DaemonSet

info

This method requires access to create cluster level resources like ClusterRole, ClusterRoleBinding, CustomResourceDefinition and so on.

Use the Namespace-scoped Installation if you do not want to assign the cluster level permissions.

The Aperture Agent can be installed as a Kubernetes DaemonSet, where it will get deployed on all the nodes of the cluster.

Prerequisites

You can do the installation using the aperturectl CLI tool or using Helm. Install the tool of your choice using the following links:

1. aperturectl

   Refer

   aperturectl install agent to see all the available command line arguments.

2. Helm

   1. Once the Helm CLI is installed, add the Aperture Agent Helm chart repository in your environment for install or upgrade:

      helm repo add aperture https://fluxninja.github.io/aperture/
      helm repo update

Installation

The Aperture Agent in the DaemonSet mode will be installed using the Kubernetes Custom Resource, which will be managed by the Aperture Operator.

By following these instructions, you will have deployed the Aperture Agent into your cluster.

Refer

Kubernetes Objects which will be created by following steps are listed here.

1. Configure the below parameters of Aperture Cloud endpoint and API key for the Agent Custom Resource by creating a values.yaml and passing it with install command:

   agent:
     config:
       fluxninja:
         enable_cloud_controller: true
         endpoint: "ORGANIZATION_NAME.app.fluxninja.com:443"
     secrets:
       fluxNinjaExtension:
         create: true
         secretKeyRef:
           name: aperture-agent-apikey
           key: apiKey
         value: API_KEY

   Replace ORGANIZATION_NAME with the Aperture Cloud organization name and API_KEY with the API key linked to the project. If an API key has not been created, generate a new one through the Aperture Cloud UI. Refer to API Keys for additional information.

   note

   If you are using a Self-Hosted Aperture Controller, modify the above configuration as explained in Self-Hosting: Agent Configuration.

   aperturectl

   aperturectl install agent --version main --values-file values.yaml

   Helm

   helm install agent aperture/aperture-agent -f values.yaml

2. If you want to modify the default parameters or the Aperture Agent configuration, for example log, you can create or update the values.yaml file and pass it with install command:

   agent:
     config:
       fluxninja:
         enable_cloud_controller: true
         endpoint: "ORGANIZATION_NAME.app.fluxninja.com:443"
       log:
         level: debug
         pretty_console: true
         non_blocking: false
     secrets:
       fluxNinjaExtension:
         create: true
         secretKeyRef:
           name: aperture-agent-apikey
           key: apiKey
         value: API_KEY
   aperturectl

   aperturectl install agent --version main --values-file values.yaml

   Helm

   helm install agent aperture/aperture-agent -f values.yaml

   All the configuration parameters for the Aperture Agent are available here.

   A list of configurable parameters for the installation can be found in the README.

3. If you want to deploy the Aperture Agent into a namespace other than default, use the --namespace flag:

   aperturectl

   aperturectl install agent --version main --values-file values.yaml --namespace aperture-agent

   Helm

   helm install agent aperture/aperture-agent -f values.yaml --namespace aperture-agent --create-namespace

4. Alternatively, you can create the Agent Custom Resource directly on the Kubernetes cluster using the below steps:

   1. Create a values.yaml for just starting the operator and disabling the creation of Agent Custom Resource and pass it with install command:

      agent:
        create: false
      aperturectl

      aperturectl install agent --version main --values-file values.yaml

      Helm

      helm install agent aperture/aperture-agent -f values.yaml

   2. Create a YAML file with the following specifications:

      apiVersion: fluxninja.com/v1alpha1
      kind: Agent
      metadata:
        name: Agent
      spec:
        config:
          fluxninja:
            enable_cloud_controller: true
            endpoint: "ORGANIZATION_NAME.app.fluxninja.com:443"
        secrets:
          fluxNinjaExtension:
            create: true
            secretKeyRef:
              name: aperture-agent-apikey
              key: apiKey
            value: API_KEY

      Replace ORGANIZATION_NAME with the Aperture Cloud organization name and API_KEY with the API key linked to the project. If an API key has not been created, generate a new one through the Aperture Cloud UI. Refer to API Keys for additional information.

      note

      If you are using a Self-Hosted Aperture Controller, modify the above configuration as explained in Self-Hosting: Agent Configuration.

      All the configuration parameters for the Agent Custom Resource are listed on the README file of the Helm chart.

   3. Apply the YAML file to Kubernetes cluster using kubectl

      kubectl apply -f agent.yaml

5. Refer to steps on the Istio Configuration if you do not have the Envoy Filter configured on your cluster.

Upgrade Procedure

By following these instructions, you will have deployed the upgraded version of Aperture Agent into your cluster.

1. Use the same values.yaml file created as part of the Installation Steps and pass it with below command:

   aperturectl

   aperturectl install agent --version main --values-file values.yaml

   Helm

   helm template --include-crds --no-hooks agent aperture/aperture-agent -f values.yaml | kubectl apply -f -

   Once all the pods are in a running state after upgrade, run the below command to keep the Helm release updated:

   helm upgrade agent aperture/aperture-agent -f values.yaml

2. If you have deployed the Aperture Agent into a namespace other than default, use the --namespace flag:

   aperturectl

   aperturectl install agent --version main --values-file values.yaml --namespace aperture-agent

   Helm

   helm template --include-crds --no-hooks agent aperture/aperture-agent -f values.yaml --namespace aperture-agent | kubectl apply -f -

   Once all the pods are in a running state after upgrade, run the below command to keep the Helm release updated:

   helm upgrade agent aperture/aperture-agent -f values.yaml --namespace aperture-agent

Verifying the Installation

Once you have successfully deployed the resources, confirm that the Aperture Agent is up and running:

kubectl get pod -A

kubectl get agent -A

You should see pods for Aperture Agent and Agent Manager in RUNNING state and Agent Custom Resource in created state.

Uninstall

You can uninstall the Aperture Agent and its components installed above by following these steps:

1. Uninstall the Aperture Agent:

   aperturectl

   aperturectl uninstall agent --version main

   Helm

   helm uninstall agent

2. Alternatively, if you have installed the Aperture Agent Custom Resource as a standalone installation, follow the steps below:

   1. Delete the Aperture Agent Custom Resource:

      kubectl delete -f agent.yaml

   2. Delete the Aperture Agent to uninstall the Aperture Operator:

      aperturectl

      aperturectl uninstall agent --version main

      Helm

      helm uninstall agent

3. If you have installed the chart in some other namespace than the default, execute the following commands:

   aperturectl

   aperturectl uninstall agent --namespace aperture-agent

   Helm

   helm uninstall agent --namespace aperture-agent
   kubectl delete namespace aperture-agent

4. By default, the Secret having SSL/TLS certificates generated by the Kubernetes Operator for itself is not deleted with above steps. If you want to delete it, run the following commands:

   kubectl delete secret -l app.kubernetes.io/instance=agent-aperture-agent-manager

5. Optional: Delete the CRD installed by the Helm chart:

   note

   Deleting a Helm chart using Helm does not delete the Custom Resource Definitions (CRD) installed from the chart.

   kubectl delete crd agents.fluxninja.com