IBM Cloud Docs
Managing the Monitoring agent in a Kubernetes cluster by using a HELM chart

Managing the Monitoring agent in a Kubernetes cluster by using a HELM chart

You can use a Helm chart to install, upgrade, and delete a Monitoring agent on a Kubernetes cluster.

Before you begin

  • Install the latest release of the version 3 Helm CLI on your local machine.

    Helm is a Kubernetes package manager that uses Helm charts to define, install, and upgrade complex Kubernetes apps in your cluster. Helm charts package the specifications to generate YAML files for Kubernetes resources that build your app. These Kubernetes resources are automatically applied in your cluster and assigned a version by Helm. You can also use Helm to specify and package your own app and let Helm generate the YAML files for your Kubernetes resources.

  • Check that you have access and permissions to deploy the Monitoring agent on the cluster.

  • Verify the ibm-observe namespace is available in your cluster. The agent is deployed in this namespace.

Deploy an agent

Complete the following steps to deploy an agent by using Helm:

Step 1. Setup de Sysdig Helm repository

Add the Monitoring Helm repository to your Helm instance.

Complete the following steps:

  1. Set the cluster context.

    ibmcloud ks cluster config --cluster <CLUSTER_NAME>

  2. Add the Helm repository.

    helm repo add sysdig https://charts.sysdig.com

  3. Update the repos to retrieve the latest versions of all Helm charts.

    helm repo update

  4. List the Helm charts that are currently available for the Sysdig repo.

    helm search repo sysdig

  5. Verify the Helm chart sysdig/sysdig-deploy is listed.

If you get the following error:

helm repo add sysdig https://charts.sysdig.com    --debug
Error: context deadline exceeded
helm.go:84: [debug] context deadline exceeded

Run the following command and try again.

rm $HOME/Library/Preferences/helm/repositories.lock

Step 2. Create the values yaml file

Define a yaml file and include the values to deploy the Monitoring agent and the Workload Protection components that you plan to deploy. For example, name the file agent-values-monitor-secure.yaml.

The following yaml is a template that you can use to configure the Monitoring agent and the Workload Protection components. You can customize the file by removing or commenting with # the sections that are not required for your agent deployment.

global:
  clusterConfig:
    name: CLUSTER_NAME
  sysdig:
    accessKey: MONITORING_INSTANCE_ACCESS_KEY
    secureAPIToken: SECURE_TOKEN
  kspm:
    deploy: true
agent:
  image:
    tag: AGENT_TAG
    registry: icr.io
  slim:
    enabled: true
    image:
      repository: ext/sysdig/agent-slim
    kmoduleImage:
      repository: ext/sysdig/agent-kmodule
  collectorSettings:
    collectorHost: INGESTION_ENDPOINT    # for example, ingest.eu-gb.monitoring.cloud.ibm.com
nodeAnalyzer:
  nodeAnalyzer:
    deploy: true
    apiEndpoint: API_ENDPOINT   # for example, eu-gb.monitoring.cloud.ibm.com
    benchmarkRunner:
      deploy: false
kspmCollector:
  apiEndpoint: API_ENDPOINT    # for example, eu-gb.monitoring.cloud.ibm.com
admissionController:
  enabled: true
  sysdig:
    url: WEB_UI_ENDPOINT    # for example, https://ingest.eu-gb.monitoring.cloud.ibm.com
  clusterName: CLUSTER_NAME

Where

  • CLUSTER_NAME is the name of the cluster where you are deploying the agent.
  • MONITORING_INSTANCE_ACCESS_KEY is the Monitoring instance access key.
  • SECURE_TOKEN is the Secure API token.
  • AGENT_TAG is the version of the agent that you plan to deploy.
  • INGESTION_ENDPOINT is the instance's ingestion endpoint.
  • API_ENDPOINT is the intance's API endpoint.
  • WEB_UI_ENDPOINT is the instance's web UI endpoint.

Sample of values yaml file to deploy the agent

For example, see the following sample of a values file that deploys the Monitoring agent only:

global:
  clusterConfig:
    name: mycluster-au-syd
  sysdig:
    accessKey: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
    secureAPIToken: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
  kspm:
    deploy: true
agent:
  image:
    registry: icr.io
  slim:
    enabled: true
    image:
      repository: ext/sysdig/agent-slim
    kmoduleImage:
      repository: ext/sysdig/agent-kmodule
  collectorSettings:
    collectorHost: ingest.au-syd.monitoring.cloud.ibm.com

Sample of values yaml file to deploy the agent and the Node Analyzer

For example, see the following sample of a values file that deploys the Monitoring agent and the Node Analyzer component:

global:
  clusterConfig:
    name: mycluster-au-syd
  sysdig:
    accessKey: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
    secureAPIToken: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
  kspm:
    deploy: true
agent:
  image:
    registry: icr.io
  slim:
    enabled: true
    image:
      repository: ext/sysdig/agent-slim
    kmoduleImage:
      repository: ext/sysdig/agent-kmodule
  collectorSettings:
    collectorHost: ingest.au-syd.monitoring.cloud.ibm.com
nodeAnalyzer:
  nodeAnalyzer:
    deploy: true
    apiEndpoint: API_ENDPOINT   # for example, eu-gb.monitoring.cloud.ibm.com
    benchmarkRunner:
      deploy: false

Step 3. Install the helm chart

To deploy the agent, the Workload Protection components, or both, you must install the sysdig/sysdig-deploy chart and use the variables yaml file that you configured in the previous step.

Run the following command to install the agent by using the helm chart:

helm install -n ibm-observe sysdig-agent sysdig/sysdig-deploy -f agent-values-monitor-secure.yaml

If you encounter the following error: Error: INSTALLATION FAILED: Kubernetes cluster unreachable: xxxxxx failed to refresh token: oauth2: cannot fetch token: 400 Bad Request, set your cluster context and try again.

Update an agent

To update the agent version by using Helm, complete the following steps:

  1. Update the chart.

    helm repo update

  2. Find the values yaml file that you used to deploy the agent and modify the agent.image.tag with the version of the agent that you want to deploy.

  3. Upgrade the agent.

    helm upgrade -n ibm-observe sysdig-agent sysdig/sysdig-deploy -f agent-values-monitor-secure.yaml

Remove an agent

To delete the agent by using Helm, you must uninstall the chart.

Complete the following steps:

  1. List the charts that are installed.

    helm list -n ibm-observe

    The output of the command lists charts as follows:

    NAME        	NAMESPACE  	REVISION	UPDATED                             	STATUS  	CHART              	APP VERSION
sysdig-agent	ibm-observe	1       	2023-03-24 15:02:58.408108 +0100 CET	deployed	sysdig-deploy-1.6.3

  2. Uninstall the chart.

    helm delete sysdig-agent  -n ibm-observe

    In terms of Helm, sysdig-agent is the name of teh release.

    If you forget to include the namespace in the command, you get the folloqing error: Error: uninstall: Release not loaded: sysdig-agent: release: not found.