24 Sep 2024 06:42 AM - last edited on 25 Sep 2024 06:51 AM by MaciejNeumann
Hi All
Im very new to Dynatrace and Kubenetes
We have an activegate and I have installed one agent on several VMs. Everything is going via the proxy and working.
However, Im having lots of trouble getting the monitoring of kubenetes working - most of the issue are about proxy and firewalls. What I would really love is the method of downloading separately so I can avoid these issues.
Eg: The instructions say "helm install dynatrace-operator oci://public.ecr.aws/dynatrace/dynatrace-operator" however despite adding public.ecr.aws to our proxy and firewall rules the traffic doesnt flow, we see from packet capture its being forwarded to another address - so we add that too and we still get nowhere.
At the moment I have downloaded the content from: Releases · Dynatrace/dynatrace-operator (github.com) and run
kubectl create namespace dynatrace
kubectl apply -f kubernetes.yaml
apply -f kubernetes-csi.yaml
However, as expected the things are trying to download:
[root@prod-k8s-mast-n1a ~]# kubectl get pods -n dynatrace
NAME READY STATUS RESTARTS AGE
dynatrace-oneagent-csi-driver-69v9k 0/4 Init:ImagePullBackOff 0 19m
dynatrace-oneagent-csi-driver-b94zd 0/4 Init:ImagePullBackOff 0 19m
dynatrace-oneagent-csi-driver-gwqx8 0/4 Init:ImagePullBackOff 0 19m
dynatrace-oneagent-csi-driver-hzt7m 0/4 Init:ImagePullBackOff 0 19m
dynatrace-oneagent-csi-driver-ll4l9 0/4 Init:ImagePullBackOff 0 19m
dynatrace-oneagent-csi-driver-w7n2l 0/4 Init:ImagePullBackOff 0 19m
dynatrace-oneagent-csi-driver-z9sg4 0/4 Init:ImagePullBackOff 0 19m
dynatrace-operator-94d65c56c-k8xx6 0/1 ImagePullBackOff 0 19m
dynatrace-webhook-56bd655b8b-4rzhc 0/1 ImagePullBackOff 0 19m
dynatrace-webhook-56bd655b8b-h6hv4 0/1 ImagePullBackOff 0 19m
How can I do this in an offline mode
OR
tell this system to use a proxy and what URLs are needed in firewalls and proxy ACLs?
Thanks in advance.
24 Sep 2024 07:21 AM
@BevanBroun you need to copy the images to your local repository, where your k8s can download images as your environment cannot access public repositories directly. See https://docs.dynatrace.com/docs/shortlink/prepare-private-registry for details on how to copy images.
After you have images in your repository, follow the steps here: https://docs.dynatrace.com/docs/shortlink/use-private-registry for deploying the Dynatrace operator in an air-gapped environment.
25 Sep 2024 08:46 PM
Thanks Julius - Ill be trying this shortly. BTW we are not completely air-gapped. The problem is redirects and proxy/firewall/url lists.