DaemonSet
This method requires access to create cluster level resources such as ClusterRole, ClusterRoleBinding, CustomResourceDefinition and so on.
Use the Namespace-scoped Installation if you do not want to assign the cluster level permissions.
The Aperture Agent can be installed as a Kubernetes DaemonSet, where it will get deployed on all the nodes of the cluster.
Prerequisites
You can do the installation using the aperturectl
CLI tool or using Helm
.
Install the tool of your choice using the following links:
Once the Helm CLI is installed, add the Aperture Agent Helm chart repository in your environment for install or upgrade:
helm repo add aperture https://fluxninja.github.io/aperture/
helm repo update
- Refer
aperturectl install agent to see all the available command line arguments.
Installation
The Aperture Agent in the DaemonSet mode will be installed using the Kubernetes Custom Resource, which will be managed by the Aperture Operator.
By following these instructions, you will have deployed the Aperture Agent into your cluster.
Kubernetes Objects which will be created by following steps are listed here.
Configure the below parameters of Aperture Cloud endpoint and API key for the Agent Custom Resource by creating a
values.yaml
and passing it withinstall
command:agent:
config:
fluxninja:
enable_cloud_controller: true
endpoint: "ORGANIZATION_NAME.app.fluxninja.com:443"
secrets:
fluxNinjaExtension:
create: true
secretKeyRef:
name: aperture-apikey
key: apiKey
value: "API_KEY"Replace
ORGANIZATION_NAME
with the Aperture Cloud organization name andAPI_KEY
with the API key linked to the project. Navigate to theAperture
tab in the sidebar menu and then selectAPI Keys
in the top bar. From there, you can either copy the existing key or create a new one by clicking onCreate API Key
. For detailed instructions on locating API Keys, please refer to the API Keys section.noteIf you are using a Self-Hosted Aperture Controller, modify the above configuration as explained in Self-hosted: Agent Configuration.
- aperturectl
- Helm
aperturectl install agent --version main --values-file values.yaml
helm install agent aperture/aperture-agent -f values.yaml
If you want to modify the default parameters or the Aperture Agent configuration, for example
log
, you can create or update thevalues.yaml
file and pass it withinstall
command:agent:
config:
fluxninja:
enable_cloud_controller: true
endpoint: "ORGANIZATION_NAME.app.fluxninja.com:443"
log:
level: debug
pretty_console: true
non_blocking: false
secrets:
fluxNinjaExtension:
create: true
secretKeyRef:
name: aperture-apikey
key: apiKey
value: "API_KEY"- aperturectl
- Helm
aperturectl install agent --version main --values-file values.yaml
helm install agent aperture/aperture-agent -f values.yaml
All the configuration parameters for the Aperture Agent are available here.
A list of configurable parameters for the installation can be found in the README.
If you want to deploy the Aperture Agent into a namespace other than
default
, use the--namespace
flag:- aperturectl
- Helm
aperturectl install agent --version main --values-file values.yaml --namespace aperture-agent
helm install agent aperture/aperture-agent -f values.yaml --namespace aperture-agent --create-namespace
Alternatively, you can create the Agent Custom Resource directly on the Kubernetes cluster using the below steps:
Create a
values.yaml
for just starting the operator and disabling the creation of Agent Custom Resource and pass it withinstall
command:agent:
create: false- aperturectl
- Helm
aperturectl install agent --version main --values-file values.yaml
helm install agent aperture/aperture-agent -f values.yaml
Create a YAML file with the following specifications:
apiVersion: fluxninja.com/v1alpha1
kind: Agent
metadata:
name: Agent
spec:
config:
fluxninja:
enable_cloud_controller: true
endpoint: "ORGANIZATION_NAME.app.fluxninja.com:443"
secrets:
fluxNinjaExtension:
create: true
secretKeyRef:
name: aperture-apikey
key: apiKey
value: "API_KEY"Replace
ORGANIZATION_NAME
with the Aperture Cloud organization name andAPI_KEY
with the API key linked to the project. The API Key can be found by navigating to theAperture
tab in the sidebar menu, and then clicking on theAPI Keys
tab in the top bar. For detailed instructions on locating API Keys, refer to the API Keys section.noteIf you are using a Self-Hosted Aperture Controller, modify the above configuration as explained in Self-hosted: Agent Configuration.
All the configuration parameters for the Agent Custom Resource are listed on the README file of the Helm chart.
Apply the YAML file to Kubernetes cluster using
kubectl
kubectl apply -f agent.yaml
Refer to steps on the Istio Configuration if you do not have the Envoy Filter configured on your cluster.
Upgrade Procedure
By following these instructions, you will have deployed the upgraded version of Aperture Agent into your cluster.
Use the same
values.yaml
file created as part of the Installation Steps and pass it with below command:- aperturectl
- Helm
aperturectl install agent --version main --values-file values.yaml
helm template --include-crds --no-hooks agent aperture/aperture-agent -f values.yaml | kubectl apply -f -
Once all the pods are in a running state after upgrade, run the below command to keep the Helm release updated:
helm upgrade agent aperture/aperture-agent -f values.yaml
If you have deployed the Aperture Agent into a namespace other than
default
, use the--namespace
flag:- aperturectl
- Helm
aperturectl install agent --version main --values-file values.yaml --namespace aperture-agent
helm template --include-crds --no-hooks agent aperture/aperture-agent -f values.yaml --namespace aperture-agent | kubectl apply -f -
Once all the pods are in a running state after upgrade, run the below command to keep the Helm release updated:
helm upgrade agent aperture/aperture-agent -f values.yaml --namespace aperture-agent
Verifying the Installation
Once you have successfully deployed the resources, confirm that the Aperture Agent is up and running:
kubectl get pod -A
kubectl get agent -A
You should see pods for Aperture Agent and Agent Manager in RUNNING
state and
Agent
Custom Resource in created
state.
Uninstall
You can uninstall the Aperture Agent and its components installed above by following these steps:
Uninstall the Aperture Agent:
- aperturectl
- Helm
aperturectl uninstall agent --version main
helm uninstall agent
Alternatively, if you have installed the Aperture Agent Custom Resource as a standalone installation, follow the steps below:
Delete the Aperture Agent Custom Resource:
kubectl delete -f agent.yaml
Delete the Aperture Agent to uninstall the Aperture Operator:
- aperturectl
- Helm
aperturectl uninstall agent --version main
helm uninstall agent
If you have installed the chart in some other namespace than the
default
, run the following commands:- aperturectl
- Helm
aperturectl uninstall agent --namespace aperture-agent
helm uninstall agent --namespace aperture-agent
kubectl delete namespace aperture-agentBy default, the Secret having SSL/TLS certificates generated by the Kubernetes Operator for itself is not deleted with above steps. If you want to delete it, run the following commands:
kubectl delete secret -l app.kubernetes.io/instance=agent-aperture-agent-manager
Optional: Delete the CRD installed by the Helm chart:
noteDeleting a Helm chart using Helm does not delete the Custom Resource Definitions (CRD) installed from the chart.
kubectl delete crd agents.fluxninja.com