Installing using Helm
Last updated
Was this helpful?
Last updated
Was this helpful?
If you need to setup Untab on a large number of clusters, or if environment-specific customizations are necessary, you can use the provided Helm chart. To learn more about Helm, please see the .
First, add the Untab Helm repo:
Now, create a values file to configure the agent. All values files must include the customer and cluster information:
By default, the manifest deploys a node-exporter DaemonSet into the untab namespace. If you already have node-exporter in your cluster and want to avoid running two instances per node, you can disable this in the Helm values.
If the cluster requires an egress proxy in order to access the outside world, set this variable to the URL of that proxy. This will be used by the agent and Prometheus containers in the untab-agent pod to access the Untab servers.
By default, the chart will create a new namespace called untab
and place all new resources into that namespace. However, you can also use an existing namespace, or change the name of the namespace.
Note that if disabled, the untab-agent
pod will need network access to the Kubelet and node-exporter ports on all nodes.
You can override the container images, tags, and pull policies. This can be useful if, for example, you wish to use a local copy of the image repository, rather than pulling from public sources.
If you have Helm's Tiller service running, you can deploy the agent directly to the cluster now:
If you don't have Tiller, you can can still generate a static manifest and then apply it using kubectl
; however you have to download the Helm chart first:
By default, the deployed in this chart will collect metrics from Kubelet and node-exporter instances on each node by using the in the API server. Routing each node's requests through the API server significantly reduces the potential for network connectivity errors at the cost of some additional load on the API server. In practice, this technique has worked without significant adverse effects on clusters with many hundreds of nodes. Nevertheless, the chart provides a switch to disable this feature. If disabled, the Prometheus instance in the untab-agent
pod will access each Kubelet and node-exporter directly.
If you use a secret management tool, like , you can remove the API key and tell the chart to use a specific externally-managed secret: