Installing using Helm
If you need to setup Untab on a large number of clusters, or if environment-specific customizations are necessary, you can use the provided Helm chart. To learn more about Helm, please see the Helm website.
First, add the Untab Helm repo:
helm repo add untab https://helm.untab.io
Now, create a values file to configure the agent. All values files must include the customer and cluster information:
customer:
# The customer ID is generated by Untab when you sign up. You can find
# yours at https://app.untab.io/settings/info
customerID: my-customer-id
# Specify the name of your cluster. Use only letters, numbers, dot,
# underscore, dash. Changing this after the first time the agent runs will
# result in a new cluster in Untab.
clusterID: my-cluster-id
# The provider ID can be "aws" or "gcp". If you are using a different
# provider or are running on-prem, please contact Untab.
provider: aws
# The Untab API key. You can find yours at
# https://app.untab.io/settings/info
apiKey: xxxxxxxxxxxxxx
Using existing node-exporter
By default, the manifest deploys a node-exporter DaemonSet into the untab namespace. If you already have node-exporter in your cluster and want to avoid running two instances per node, you can disable this in the Helm values.
nodeExporter:
deploy: false
# If deploy is true then this specifies the port the node-exporters should
# listen on. If deploy is false, this specifies the port on each node
# where the existing node-exporters are listening.
port: 9111
Using an egress proxy
If the cluster requires an egress proxy in order to access the outside world, set this variable to the URL of that proxy. This will be used by the agent and Prometheus containers in the untab-agent pod to access the Untab servers.
proxyURL: http://myproxy.internal:8989
Using an existing namespace
By default, the chart will create a new namespace called untab
and place all new resources into that namespace. However, you can also use an existing namespace, or change the name of the namespace.
namespace:
create: true
name: untab
Disabling proxying through the Kubernetes API server
By default, the Prometheus instance deployed in this chart will collect metrics from Kubelet and node-exporter instances on each node by using the proxy feature in the API server. Routing each node's requests through the API server significantly reduces the potential for network connectivity errors at the cost of some additional load on the API server. In practice, this technique has worked without significant adverse effects on clusters with many hundreds of nodes. Nevertheless, the chart provides a switch to disable this feature. If disabled, the Prometheus instance in the untab-agent
pod will access each Kubelet and node-exporter directly.
Note that if disabled, the untab-agent
pod will need network access to the Kubelet and node-exporter ports on all nodes.
apiServerProxy:
use: true
# Add a suffix to each node's hostname. If the Kubernetes node names are not
# fully-qualified, this can be used to convert them to a FQDN.
nodeNameSuffix: ""
kubeletPort: 10250
Using an externally managed secret for the API key
If you use a secret management tool, like Sealed Secrets, you can remove the API key and tell the chart to use a specific externally-managed secret:
customer:
# set the name of the externally managed secret (don't set apiKey)
apiKeySecret: untab-keys
Customizing container images, tags, and pull policy
You can override the container images, tags, and pull policies. This can be useful if, for example, you wish to use a local copy of the image repository, rather than pulling from public sources.
agent:
# Note: the version of the agent image is set by the chart's appVersion.
image: untab/agent
imagePullPolicy: Always
kubeStateMetrics:
image: quay.io/coreos/kube-state-metrics
tag: ...
imagePullPolicy: IfNotPresent
prometheus:
image: prom/prometheus
tag: ...
imagePullPolicy: IfNotPresent
nodeExporter:
image: prom/node-exporter
tag: ...
imagePullPolicy: IfNotPresent
nodeExporterCloudDisk:
image: untab/node_exporter_cloud_disk
tag: ...
imagePullPolicy: IfNotPresent
Deploying the chart
If you have Helm's Tiller service running, you can deploy the agent directly to the cluster now:
helm install -f values.yml --name untab untab-agent
If you don't have Tiller, you can can still generate a static manifest and then apply it using kubectl
; however you have to download the Helm chart first:
helm update
helm fetch --untar untab/untab-agent
helm template -f values.yml untab-agent > manifest.yml
kubectl apply -f manifest.yml
Last updated
Was this helpful?