| init_config: |
| # Initialization retries |
| # |
| # if the agent is expected to start before Kubelet, |
| # use these settings to configure the retry policy. |
| # |
| # init_retry_interval defines how long (in seconds) the kubelet client |
| # will wait before retrying initialization. |
| # Defaults to 0. |
| # |
| # init_retry_interval: 20 |
| # |
| # init_retries configures how many retries are made before failing permanently. |
| # Defaults to 0. |
| # |
| # init_retries: 5 |
| |
| # instances: |
| # The kubernetes check retrieves metrics from cadvisor running under kubelet on each node. |
| # It also queries kubelet for its health and the list of local-running pods, and (optionally) |
| # the apiserver for services and events |
| # |
| # By default we assume we're running under docker and |
| # that the kubelet read-only port with no auth is enabled. |
| # |
| # In this case we will use the address of the default router to reach the kubelet and cadvisor APIs |
| # unless the environment variable KUBERNETES_KUBELET_HOST is found. You can set this variable to |
| # spec.nodeName (If your node name can be resolved by pods) or status.hostIP (for Kubernetes 1.7+) |
| # through the downward API. See |
| # https://kubernetes.io/docs/tasks/inject-data-application/environment-variable-expose-pod-information/ |
| # |
| # To enable Kubernetes State Metrics, please refer to kubernetes_states integration. |
| # For more information, |
| # please consult http://docs.datadoghq.com/integrations/kubernetes/#kubernetes-state-metrics |
| # and https://github.com/DataDog/integrations-core/ on the kubernetes_state directory. |
| # |
| # If the read-only endpoint is disabled, the check will query kubelet over HTTPS |
| # |
| # To override this behavior, e.g. in the case of a standalone cadvisor instance, use the following: |
| # |
| # host: localhost |
| # port: 4194 |
| # method: http |
| |
| # cAdvisor port, set it to 0 if cAdvisor is unavailable |
| # - port: 4194 |
| # |
| # cAdvisor host |
| # host: localhost |
| # |
| # kubelet port. It needs to be set if you are not using a default one (10250 or 10255) |
| # kubelet_port: 10255 |
| # |
| # apiserver url for cluster-level queries. If not configured here, the KUBERNETES_SERVICE_HOST |
| # and KUBERNETES_SERVICE_PORT environment variables will be used |
| # |
| # example = "api_server_url: https://kubernetes:443" |
| api_server_url: <%= @api_server_url %> |
| |
| # Client Authentication against the apiserver and kubelet |
| # |
| # By default the agent authenticates against the apiserver and kubelet with its service account |
| # bearer token. If you want to specify its path, set the following option. If X509 client certificates |
| # are set, either for the kubelet or apiserver, they will be used instead. The recommended way to expose |
| # these files to the agent is by using Kubernetes Secrets. |
| # |
| # bearer_token_path: /var/run/secrets/kubernetes.io/serviceaccount/token |
| apiserver_client_crt: <%= @apiserver_client_crt %> |
| apiserver_client_key: <%= @apiserver_client_key %> |
| # |
| kubelet_client_crt: <%= @kubelet_client_crt %> |
| kubelet_client_key: <%= @kubelet_client_key %> |
| |
| # Server Authentication for apiserver and kubelet |
| # |
| # Similarly we use the default CA cert of the agent's service account to verify the |
| # apiserver's identity, but custom ones can be specified here. |
| # |
| # apiserver_ca_cert: /path/to/cacert.crt |
| # kubelet_cert: /path/to/ca.pem |
| # |
| # The default for kubelet traffic is to try and use the read-only port that doesn't require TLS |
| # and to fall back to the HTTPS API with simple TLS validation. Providing a cert forces TLS validation on. |
| # Explicitly disabling tls_verify should be used with caution: |
| # if an attacker sniffs the agent requests they will see the agent's service account bearer token. |
| # |
| # kubelet_tls_verify: True |
| |
| # collect_events controls whether the agent should fetch events from |
| # the kubernetes API and ingest them in Datadog. |
| # To avoid duplicates, only one agent at a time across the entire |
| # cluster should have this feature enabled. |
| # If this is difficult to achieve in your deployment, see the following |
| # Leader election section. |
| # To enable the feature, set the parameter to `true`. |
| # |
| # collect_events: false |
| |
| # Leader election |
| # |
| # Agents can perform leader election among themselves. |
| # The leader agent will collect events from the apiserver |
| # even if collect_events is false. |
| # To perform the election it needs get, list, delete, create, and update |
| # rights on ConfigMaps (this can be configured with a Cluster Role). |
| # This makes sure we don't overload the apiserver with redundant |
| # queries coming from every agent. |
| # Default is false. |
| # |
| # leader_candidate: true |
| # |
| # lease duration is the duration for which a leader is elected. |
| # It should be at least twice the check run period (15s by default) |
| # When modifying this setting, keep in mind that the shorter |
| # the lease duration, the more often agents will query the apiserver |
| # Default is 5 minutes. |
| # |
| # leader_lease_duration: 600 |
| |
| # Matching the pods to Kubernetes services requires to retrieve events regularly. |
| # To reduce the traffic to the apiserver, we only query them every 5 minutes, adding a delay |
| # in pod -> service matching. You can configure it below (in seconds) or disable kube_service |
| # tagging completely |
| # |
| # collect_service_tags: true |
| # service_tag_update_freq: 300 |
| # |
| # The namespaces for which events should be collected. |
| # If not modified, the 'default' namespace will be used. |
| # |
| # namespaces: |
| # - default |
| |
| # The regexp used to select namespaces for which events should be collected. |
| # The matched namespaces will be added to the "namespaces" list. |
| # If empty, regexp selection will be ignored. |
| # |
| # namespace_name_regexp: |
| |
| # Node labels that should be collected and their name in host tags. Off by default. |
| # Some of these labels are redundant with metadata collected by |
| # cloud provider crawlers (AWS, GCE, Azure) |
| # |
| # node_labels_to_host_tags: |
| # kubernetes.io/hostname: nodename |
| # beta.kubernetes.io/os: os |
| |
| # use_histogram controls whether we send detailed metrics, i.e. one per container. |
| # When false, we send detailed metrics corresponding to individual containers, tagging by container id |
| # to keep them unique. |
| # When true, we aggregate data based on container image. |
| # |
| # use_histogram: false |
| # |
| # We can define a whitelist of patterns that permit publishing raw metrics. |
| # enabled_rates: |
| # - cpu.* |
| # - network.* |
| # |
| # enabled_gauges: |
| # - filesystem.* |
| # |
| # Prefix to use when converting pod labels to metric tags, can be made empty with "" |
| # label_to_tag_prefix: "kube_" |
| # |
| # Custom tags that should be applied to kubernetes metrics |
| <% if @tags and ! @tags.empty? -%> |
| tags: |
| <%- Array(@tags).each do |tag| -%> |
| <%- if tag != '' -%> |
| - <%= tag %> |
| <%- end -%> |
| <%- end -%> |
| <% end -%> |