Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding Sysdig Cloud example #29086

Merged
merged 5 commits into from
Aug 10, 2016
Merged

Adding Sysdig Cloud example #29086

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
cd7f4ab
Adding Sysdig Cloud example
03cranec Jul 18, 2016
e6f6d25
addressed comments
03cranec Jul 23, 2016
cd475fe
update munge docs
03cranec Jul 25, 2016
6e2dee5
Merge remote-tracking branch 'kubernetes/master'
03cranec Jul 26, 2016
78e2110
update munge docs again
03cranec Jul 26, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
56 changes: 56 additions & 0 deletions examples/sysdig-cloud/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
<!-- BEGIN MUNGE: UNVERSIONED_WARNING -->

<!-- BEGIN STRIP_FOR_RELEASE -->

<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"
width="25" height="25">
<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"
width="25" height="25">
<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"
width="25" height="25">
<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"
width="25" height="25">
<img src="http://kubernetes.io/kubernetes/img/warning.png" alt="WARNING"
width="25" height="25">

<h2>PLEASE NOTE: This document applies to the HEAD of the source tree</h2>

If you are using a released version of Kubernetes, you should
refer to the docs that go with that version.

Documentation for other releases can be found at
[releases.k8s.io](http://releases.k8s.io).
</strong>
--

<!-- END STRIP_FOR_RELEASE -->

<!-- END MUNGE: UNVERSIONED_WARNING -->

[Sysdig Cloud](http://www.sysdig.com/) is a monitoring, alerting, and troubleshooting platform designed to natively support containerized and service-oriented applications.

Sysdig Cloud comes with built-in, first class support for Kubernetes. In order to instrument your Kubernetes environment with Sysdig Cloud, you simply need to install the Sysdig Cloud agent container on each underlying host in your Kubernetes cluster. Sysdig Cloud will automatically begin monitoring all of your hosts, apps, pods, and services, and will also automatically connect to the Kubernetes API to pull relevant metadata about your environment.

# Example Installation Files

Provided here are two example sysdig.yaml files that can be used to automatically deploy the Sysdig Cloud agent container across a Kubernetes cluster.

The recommended method is using daemon sets - minimum kubernetes version 1.1.1.

If daemon sets are not available, then the replication controller method can be used (based on [this hack](https://stackoverflow.com/questions/33377054/how-to-require-one-pod-per-minion-kublet-when-configuring-a-replication-controll/33381862#33381862 )).

# Latest Files

See here for the latest maintained and updated versions of these example files:
https://github.com/draios/sysdig-cloud-scripts/tree/master/agent_deploy/kubernetes

# Install instructions

Please see the Sysdig Cloud support site for the latest documentation:
http://support.sysdigcloud.com/hc/en-us/sections/200959909



<!-- BEGIN MUNGE: GENERATED_ANALYTICS -->
[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/examples/sysdig-cloud/README.md?pixel)]()
<!-- END MUNGE: GENERATED_ANALYTICS -->
69 changes: 69 additions & 0 deletions examples/sysdig-cloud/sysdig-daemonset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
#Use this sysdig.yaml when Daemon Sets are enabled on Kubernetes (minimum version 1.1.1). Otherwise use the RC method.

apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: sysdig-agent
labels:
app: sysdig-agent
spec:
template:
spec:
volumes:
- name: docker-sock
hostPath:
path: /var/run/docker.sock
- name: dev-vol
hostPath:
path: /dev
- name: proc-vol
hostPath:
path: /proc
- name: boot-vol
hostPath:
path: /boot
- name: modules-vol
hostPath:
path: /lib/modules
- name: usr-vol
hostPath:
path: /usr
hostNetwork: true
hostPID: true
containers:
- name: sysdig-agent
image: sysdig/agent
securityContext:
privileged: true
env:
- name: ACCESS_KEY #REQUIRED - replace with your Sysdig Cloud access key
value: 8312341g-5678-abcd-4a2b2c-33bcsd655
# - name: TAGS #OPTIONAL
# value: linux:ubuntu,dept:dev,local:nyc
# - name: COLLECTOR #OPTIONAL - on-prem install only
# value: 192.168.183.200
# - name: SECURE #OPTIONAL - on-prem install only
# value: false
# - name: CHECK_CERTIFICATE #OPTIONAL - on-prem install only
# value: false
# - name: ADDITIONAL_CONF #OPTIONAL pass additional parameters to the agent such as authentication example provided here
# value: "k8s_uri: https://myacct:mypass@localhost:4430\nk8s_ca_certificate: k8s-ca.crt\nk8s_ssl_verify_certificate: true"
volumeMounts:
- mountPath: /host/var/run/docker.sock
name: docker-sock
readOnly: false
- mountPath: /host/dev
name: dev-vol
readOnly: false
- mountPath: /host/proc
name: proc-vol
readOnly: true
- mountPath: /host/boot
name: boot-vol
readOnly: true
- mountPath: /host/lib/modules
name: modules-vol
readOnly: true
- mountPath: /host/usr
name: usr-vol
readOnly: true
77 changes: 77 additions & 0 deletions examples/sysdig-cloud/sysdig-rc.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
#Use this sysdig.yaml when Daemon Sets are NOT enabled on Kubernetes (minimum version 1.1.1). If Daemon Sets are available, use the other example sysdig.yaml - that is the recommended method.

apiVersion: v1
kind: ReplicationController
metadata:
name: sysdig-agent
labels:
app: sysdig-agent
spec:
replicas: 100 #REQUIRED - replace with the maximum number of slave nodes in the cluster
template:
spec:
volumes:
- name: docker-sock
hostPath:
path: /var/run/docker.sock
- name: dev-vol
hostPath:
path: /dev
- name: proc-vol
hostPath:
path: /proc
- name: boot-vol
hostPath:
path: /boot
- name: modules-vol
hostPath:
path: /lib/modules
- name: usr-vol
hostPath:
path: /usr
hostNetwork: true
hostPID: true
containers:
- name: sysdig-agent
image: sysdig/agent
ports:
- containerPort: 6666
hostPort: 6666
securityContext:
privileged: true
env:
- name: ACCESS_KEY #REQUIRED - replace with your Sysdig Cloud access key
value: 8312341g-5678-abcd-4a2b2c-33bcsd655
# - name: K8S_DELEGATED_NODE #OPTIONAL - only necessary when connecting remotely to API server
# value: <DELEGATED NODE IP>
# - name: K8S_API_URI #OPTIONAL - only necessary when connecting remotely to API server
# value: "http[s]://[username:passwd@]host[:port]"
# - name: TAGS #OPTIONAL
# value: linux:ubuntu,dept:dev,local:nyc
# - name: COLLECTOR #OPTIONAL
# value: 192.168.183.200
# - name: SECURE #OPTIONAL
# value: false
# - name: CHECK_CERTIFICATE #OPTIONAL
# value: false
# - name: ADDITIONAL_CONF #OPTIONAL
# value: "app_checks:\n - name: nginx\n check_module: nginx\n pattern:\n comm: nginx\n conf:\n nginx_status_url: "http://localhost:{port}/nginx_status\""
volumeMounts:
- mountPath: /host/var/run/docker.sock
name: docker-sock
readOnly: false
- mountPath: /host/dev
name: dev-vol
readOnly: false
- mountPath: /host/proc
name: proc-vol
readOnly: true
- mountPath: /host/boot
name: boot-vol
readOnly: true
- mountPath: /host/lib/modules
name: modules-vol
readOnly: true
- mountPath: /host/usr
name: usr-vol
readOnly: true