From cd7f4ab90b8e6a2e263098dfa769714b83dcb577 Mon Sep 17 00:00:00 2001 From: Chris Crane Date: Sun, 17 Jul 2016 23:42:15 -0700 Subject: [PATCH 1/4] Adding Sysdig Cloud example --- examples/sysdig-cloud/README.md | 22 ++++++ examples/sysdig-cloud/sysdig-daemonset.yaml | 72 +++++++++++++++++++ examples/sysdig-cloud/sysdig-rc.yaml | 80 +++++++++++++++++++++ 3 files changed, 174 insertions(+) create mode 100644 examples/sysdig-cloud/README.md create mode 100644 examples/sysdig-cloud/sysdig-daemonset.yaml create mode 100644 examples/sysdig-cloud/sysdig-rc.yaml diff --git a/examples/sysdig-cloud/README.md b/examples/sysdig-cloud/README.md new file mode 100644 index 00000000000..be7cf8ccb5d --- /dev/null +++ b/examples/sysdig-cloud/README.md @@ -0,0 +1,22 @@ +[Sysdig Cloud](http://www.sysdig.com/) is the first and only monitoring, alerting, and troubleshooting solution designed from the ground up to provide unprecedented visibility into containerized infrastructures. + +Sysdig Cloud comes with built-in, first class support for Kubernetes. In order to instrument your Kubernetes environment with Sysdig Cloud, you simply need to install the Sysdig Cloud agent container on each underlying host in your Kubernetes cluster. Sysdig Cloud will automatically begin monitoring all of your hosts, apps, pods, and services, and will also automatically connect to the Kubernetes API to pull relevant metadata about your environment. + +# Example Installation Files + +Provided here are two example sysdig.yaml files that can be used to automatically deploy the Sysdig Cloud agent container across a Kubernetes cluster. + +The recommended method is using daemon sets - minimum kubernetes version 1.1.1. + +If daemon sets are not available, then the replication controller method can be used (based on [this hack](https://stackoverflow.com/questions/33377054/how-to-require-one-pod-per-minion-kublet-when-configuring-a-replication-controll/33381862#33381862 )). + +# Latest Files + +See here for the latest maintained and updated versions of these example files: +https://github.com/draios/sysdig-cloud-scripts/tree/master/agent_deploy/kubernetes + +# Install instructions + +Please see the Sysdig Cloud support site for the latest documentation: +http://support.sysdigcloud.com/hc/en-us/sections/200959909 + diff --git a/examples/sysdig-cloud/sysdig-daemonset.yaml b/examples/sysdig-cloud/sysdig-daemonset.yaml new file mode 100644 index 00000000000..e1fc1534a75 --- /dev/null +++ b/examples/sysdig-cloud/sysdig-daemonset.yaml @@ -0,0 +1,72 @@ +#Use this sysdig.yaml when Daemon Sets are enabled on Kubernetes (minimum version 1.1.1). Otherwise use the RC method. + +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: sysdig-agent + labels: + app: sysdig-agent +spec: + template: + metadata: + labels: + name: sysdig-agent + spec: + volumes: + - name: docker-sock + hostPath: + path: /var/run/docker.sock + - name: dev-vol + hostPath: + path: /dev + - name: proc-vol + hostPath: + path: /proc + - name: boot-vol + hostPath: + path: /boot + - name: modules-vol + hostPath: + path: /lib/modules + - name: usr-vol + hostPath: + path: /usr + hostNetwork: true + hostPID: true + containers: + - name: sysdig-agent + image: sysdig/agent + securityContext: + privileged: true + env: + - name: ACCESS_KEY #REQUIRED - replace with your Sysdig Cloud access key + value: 8312341g-5678-abcd-4a2b2c-33bcsd655 +# - name: TAGS #OPTIONAL +# value: linux:ubuntu,dept:dev,local:nyc +# - name: COLLECTOR #OPTIONAL - on-prem install only +# value: 192.168.183.200 +# - name: SECURE #OPTIONAL - on-prem install only +# value: false +# - name: CHECK_CERTIFICATE #OPTIONAL - on-prem install only +# value: false +# - name: ADDITIONAL_CONF #OPTIONAL pass additional parameters to the agent such as authentication example provided here +# value: "k8s_uri: https://myacct:mypass@localhost:4430\nk8s_ca_certificate: k8s-ca.crt\nk8s_ssl_verify_certificate: true" + volumeMounts: + - mountPath: /host/var/run/docker.sock + name: docker-sock + readOnly: false + - mountPath: /host/dev + name: dev-vol + readOnly: false + - mountPath: /host/proc + name: proc-vol + readOnly: true + - mountPath: /host/boot + name: boot-vol + readOnly: true + - mountPath: /host/lib/modules + name: modules-vol + readOnly: true + - mountPath: /host/usr + name: usr-vol + readOnly: true diff --git a/examples/sysdig-cloud/sysdig-rc.yaml b/examples/sysdig-cloud/sysdig-rc.yaml new file mode 100644 index 00000000000..d61f33492e2 --- /dev/null +++ b/examples/sysdig-cloud/sysdig-rc.yaml @@ -0,0 +1,80 @@ +#Use this sysdig.yaml when Daemon Sets are NOT enabled on Kubernetes (minimum version 1.1.1). If Daemon Sets are available, use the other example sysdig.yaml - that is the recommended method. + +apiVersion: v1 +kind: ReplicationController +metadata: + name: sysdig-agent + labels: + app: sysdig-agent +spec: + replicas: 100 #REQUIRED - replace with the maximum number of slave nodes in the cluster + template: + metadata: + labels: + name: sysdig-agent + spec: + volumes: + - name: docker-sock + hostPath: + path: /var/run/docker.sock + - name: dev-vol + hostPath: + path: /dev + - name: proc-vol + hostPath: + path: /proc + - name: boot-vol + hostPath: + path: /boot + - name: modules-vol + hostPath: + path: /lib/modules + - name: usr-vol + hostPath: + path: /usr + hostNetwork: true + hostPID: true + containers: + - name: sysdig-agent + image: sysdig/agent + ports: + - containerPort: 6666 + hostPort: 6666 + securityContext: + privileged: true + env: + - name: ACCESS_KEY #REQUIRED - replace with your Sysdig Cloud access key + value: 8312341g-5678-abcd-4a2b2c-33bcsd655 +# - name: K8S_DELEGATED_NODE #OPTIONAL - only necessary when connecting remotely to API server +# value: +# - name: K8S_API_URI #OPTIONAL - only necessary when connecting remotely to API server +# value: "http[s]://[username:passwd@]host[:port]" +# - name: TAGS #OPTIONAL +# value: linux:ubuntu,dept:dev,local:nyc +# - name: COLLECTOR #OPTIONAL +# value: 192.168.183.200 +# - name: SECURE #OPTIONAL +# value: false +# - name: CHECK_CERTIFICATE #OPTIONAL +# value: false +# - name: ADDITIONAL_CONF #OPTIONAL +# value: "app_checks:\n - name: nginx\n check_module: nginx\n pattern:\n comm: nginx\n conf:\n nginx_status_url: "http://localhost:{port}/nginx_status\"" + volumeMounts: + - mountPath: /host/var/run/docker.sock + name: docker-sock + readOnly: false + - mountPath: /host/dev + name: dev-vol + readOnly: false + - mountPath: /host/proc + name: proc-vol + readOnly: true + - mountPath: /host/boot + name: boot-vol + readOnly: true + - mountPath: /host/lib/modules + name: modules-vol + readOnly: true + - mountPath: /host/usr + name: usr-vol + readOnly: true \ No newline at end of file From e6f6d258b73248787b92d1f3bf565373c7e35dc6 Mon Sep 17 00:00:00 2001 From: Chris Crane <03cranec@users.noreply.github.com> Date: Fri, 22 Jul 2016 17:22:46 -0700 Subject: [PATCH 2/4] addressed comments --- examples/sysdig-cloud/README.md | 2 +- examples/sysdig-cloud/sysdig-daemonset.yaml | 3 --- examples/sysdig-cloud/sysdig-rc.yaml | 5 +---- 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/examples/sysdig-cloud/README.md b/examples/sysdig-cloud/README.md index be7cf8ccb5d..e52cfa44acf 100644 --- a/examples/sysdig-cloud/README.md +++ b/examples/sysdig-cloud/README.md @@ -1,4 +1,4 @@ -[Sysdig Cloud](http://www.sysdig.com/) is the first and only monitoring, alerting, and troubleshooting solution designed from the ground up to provide unprecedented visibility into containerized infrastructures. +[Sysdig Cloud](http://www.sysdig.com/) is a monitoring, alerting, and troubleshooting platform designed to natively support containerized and service-oriented applications. Sysdig Cloud comes with built-in, first class support for Kubernetes. In order to instrument your Kubernetes environment with Sysdig Cloud, you simply need to install the Sysdig Cloud agent container on each underlying host in your Kubernetes cluster. Sysdig Cloud will automatically begin monitoring all of your hosts, apps, pods, and services, and will also automatically connect to the Kubernetes API to pull relevant metadata about your environment. diff --git a/examples/sysdig-cloud/sysdig-daemonset.yaml b/examples/sysdig-cloud/sysdig-daemonset.yaml index e1fc1534a75..82d3dc848e0 100644 --- a/examples/sysdig-cloud/sysdig-daemonset.yaml +++ b/examples/sysdig-cloud/sysdig-daemonset.yaml @@ -8,9 +8,6 @@ metadata: app: sysdig-agent spec: template: - metadata: - labels: - name: sysdig-agent spec: volumes: - name: docker-sock diff --git a/examples/sysdig-cloud/sysdig-rc.yaml b/examples/sysdig-cloud/sysdig-rc.yaml index d61f33492e2..d088cd5355b 100644 --- a/examples/sysdig-cloud/sysdig-rc.yaml +++ b/examples/sysdig-cloud/sysdig-rc.yaml @@ -9,9 +9,6 @@ metadata: spec: replicas: 100 #REQUIRED - replace with the maximum number of slave nodes in the cluster template: - metadata: - labels: - name: sysdig-agent spec: volumes: - name: docker-sock @@ -77,4 +74,4 @@ spec: readOnly: true - mountPath: /host/usr name: usr-vol - readOnly: true \ No newline at end of file + readOnly: true From cd475fe1726366a49f6221fe12354851ba12ee18 Mon Sep 17 00:00:00 2001 From: Chris Crane <03cranec@users.noreply.github.com> Date: Mon, 25 Jul 2016 12:55:06 -0700 Subject: [PATCH 3/4] update munge docs --- examples/sysdig-cloud/README.md | 36 ++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/examples/sysdig-cloud/README.md b/examples/sysdig-cloud/README.md index e52cfa44acf..a4e5a96ea77 100644 --- a/examples/sysdig-cloud/README.md +++ b/examples/sysdig-cloud/README.md @@ -1,3 +1,32 @@ + + + + +WARNING +WARNING +WARNING +WARNING +WARNING + +

PLEASE NOTE: This document applies to the HEAD of the source tree

+ +If you are using a released version of Kubernetes, you should +refer to the docs that go with that version. + +Documentation for other releases can be found at +[releases.k8s.io](http://releases.k8s.io). + +-- + + + + + [Sysdig Cloud](http://www.sysdig.com/) is a monitoring, alerting, and troubleshooting platform designed to natively support containerized and service-oriented applications. Sysdig Cloud comes with built-in, first class support for Kubernetes. In order to instrument your Kubernetes environment with Sysdig Cloud, you simply need to install the Sysdig Cloud agent container on each underlying host in your Kubernetes cluster. Sysdig Cloud will automatically begin monitoring all of your hosts, apps, pods, and services, and will also automatically connect to the Kubernetes API to pull relevant metadata about your environment. @@ -12,7 +41,7 @@ If daemon sets are not available, then the replication controller method can be # Latest Files -See here for the latest maintained and updated versions of these example files: +See here for the latest maintained and updated versions of these example files: https://github.com/draios/sysdig-cloud-scripts/tree/master/agent_deploy/kubernetes # Install instructions @@ -20,3 +49,8 @@ https://github.com/draios/sysdig-cloud-scripts/tree/master/agent_deploy/kubernet Please see the Sysdig Cloud support site for the latest documentation: http://support.sysdigcloud.com/hc/en-us/sections/200959909 + + + +[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/examples/sysdig-cloud/README.md?pixel)]() + From 78e2110286dffe6da74ca02e52c75d759c9d8ecf Mon Sep 17 00:00:00 2001 From: Chris Crane <03cranec@users.noreply.github.com> Date: Tue, 26 Jul 2016 10:38:59 -0700 Subject: [PATCH 4/4] update munge docs again --- examples/sysdig-cloud/README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/examples/sysdig-cloud/README.md b/examples/sysdig-cloud/README.md index a4e5a96ea77..2332945cf0a 100644 --- a/examples/sysdig-cloud/README.md +++ b/examples/sysdig-cloud/README.md @@ -2,15 +2,15 @@ -WARNING -WARNING -WARNING -WARNING -WARNING

PLEASE NOTE: This document applies to the HEAD of the source tree