apiVersion: dynatrace.com/v1beta1 kind: DynaKube metadata: name: dynakube namespace: dynatrace spec: # Dynatrace apiUrl including the `/api` path at the end. # For SaaS, set `ENVIRONMENTID` to your environment ID. # For Managed, change the apiUrl address. # For instructions on how to determine the environment ID and how to configure the apiUrl address, see https://www.dynatrace.com/support/help/reference/dynatrace-concepts/environment-id/. apiUrl: https://ENVIRONMENTID.live.dynatrace.com/api # Optional: Name of the secret holding the credentials required to connect to the Dynatrace tenant # If unset, the name of this custom resource is used # # tokens: "" # Optional: Defines a custom pull secret in case you use a private registry when pulling images from the Dynatrace environment # The secret has to be of type 'kubernetes.io/dockerconfigjson' (see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) # # customPullSecret: "custom-pull-secret" # Optional: Disable certificate validation checks for installer download and API communication # # skipCertCheck: false # Optional: Set custom proxy settings either directly or from a secret with the field 'proxy' # # proxy: # value: my-proxy-url.com # valueFrom: name-of-my-proxy-secret # Optional: Adds custom RootCAs from a configmap # The key to the data must be "certs" # This property only affects certificates used to communicate with the Dynatrace API. # The property is not applied to the ActiveGate # # trustedCAs: name-of-my-ca-configmap # Optional: Sets Network Zone for OneAgent and ActiveGate pods # Make sure networkZones are enabled on your cluster before (see https://www.dynatrace.com/support/help/setup-and-configuration/network-zones/network-zones-basic-info/) # # networkZone: name-of-my-network-zone # Optional: If enabled, and if Istio is installed on the Kubernetes environment, the # Operator will create the corresponding VirtualService and ServiceEntry objects to allow access # to the Dynatrace cluster from agents or activeGates. Disabled by default. # # enableIstio: false # The namespaces which should be injected into # If unset, all namespace will be injected into # namespaceSelector has no effect on hostMonitoring or classicFullstack # For examples regarding namespaceSelectors, see https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#resources-that-support-set-based-requirements # # namespaceSelector: # matchLabels: # app: my-app # matchExpressions: # - key: app # operator: In # values: [my-frontend, my-backend, my-database] # Configuration for OneAgent instances # oneAgent: # Enables application-only monitoring and changes its settings # Cannot be used in conjunction with cloud-native fullstack monitoring, classic fullstack monitoring or host monitoring # applicationMonitoring: # Optional: If specified, indicates the OneAgent version to use # Defaults to the configured version on your Dynatrace environment # The version is expected to be provided in the semver format # Example: {major.minor.release}, e.g., "1.200.0" # # version: # Optional: If you want to use CSIDriver; disable if your cluster does not have 'nodes' to fall back to the volume approach. # Defaults to false # useCSIDriver: false # Optional: The URI of the image that contains the codemodules specific OneAgent that will be injected into pods and applications. # For an example of a Dockerfile creating such an image, see https://dt-url.net/operator-docker-samples # # codeModulesImage: "" # Optional: Defines resources requests and limits for the initContainer # See more: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers # # initResources: # requests: # cpu: 100m # memory: 512Mi # limits: # cpu: 300m # memory: 1.5Gi # Configuration for ActiveGate instances. # activeGate: # Specifies which capabilities will be enabled on ActiveGate instances # The following capabilities can be set: # - routing # - kubernetes-monitoring # - metrics-ingest # - dynatrace-api # capabilities: - routing - kubernetes-monitoring - dynatrace-api # Optional: Sets the image used to deploy ActiveGate instances # Defaults to the latest ActiveGate image on the tenant's registry # Example: "ENVIRONMENTID.live.dynatrace.com/linux/activegate:latest" # image: "" # Optional: Sets how many ActiveGate pods are spawned by the StatefulSet # Defaults to "1" # # replicas: 1 # Optional: Specifies tolerations to include with the ActiveGate StatefulSet. # For more information on tolerations, see https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ # # tolerations: # - effect: NoSchedule # key: node-role.kubernetes.io/master # operator: Exists # Optional: Sets a node selector to control on which nodes the ActiveGate will be deployed. # For more information on node selectors, see https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes/ # # nodeSelector: {} # Optional: Specifies resource settings for ActiveGate instances # Consumption of the ActiveGate heavily depends on the workload to monitor # The values should be adjusted according to the workload # resources: requests: cpu: 500m memory: 512Mi limits: cpu: 1000m memory: 1.5Gi # Optional: Adds custom labels to ActiveGate pods # Can be used to structure workloads # # labels: # custom: label # Optional: Adds custom environment variables to ActiveGate pods # # env: [] # Recommended: Sets the activation group for ActiveGate instances # # group: "" # Optional: Defines a custom properties file, the file contents can be provided either as a value in this yaml or as a reference to a secret. # If a reference to a secret is used, then the file contents must be stored under the 'customProperties' key within the secret. # # customProperties: # value: | # [connectivity] # networkZone= # valueFrom: myCustomPropertiesConfigMap # Optional: Specifies the name of a secret containing a TLS certificate, a TLS key and the TLS key's password to be used by ActiveGate instances # If unset, a self-signed certificate is used # The secret is expected to have the following key-value pairs # server.p12: TLS certificate and TLS key pair in pkcs12 format # password: passphrase to decrypt the TLS certificate and TLS key pair # # tlsSecretName: "my-tls-secret" # Optional: Sets the DNS Policy for ActiveGate pods # Defaults to "Default" # For more information on DNS policies, see https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy # # dnsPolicy: "Default" # Optional: Specifies the priority class to assign to the ActiveGate Pods # No class is set by default # For more information on priority classes, see https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ # # priorityClassName: priority-class # Optional: Adds custom annotations to ActiveGate pods # # annotations: # custom: annotation # Optional: Adds TopologySpreadConstraints to the ActiveGate pods # For more information on TopologySpreadConstraints, see https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ # # topologySpreadConstraints: []