This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Tags applied by Kubernetes??

Go to solution
jordan_rose
Helper

‎30 Jul 2020 08:39 PM

Notice below that some of our tags are "applied by kubernetes". We cannot figure how this is done and are looking for insight. Can someone point me in the right direction to find out how these tags are applied by kubernetes.

Labels:
0 Kudos
Reply
11 REPLIES 11

Go to solution
ChadTurner
DynaMight Legend
DynaMight Legend

‎30 Jul 2020 09:24 PM

These are tags that you have imported from Kubernetes. Hence why it has [Kubernetes] in brackets. You can see more of an explanation here: https://www.dynatrace.com/support/help/technology-support/cloud-platforms/kubernetes/other-deploymen...

-Chad
Reply

Go to solution
jordan_rose
Helper
In response to ChadTurner

‎30 Jul 2020 09:41 PM

Thanks for the response. I guess I'm missing something still though. I don't see where the doc mentions these tags being imported or created without an automated tagging rule in Dynatrace

Reply

Go to solution
dave_mauney
Dynatrace Champion
Dynatrace Champion
In response to jordan_rose

‎30 Jul 2020 10:28 PM

Line 1: "Dynatrace automatically derives tags from your Kubernetes/OpenShift labels."

So, do you recognize these as Kubernetes labels defined in your k8s?



Reply

Go to solution
jordan_rose
Helper
In response to dave_mauney

‎30 Jul 2020 10:54 PM

Ahh right there at the top, I see it now. I will ask the Kubernetes admin about it thank you....

Reply

Go to solution
Radu
Dynatrace Champion
Dynatrace Champion

‎31 Jul 2020 08:39 AM

Hi Jordan,

The OneAgent will use the Kuberentes REST API to read all the metadata at deployment time. So as long as the service accounts under which the pods are running are given view access (via rolebinding or clusterrolebinding objects) they are able to read labels and annotations and translate them automaticallly intro Dynatrace tags and metadata. Your labels will appear as tags with the [Kubernetes] context, whereas annotations will appear as custom metadata at the Process-level in Dynatrace.

The command you see at the at the bottom of the docs page is a generic one that can be used to give the viewer role to all default service accounts in a namespace. This works in most cases, but it will have to be tailored if non-default service accounts are used for any of the pods.

Best regards,

Radu

Reply

Go to solution
jordan_rose
Helper
In response to Radu

‎31 Jul 2020 01:09 PM

Thank you for the answer...

Reply

Go to solution
gmichels
Guide
In response to Radu

‎24 Sep 2020 06:22 PM

Hey


as long as the service accounts under which the pods are running are given view access

Can you clarify which pods? The OneAgent pods? Or all application pods?


Thanks

0 Kudos
Reply

Go to solution
steventorrestam
Participant
In response to Radu

‎30 Aug 2023 04:13 PM

Hello, is this still possible and if so, can you report the link in your comment. It seems to go to a 404 page. 

Reply

Go to solution
asant257
Guide
In response to steventorrestam

‎24 Apr 2024 01:57 PM

I do see 404 error

0 Kudos
Reply

Go to solution
BenjaminGT
Guide
In response to asant257

‎24 Apr 2024 07:30 PM - edited ‎25 Apr 2024 03:56 PM

I think this is the replacement page:
https://docs.dynatrace.com/docs/platform-modules/infrastructure-monitoring/container-platform-monito...

We may have a way to do this at a cluster level, rather than per namespace/account pair:

kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: dynatrace-oneagent-metadata-viewer
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: dynatrace-oneagent-metadata-viewer-binding
subjects:
- kind: Group
name: system:serviceaccounts
apiGroup: ""
roleRef:
kind: ClusterRole
name: dynatrace-oneagent-metadata-viewer
apiGroup: ""

We just made sure to have the subjects include a list of groups (such as the built-in system:serviceaccounts one above)

0 Kudos
Reply

Go to solution
netfreq
Participant
In response to BenjaminGT

‎25 Apr 2024 05:25 PM

I know the Dynatrace docs state "As a result, Kubernetes processes monitored in your Dynatrace environment will have Kubernetes labels attached as Kubernetes tags. For namespaces, pods, and workloads, Kubernetes tags are not evaluated."

 

As a result, Kubernetes processes monitored in your Dynatrace environment will have Kubernetes labels attached as Kubernetes tags. For namespaces, pods, and workloads, Kubernetes tags are not evaluated." for this "solution" if someone finds a way we can use it to apply labels to containers/pods, deployments, services and namespaces (to ingest lables the to make available in Dynatrace as tags.... I would be forever in your debt... We have been trying for just over a year to get this to work... We just want when a deployment or namespace crosses some threshold, when it throws an alert we can have tags attached to the CIs for we can do things like Pager Duty Orchestration to route the alert to the right teams, service now bucket, ms teams notification, PD alert group.... etc etc.... we were able to get the k8s labels to populate Dynatrace Ownership, and this is great... but ts GUI only, you cant use any of the ownership data (or even that label) in DT for 3rd party alerting.
If you have Dynatrace SaaS and are using the cloud agent to monitor k8s (in aws( ping me... maybe I can help set up a 15-30min test to see if SaaS fixes this... but our company is hung up still uing Managed with full stack One Agent clients.  😞

 

Thanks all!!
-John Sweeney 904-885-1666

Reply
Ask a question

Featured Posts