init_config: # Initialization retries # # if the agent is expected to start before Kubelet, # use these settings to configure the retry policy. # # init_retry_interval defines how long (in seconds) the kubelet client # will wait before retrying initialization. # Defaults to 0. # # init_retry_interval: 20 # # init_retries configures how many retries are made before failing permanently. # Defaults to 0. # # init_retries: 5 # instances: # The kubernetes check retrieves metrics from cadvisor running under kubelet on each node. # It also queries kubelet for its health and the list of local-running pods, and (optionally) # the apiserver for services and events # # By default we assume we're running under docker and # that the kubelet read-only port with no auth is enabled. # # In this case we will use the address of the default router to reach the kubelet and cadvisor APIs # unless the environment variable KUBERNETES_KUBELET_HOST is found. You can set this variable to # spec.nodeName (If your node name can be resolved by pods) or status.hostIP (for Kubernetes 1.7+) # through the downward API. See # https://kubernetes.io/docs/tasks/inject-data-application/environment-variable-expose-pod-information/ # # To enable Kubernetes State Metrics, please refer to kubernetes_states integration. # For more information, # please consult http://docs.datadoghq.com/integrations/kubernetes/#kubernetes-state-metrics # and https://github.com/DataDog/integrations-core/ on the kubernetes_state directory. # # If the read-only endpoint is disabled, the check will query kubelet over HTTPS # # To override this behavior, e.g. in the case of a standalone cadvisor instance, use the following: # # host: localhost # port: 4194 # method: http # cAdvisor port, set it to 0 if cAdvisor is unavailable # - port: 4194 # # cAdvisor host # host: localhost # # kubelet port. It needs to be set if you are not using a default one (10250 or 10255) # kubelet_port: 10255 # # apiserver url for cluster-level queries. If not configured here, the KUBERNETES_SERVICE_HOST # and KUBERNETES_SERVICE_PORT environment variables will be used # # example = "api_server_url: https://kubernetes:443" api_server_url: <%= @api_server_url %> # Client Authentication against the apiserver and kubelet # # By default the agent authenticates against the apiserver and kubelet with its service account # bearer token. If you want to specify its path, set the following option. If X509 client certificates # are set, either for the kubelet or apiserver, they will be used instead. The recommended way to expose # these files to the agent is by using Kubernetes Secrets. # # bearer_token_path: /var/run/secrets/kubernetes.io/serviceaccount/token apiserver_client_crt: <%= @apiserver_client_crt %> apiserver_client_key: <%= @apiserver_client_key %> # kubelet_client_crt: <%= @kubelet_client_crt %> kubelet_client_key: <%= @kubelet_client_key %> # Server Authentication for apiserver and kubelet # # Similarly we use the default CA cert of the agent's service account to verify the # apiserver's identity, but custom ones can be specified here. # # apiserver_ca_cert: /path/to/cacert.crt # kubelet_cert: /path/to/ca.pem # # The default for kubelet traffic is to try and use the read-only port that doesn't require TLS # and to fall back to the HTTPS API with simple TLS validation. Providing a cert forces TLS validation on. # Explicitly disabling tls_verify should be used with caution: # if an attacker sniffs the agent requests they will see the agent's service account bearer token. # # kubelet_tls_verify: True # collect_events controls whether the agent should fetch events from # the kubernetes API and ingest them in Datadog. # To avoid duplicates, only one agent at a time across the entire # cluster should have this feature enabled. # If this is difficult to achieve in your deployment, see the following # Leader election section. # To enable the feature, set the parameter to `true`. # # collect_events: false # Leader election # # Agents can perform leader election among themselves. # The leader agent will collect events from the apiserver # even if collect_events is false. # To perform the election it needs get, list, delete, create, and update # rights on ConfigMaps (this can be configured with a Cluster Role). # This makes sure we don't overload the apiserver with redundant # queries coming from every agent. # Default is false. # # leader_candidate: true # # lease duration is the duration for which a leader is elected. # It should be at least twice the check run period (15s by default) # When modifying this setting, keep in mind that the shorter # the lease duration, the more often agents will query the apiserver # Default is 5 minutes. # # leader_lease_duration: 600 # Matching the pods to Kubernetes services requires to retrieve events regularly. # To reduce the traffic to the apiserver, we only query them every 5 minutes, adding a delay # in pod -> service matching. You can configure it below (in seconds) or disable kube_service # tagging completely # # collect_service_tags: true # service_tag_update_freq: 300 # # The namespaces for which events should be collected. # If not modified, the 'default' namespace will be used. # # namespaces: # - default # The regexp used to select namespaces for which events should be collected. # The matched namespaces will be added to the "namespaces" list. # If empty, regexp selection will be ignored. # # namespace_name_regexp: # Node labels that should be collected and their name in host tags. Off by default. # Some of these labels are redundant with metadata collected by # cloud provider crawlers (AWS, GCE, Azure) # # node_labels_to_host_tags: # kubernetes.io/hostname: nodename # beta.kubernetes.io/os: os # use_histogram controls whether we send detailed metrics, i.e. one per container. # When false, we send detailed metrics corresponding to individual containers, tagging by container id # to keep them unique. # When true, we aggregate data based on container image. # # use_histogram: false # # We can define a whitelist of patterns that permit publishing raw metrics. # enabled_rates: # - cpu.* # - network.* # # enabled_gauges: # - filesystem.* # # Prefix to use when converting pod labels to metric tags, can be made empty with "" # label_to_tag_prefix: "kube_" # # Custom tags that should be applied to kubernetes metrics <% if @tags and ! @tags.empty? -%> tags: <%- Array(@tags).each do |tag| -%> <%- if tag != '' -%> - <%= tag %> <%- end -%> <%- end -%> <% end -%>