATION_ENABLED=host DD_API_KEY=<YOUR KEY> DD_SITE="<YOUR SITE>" bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)"
Exit and open a new shell to use the injection library.
If you haven’t already, install your app and any supporting languages or libraries it requires.
When an app that is written in a supported language is launched, it is automatically injected with tracing enabled.
Configure host injection in one of the following ways:
Values in environment variables override settings in the configuration file on a per-process basis.
Property name | Purpose | Default value | Valid values |
---|---|---|---|
log_level | The logging level | off | off , debug , info , warn , error |
output_paths | The location where log output is written | stderr | stderr or a file:// URL |
env | The default environment assigned to a process | none | n/a |
---
log_level: debug
output_paths:
- file:///tmp/host_injection.log
env: dev
The following environment variables configure library injection. You can pass these in by export
through the command line (export DD_CONFIG_SOURCES=BASIC
), shell configuration, or launch command.
Each of the fields in the config file corresponds to an environment variable. This environment variable is read from the environment of the process that’s being launched and affects only the process currently being launched.
Config file property | Environment Variable |
---|---|
log_level | DD_APM_INSTRUMENTATION_DEBUG |
output_paths | DD_APM_INSTRUMENTATION_OUTPUT_PATHS |
env | DD_ENV |
The DD_APM_INSTRUMENTATION_DEBUG
environment variable is limited to the values true
and false
(default value false
). Setting it to true
sets log_level
to debug
and setting it to false
(or not setting it at all) uses the log_level
specified in the configuration file. The environment variable can only set the log level to debug
, not any other log level values.
The DD_INSTRUMENT_SERVICE_WITH_APM
environment variable controls whether or not injection is enabled. It defaults to TRUE
. Set it to FALSE
to turn off library injection altogether.
By default, the following settings are enabled in an instrumented process:
Exercise your application to start generating telemetry data, which you can see as traces in APM.
When your Agent is running on a host, and your services are running in containers, Datadog injects the tracing library by intercepting container creation and configuring the Docker container.
Any newly started processes are intercepted and the specified instrumentation library is injected into the services.
Note: Injection on arm64 is not supported.
Requirements:
If the host does not yet have a Datadog Agent installed, or if you want to upgrade your Datadog Agent installation, use the Datadog Agent install script to install both the injection libraries and the Datadog Agent:
DD_APM_INSTRUMENTATION_ENABLED=all DD_APM_INSTRUMENTATION_LIBRARIES="java:1,python:2,js:5,dotnet:3" DD_API_KEY=<YOUR KEY> DD_SITE="<YOUR SITE>" bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)"
By default, running the script installs support for Java, Node.js, Python, Ruby, and .NET. If you want to specify which language support is installed, also set the DD_APM_INSTRUMENTATION_LIBRARIES
environment variable. The valid values are java
, js
, python
, and dotnet
. Use a comma-separated list to specify more than one language:
DD_APM_INSTRUMENTATION_LIBRARIES=java:1,js:5 DD_APM_INSTRUMENTATION_ENABLED=all DD_API_KEY=<YOUR KEY> DD_SITE="<YOUR SITE>" bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)"
If the environment variables DD_ENV
, DD_SERVICE
, or DD_VERSION
are specified in a service container image, those values are used to tag telemetry from the container.
If they are not specified, DD_ENV
uses the env
value set in the /etc/datadog-agent/inject/docker_config.yaml
config file, if any. DD_SERVICE
is derived from the name of the Docker image. An image with the name my-service:1.0
is tagged with DD_SERVICE
of my-service
.
Start your Agent and launch your containerized services as usual.
Exercise your application to start generating telemetry data, which you can see as traces in APM.
When your Agent and services are running in separate Docker containers on the same host, Datadog injects the tracing library by intercepting container creation and configuring the Docker container.
Any newly started processes are intercepted and the specified instrumentation library is injected into the services.
Requirements:
Note: Injection on arm64 is not supported.
Use the install_script_agent7.sh
shell script to automatically install Docker injection support. Docker must already be installed on the host machine.
DD_APM_INSTRUMENTATION_ENABLED=docker DD_APM_INSTRUMENTATION_LIBRARIES="java:1,python:2,js:5,dotnet:3" DD_NO_AGENT_INSTALL=true bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)"
This installs language libraries for all supported languages. To install specific languages, set the DD_APM_INSTRUMENTATION_LIBRARIES
variable. The valid values are java
, js
, python
, and dotnet
:
DD_APM_INSTRUMENTATION_LIBRARIES="java:1,js:5" DD_APM_INSTRUMENTATION_ENABLED=docker DD_NO_AGENT_INSTALL=true bash -c "$(curl -L https://install.datadoghq.com/scripts/install_script_agent7.sh)"
In the Docker compose file that launches your containers, use the following settings for the Agent, securely setting your own Datadog API key for ${DD_API_KEY}
:
dd-agent:
container_name: dd-agent
image: datadog/agent:7
environment:
- DD_API_KEY=${DD_API_KEY}
- DD_APM_ENABLED=true
- DD_APM_NON_LOCAL_TRAFFIC=true
- DD_DOGSTATSD_NON_LOCAL_TRAFFIC=true
- DD_APM_RECEIVER_SOCKET=/var/run/datadog/apm.socket
- DD_DOGSTATSD_SOCKET=/var/run/datadog/dsd.socket
volumes:
- /var/run/datadog:/var/run/datadog
- /var/run/docker.sock:/var/run/docker.sock:ro
If the environment variables DD_ENV
, DD_SERVICE
, or DD_VERSION
are specified in a service container image, those values are used to tag telemetry from the container.
If they are not specified, DD_ENV
uses the env
value set in the /etc/datadog-agent/inject/docker_config.yaml
config file, if any. DD_SERVICE
is derived from the name of the Docker image. An image with the name my-service:1.0
is tagged with DD_SERVICE
of my-service
.
The dd-agent
container must be launched before any service containers. Run:
docker-compose up -d dd-agent
Launch your containerized services as usual.
Exercise your application to start generating telemetry data, which you can see as traces in APM.
To stop producing traces for a specific service, run the following commands and restart the service:
Add the DD_INSTRUMENT_SERVICE_WITH_APM
environment variable to the service startup command:
DD_INSTRUMENT_SERVICE_WITH_APM=false <service_start_command>
Restart the service.
DD_INSTRUMENT_SERVICE_WITH_APM
environment variable to the service startup command:docker run -e DD_INSTRUMENT_SERVICE_WITH_APM=false
To stop producing traces, remove library injectors and restart the infrastructure:
dd-host-install --uninstall
dd-container-install --uninstall
systemctl restart docker
The supported features and configuration options for the tracing library are the same for library injection as for other installation methods, and can be set with environment variables. Read the Datadog library configuration page for your language for more details.
For example, you can turn on Application Security Monitoring or Continuous Profiler, each of which may have billing impact:
For Kubernetes, set the DD_APPSEC_ENABLED
or DD_PROFILING_ENABLED
environment variables to true
in the underlying application pod’s deployment file.
For hosts and containers, set the DD_APPSEC_ENABLED
or DD_PROFILING_ENABLED
container environment variables to true
.