Installing using Helm

If you need to setup Untab on a large number of clusters, or if environment-specific customizations are necessary, you can use the provided Helm chart. To learn more about Helm, please see the Helm website.

First, add the Untab Helm repo:

helm repo add untab https://helm.untab.io

Now, create a values file to configure the agent. All values files must include the customer and cluster information:

values.yml
customer:
  # The customer ID is generated by Untab when you sign up. You can find
  # yours at https://app.untab.io/settings/info
  customerID: my-customer-id

  # Specify the name of your cluster. Use only letters, numbers, dot,
  # underscore, dash. Changing this after the first time the agent runs will
  # result in a new cluster in Untab.
  clusterID: my-cluster-id

  # The provider ID can be "aws" or "gcp". If you are using a different
  # provider or are running on-prem, please contact Untab.
  provider: aws

  # The Untab API key. You can find yours at
  # https://app.untab.io/settings/info
  apiKey: xxxxxxxxxxxxxx

Using existing node-exporter

By default, the manifest deploys a node-exporter DaemonSet into the untab namespace. If you already have node-exporter in your cluster and want to avoid running two instances per node, you can disable this in the Helm values.

values.yml
nodeExporter:
  deploy: false

  # If deploy is true then this specifies the port the node-exporters should
  # listen on. If deploy is false, this specifies the port on each node
  # where the existing node-exporters are listening.
  port: 9111

Using an egress proxy

If the cluster requires an egress proxy in order to access the outside world, set this variable to the URL of that proxy. This will be used by the agent and Prometheus containers in the untab-agent pod to access the Untab servers.

values.yml
proxyURL: http://myproxy.internal:8989

Using an existing namespace

By default, the chart will create a new namespace called untab and place all new resources into that namespace. However, you can also use an existing namespace, or change the name of the namespace.

values.yml
namespace:
  create: true
  name: untab

Disabling proxying through the Kubernetes API server

By default, the Prometheus instance deployed in this chart will collect metrics from Kubelet and node-exporter instances on each node by using the proxy feature in the API server. Routing each node's requests through the API server significantly reduces the potential for network connectivity errors at the cost of some additional load on the API server. In practice, this technique has worked without significant adverse effects on clusters with many hundreds of nodes. Nevertheless, the chart provides a switch to disable this feature. If disabled, the Prometheus instance in the untab-agent pod will access each Kubelet and node-exporter directly.

Note that if disabled, the untab-agent pod will need network access to the Kubelet and node-exporter ports on all nodes.

values.yaml
apiServerProxy:
  use: true

  # Add a suffix to each node's hostname. If the Kubernetes node names are not
  # fully-qualified, this can be used to convert them to a FQDN.
  nodeNameSuffix: ""

  kubeletPort: 10250

Using an externally managed secret for the API key

If you use a secret management tool, like Sealed Secrets, you can remove the API key and tell the chart to use a specific externally-managed secret:

values.yaml
customer:
  # set the name of the externally managed secret (don't set apiKey)
  apiKeySecret: untab-keys

Customizing container images, tags, and pull policy

You can override the container images, tags, and pull policies. This can be useful if, for example, you wish to use a local copy of the image repository, rather than pulling from public sources.

values.yaml
agent:
  # Note: the version of the agent image is set by the chart's appVersion.
  image: untab/agent
  imagePullPolicy: Always

kubeStateMetrics:
  image: quay.io/coreos/kube-state-metrics
  tag: ...
  imagePullPolicy: IfNotPresent

prometheus:
  image: prom/prometheus
  tag: ...
  imagePullPolicy: IfNotPresent

nodeExporter:
  image: prom/node-exporter
  tag: ...
  imagePullPolicy: IfNotPresent

nodeExporterCloudDisk:
  image: untab/node_exporter_cloud_disk
  tag: ...
  imagePullPolicy: IfNotPresent

Deploying the chart

If you have Helm's Tiller service running, you can deploy the agent directly to the cluster now:

helm install -f values.yml --name untab untab-agent

If you don't have Tiller, you can can still generate a static manifest and then apply it using kubectl; however you have to download the Helm chart first:

helm update
helm fetch --untar untab/untab-agent
helm template -f values.yml untab-agent > manifest.yml
kubectl apply -f manifest.yml
PreviousInstalling using the basic manifestNextChecking agent status

Last updated

Was this helpful?