This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Centralized ActiveGate for numerous k8s clusters instead of containerized ActiveGates

Roman_Asa
Newcomer

‎03 Jun 2025 12:07 PM

Hi,

We are currently running Dynatrace ActiveGates within each of our Kubernetes clusters. However, our clusters are relatively small and due to the high resource demands of Dynatrace components—especially ActiveGate—we’ve been forced to use large EC2 instances instead of medium ones just to accommodate the load.

We attempted to reduce the CPU requests and limits of the ActiveGates within the clusters, but this led to CPU throttling.

To optimize our resource usage and reduce costs, we would like to explore the possibility of having a single shared ActiveGate running on an EC2 instance outside the clusters, and have all the clusters connect to it.

Can you advise on the best way to configure this setup? Specifically:

  • What are the required network settings or firewall rules?

  • How do we configure the OneAgent/Operator in each cluster to point to this external ActiveGate?

  • Are there any limitations or known issues with this kind of architecture?

Thanks

@Yosi_Neuman 

Labels:
Reply
2 REPLIES 2

Yosi_Neuman
DynaMight Guru
DynaMight Guru

‎03 Jun 2025 05:33 PM

Hi @Roman_Asa 

Did you managed to switch off the connect containerized ActiveGate to local Kubernetes API endpoint that you found and get the right Kubernetes Bearer Token to access K8S API from the remote AG?  

Yosi_Neuman_0-1748967988744.png

All the best and stay safe

Yos 

dynatrace certificated professional - dynatrace master partner - Matrix Soft Ware Division - Israel
Reply

Roman_Asa
Newcomer
In response to Yosi_Neuman

‎03 Jun 2025 07:46 PM

Yes I managed to find Kubernetes Bearer Token using the following command:

 

kubectl get secret dynatrace-monitoring -o jsonpath='{.data.token}' -n dynatrace | base64 --decode

 

Thanks for the help Yos!

Reply
Ask a question

Featured Posts