Komodor agents are deployed as a daemonset in every cluster with a simple Helm command, allowing for the monitoring of every Pod, Node, Workload, Job and Deployment.
Cloud and Distribution Requirements
-
Agents can be installed in any datacenter or cloud provider, any distribution. Komodor is provider and Distribution agnostic.
- EKS, AKS, GKE, OpenShift, Rancher, roll-your-own in a VM, on-prem
- Komodor agents are required to have network access to communicate over an encrypted TLS connection to our SaaS platform
Can Komodor be installed in a fully air-gapped environment?
- Cluster agents are required to communicate with the Komodor application layer hosted as SaaS in AWS.
- If your Clusters are air-gapped in the strictest sense of the definition - zero access to the outside internet, ever - then Komodor would not work correctly.
1) Mirroring Images
- For best performance, we recommend you mirror all images hosted under public.ecr.aws/komodor-public to your local image repository
- If you are unable to access ECR, we also host in Dockerhub
2) Local Helm
- Komodor agents are installed via Helm chart
helm repo add komodorio https://helm-charts.komodor.io ; helm repo update- If you are mirroring charts, your friendly local helm chart will need an update for imageRepo in this location.
3) Network / firewall requirements
- Ensure firewall rules allow images to be pulled from public.ecr.aws/komodor-public or docker hub
- Ensure app.komodor.com and telemetry.komodor.com are allowlisted.
- Ensure websocket connections are allowed between komodor-agent and app.komodor.com (port 443)
- Ensure any image scanning rules whitelist komodor-agent
4) Run the Memory Planning Utility
Before installing the Komodor agent, we recommend running our memory checker utility to analyze your cluster's resource requirements and determine appropriate memory limits. This helps prevent out-of-memory issues and ensures optimal performance.
Running the Utility - Quick Memory Analysis
# Clone or download and apply the memory planning utility resources - They will be installed in the 'komodor-precheck' namespace kubectl apply -f https://raw.githubusercontent.com/komodorio/helm-charts/master/charts/komodor-agent/utilities/memory-planning/01-namespace.yaml kubectl apply -f https://raw.githubusercontent.com/komodorio/helm-charts/master/charts/komodor-agent/utilities/memory-planning/02-configmap.yaml kubectl apply -f https://raw.githubusercontent.com/komodorio/helm-charts/master/charts/komodor-agent/utilities/memory-planning/03-serviceaccount.yaml kubectl apply -f https://raw.githubusercontent.com/komodorio/helm-charts/master/charts/komodor-agent/utilities/memory-planning/04-clusterrole.yaml kubectl apply -f https://raw.githubusercontent.com/komodorio/helm-charts/master/charts/komodor-agent/utilities/memory-planning/05-clusterrolebinding.yaml kubectl apply -f https://raw.githubusercontent.com/komodorio/helm-charts/master/charts/komodor-agent/utilities/memory-planning/06-job.yaml # Monitor the analysis kubectl logs -f job/komodor-memory-checker -n komodor-precheck # View results and recommendations kubectl logs job/komodor-memory-checker -n komodor-precheck | grep -A 10 "MEMORY RECOMMENDATIONS" # Clean up after analysis kubectl delete namespace komodor-precheck
Using the Results
- Instructions for how to apply these results to your agent configuration are in the section below
- For more configuration options, see the Memory Planning Utility Documentation.
Installing the Komodor Agent
To connect a cluster, the user either needs the OOTB Account-Admin role or a custom policy that includes 'manage:agents'.
Adding Clusters via the UI
If there are Zero clusters in your account, there will be a large prompt to add a cluster when you first login into the UI
-
Select ‘Connect new cluster’ under the Clusters scope from the left navigation panel
-
In the 'Set Up Komodor' popup, populate a cluster name. What you add here is what the cluster's display name will be for all users in Komodor.
- Clicking 'Next' results in a Helm command in the format below. Open up a terminal session to your cluster and run
helm install komodor-agent komodorio/komodor-agent --set apiKey=akeyhere --set clusterName=whatever-you-likeNote: The API key that is generated in from the UI in this command is unique to your account and can be used programmatically
To apply the memory recommendations from the Memory Planning utility in your Helm install command:
helm upgrade --install komodor-agent komodorio/komodor-agent \ --set apiKey=<YOUR_API_KEY_HERE> \ --set clusterName=<CLUSTER_NAME> \ --set components.komodorAgent.watcher.resources.requests.memory=<RECOMMENDED_REQUEST> \ --set components.komodorAgent.watcher.resources.limits.memory=<RECOMMENDED_LIMIT>
Adding Clusters programmatically
- After connecting the 1st account via UI, the API key returned can be used to install the agent in multiple clusters via CI/CD or bash automation with the Helm command
-
For ArgoCD, here is a template you may use
apiVersion: v1 kind: Secret metadata: name: komodor-agent-secrets namespace: komodor type: Opaque stringData: apiKey: POPULATE_API_KEY_HERE # Get API Key from https://app.komodor.com/settings/agents --- apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: komodor-agent namespace: argocd spec: project: default source: repoURL: https://helm-charts.komodor.io/ targetRevision: 2.12.0 chart: komodor-agent helm: values: | clusterName: "POPULATE_CLUSTER_NAME_HERE" apiKeySecret: komodor-agent-secrets destination: server: https://kubernetes.default.svc namespace: komodor syncPolicy: automated: prune: true selfHeal: true syncOptions: - CreateNamespace=true Collapse
Advanced Agent Configuration
Deleting a Komodor Agent from a Cluster
- Uninstall the deployment via the Helm chart
helm uninstall komodor-agent
Comments
0 comments
Article is closed for comments.