Komodor agents are deployed as a daemonset in every cluster with a simple Helm command, allowing for the monitoring of every Pod, Node, Workload, Job and Deployment.
Cloud and Distribution Requirements
-
Agents can be installed in any datacenter or cloud provider, any distribution. Komodor is provider and Distribution agnostic.
- EKS, AKS, GKE, OpenShift, Rancher, roll-your-own in a VM, on-prem
- Komodor agents are required to have network access to communicate over an encrypted TLS connection to our SaaS platform
Can Komodor be installed in a fully air-gapped environment?
- Cluster agents are required to communicate with the Komodor application layer hosted as SaaS in AWS.
- If your Clusters are air-gapped in the strictest sense of the definition - zero access to the outside internet, ever - then Komodor would not work correctly.
- Komodor does not have an on-prem variant of our application layer.
1) Mirroring Images
- For best performance, we recommend you mirror all images hosted under public.ecr.aws/komodor-public to your local image repository
- If you are unable to access ECR, we also host in Dockerhub
2) Local Helm
- Komodor agents are installed via Helm chart
helm repo add komodorio https://helm-charts.komodor.io ; helm repo update- If you are mirroring charts, your friendly local helm chart will need an update for imageRepo in this location.
3) Network / firewall requirements
- Ensure firewall rules allow images to be pulled from public.ecr.aws/komodor-public or docker hub
- Ensure app.komodor.com and telemetry.komodor.com are allowlisted.
- Ensure websocket connections are allowed between komodor-agent and app.komodor.com (port 443)
- Ensure any image scanning rules whitelist komodor-agent
Installing the Komodor Agent
To connect a cluster, the user either needs the OOTB Account-Admin role or a custom policy that includes 'manage:agents'.
Adding Clusters via the UI
If there are Zero clusters in your account, there will be a large prompt to add a cluster when you first login into the UI
-
Select ‘Connect new cluster’ under the Clusters scope from the left navigation panel
-
In the 'Set Up Komodor' popup, populate a cluster name. What you add here is what the cluster's display name will be for all users in Komodor.
- Clicking 'Next' results in a Helm command in the format below. Open up a terminal session to your cluster and run
helm install komodor-agent komodorio/komodor-agent --set apiKey=akeyhere --set clusterName=whatever-you-likeThe API key that is generated in from the UI in this command is unique to your account and can be used programmatically
Adding Clusters programmatically
- After connecting the 1st account via UI, the API key returned can be used to install the agent in multiple clusters via CI/CD or bash automation with the Helm command
-
For ArgoCD, here is a template you may use
apiVersion: v1 kind: Secret metadata: name: komodor-agent-secrets namespace: komodor type: Opaque stringData: apiKey: POPULATE_API_KEY_HERE # Get API Key from https://app.komodor.com/settings/agents --- apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: komodor-agent namespace: argocd spec: project: default source: repoURL: https://helm-charts.komodor.io/ targetRevision: 2.12.0 chart: komodor-agent helm: values: | clusterName: "POPULATE_CLUSTER_NAME_HERE" apiKeySecret: komodor-agent-secrets destination: server: https://kubernetes.default.svc namespace: komodor syncPolicy: automated: prune: true selfHeal: true syncOptions: - CreateNamespace=true Collapse
Advanced Agent Configuration
Deleting a Komodor Agent from a Cluster
- Uninstall the deployment via the Helm chart
helm uninstall komodor-agent
Comments
0 comments
Article is closed for comments.