Install Infrastructure Visibility with the Kubernetes CLI

This page describes how to install the Machine Agent and Network Agents in a Kubernetes cluster where the Cluster Agent Operator is installed.

The Cluster Agent Operator provides a custom resource definition called InfraViz. You can use InfraViz to simplify deploying the Machine and Network Agents as a daemonset in a Kubernetes cluster. Additionally, you can deploy these agents by creating a daemonset YAML which does not require the Cluster Agent Operator. For more information, see these examples.

To deploy the Analytics Agent as a daemonset in a Kubernetes cluster, see Kubernetes でのエージェント側コンポーネントのインストール.

Requirements

Before you begin, verify that you have:

Installed kubectl >= 1.16
Cluster Agent >= 21.3.1
Met these requirements: クラスタエージェントの要件およびサポート対象環境.
If Server Visibility is required, sufficient Server Visibility licenses based on the number of worker nodes in your cluster.
Permissions to view servers in the AppDynamics Controller.

Installation Procedure

クラスタエージェントのインストール. From this Alpine Linux example:
1. Download the Cluster Agent bundle.
2. Unzip the Cluster Agent bundle.
3. Deploy the Cluster Agent Operator using the CLI specifying the correct Kubernetes and OpenShift version (if applicable):
```
unzip appdynamics-cluster-agent-alpine-linux-<version>.zip
kubectl create namespace appdynamics
```
  BASH
  kubectl create -f cluster-agent-operator.yaml
  
  BASH
  kubectl create -f cluster-agent-operator-openshift.yaml
  
  BASH
  kubectl create -f cluster-agent-operator-openshift-1.15-or-less.yaml
  
  BASH
Create a Cluster Agent secret using the Machine Agent access key to connect to the Controller. If a cluster-agent-secret does not exist, you must create one, see Kubernetes CLI を使用したクラスタエージェントのインストール.
```
kubectl -n appdynamics create secret generic cluster-agent-secret --from-literal=controller-key=<access-key>
```
BASH
Update the infraviz.yaml file to set the controllerUrl, account, and globalAccount values based on the information from the Controller's License page.
To enable Server Visibility, set enableServerViz to true (shown in the infraviz.yaml configuration example).
To deploy a Machine Agent without Server Visibility enabled, set enableServerViz to false.
infraviz.yaml Configuration File with Server Visibility Enabled
```
apiVersion: v1
kind: ServiceAccount
metadata:
  name: appdynamics-infraviz
  namespace: appdynamics
---
apiVersion: cluster.appdynamics.com/v1alpha1
kind: InfraViz
metadata:
  name: appdynamics-infraviz
  namespace: appdynamics
spec:
  controllerUrl: "https://mycontroller.saas.appdynamics.com"
  image: "docker.io/appdynamics/machine-agent:latest"
  account: "<your-account-name>"
  globalAccount: "<your-global-account-name>"
  enableContainerHostId: true
  enableServerViz: true
  resources:
    limits:
      cpu: 500m
      memory: "1G"
    requests:
      cpu: 200m
      memory: "800M"
```
YML
The infraviz.yaml configuration file example deploys a daemonset that runs a single pod per node in the cluster. Each pod runs a single container from where the Machine Agent, or Server Visibility Agent runs.

To enable the Network Visibility Agent to run in a second container in the same pod, add the netVizImage and netVizPort keys and values as shown in this configuration file example:

infraviz.yaml Configuration File with Second Container in a Single Pod

apiVersion: v1
kind: ServiceAccount
metadata:
  name: appdynamics-infraviz
  namespace: appdynamics
---
apiVersion: cluster.appdynamics.com/v1alpha1
kind: InfraViz
metadata:
  name: appdynamics-infraviz
  namespace: appdynamics
spec:
  controllerUrl: "https://mycontroller.saas.appdynamics.com"
  image: "docker.io/appdynamics/machine-agent:latest"
  account: "<your-account-name>"
  enableContainerHostId: true
  enableServerViz: true
  netVizImage: appdynamics/machine-agent-netviz:latest
  netVizPort: 3892
  resources:
    limits:
      cpu: 500m
      memory: "1G"
    requests:
      cpu: 200m
      memory: "800M"

YML

Use kubectl to deploy infraviz.yaml

For environments where Kubernetes PodSecurityPolicies block certain pod security context configuration, such as privileged pods, you must deploy the infraviz-pod-security-policy.yaml before editing the infraviz.yaml file.
For environments where OpenShift SecurityContextConstraints block certain pod security context configuration, such as privileged pods, you must deploy the infraviz-security-context-constraint-openshift.yaml before editing the infraviz.yaml file.
```
kubectl create -f infraviz.yaml
```
BASH
```
kubectl create -f infraviz-pod-security-policy.yaml
kubectl create -f infraviz.yaml
```
BASH
```
kubectl create -f infraviz-security-context-constraint-openshift.yaml
kubectl create -f infraviz.yaml
```
BASH

Confirm that the appdynamics-infraviz pod is running, and the Machine Agent, Server Visibility Agent, and Network Agent containers are ready:

kubectl -n appdynamics get pods
NAME                                    READY   STATUS    RESTARTS   AGE
appdynamics-infraviz-shkhj                     2/2     Running   0          18s

BASH

To verify that the agents are registering with the Controller, review the logs and confirm that the agents display in the Agents Dashboard of the Controller Administration UI. In the Controller, if Server Visibility is enabled, the nodes are visible under Controller > Servers.
```
kubectl -n appdynamics logs appdynamics-infraviz-shkhj -c appd-infra-agent
...
Started AppDynamics Machine Agent Successfully
```
BASH

Mixed Operating System Clusters

The Cluster Agent Operator can deploy Machine Agent daemonsets to both Linux and Windows nodes. The value of the nodeOS property determines the deployment strategy in mixed operating system (OS) clusters. You can set this property to one of these options:

all
linux
windows

Set nodeOS: all when both Linux and Windows daemonsets share the same properties that you can configure in a single infraviz.yaml file. When nodeOS is set to all or windows, you must set the imageWin property to a Windows Machine Agent image.

In this example, a single infraviz.yaml file is used to configure the Machine Agents that run on Windows and Linux nodes.

apiVersion: v1
kind: ServiceAccount
metadata:
  name: appdynamics-infraviz
  namespace: appdynamics
---
apiVersion: cluster.appdynamics.com/v1alpha1
kind: InfraViz
metadata:
  name: appdynamics-infraviz
  namespace: appdynamics
spec:
  controllerUrl: "https://mycontroller.saas.appdynamics.com"
  image: "docker.io/appdynamics/machine-agent:latest"
  account: "<your-account-name>"
  globalAccount: "<your-global-account-name>"
  enableContainerHostId: true
  enableServerViz: true
  netVizImage: appdynamics/machine-agent-netviz:latest
  netVizPort: 3892 
  resources:
    limits:
      cpu: 500m
      memory: "1G"
    requests:
      cpu: 200m
      memory: "800M"
  imageWin: docker.io/appdynamics/machine-agent-analytics:win-latest  
  nodeOS: all

YML

Set nodeOS: windows or nodeOS: linux when the Windows and Linux daemonsets properties differ and must be defined in separate infraviz.yaml files. Depending on the value of nodeOS, the Cluster Agent Operator assigns a nodeSelector value to the Machine Agent that determines its placement.
For nodeOS: windows, it sets "kubernetes.io/os" to windows.
For nodeOS: linux, it sets kubernetes.io/os to linux.

To override this default behavior, specify a nodeSelector in infraviz.yaml. For example:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: appdynamics-infraviz
  namespace: appdynamics
---
apiVersion: cluster.appdynamics.com/v1alpha1
kind: InfraViz
metadata:
  name: appdynamics-infraviz
  namespace: appdynamics
spec:
  # ... content removed for brevity  
  nodeOS: windows
  imageWin: docker.io/appdynamics/machine-agent-analytics:win-latest  
  nodeSelector:
    kubernetes.io/os: my-windows-node-selector

YML

`InfraViz` Configuration Settings

To configure Infrastructure Visibility, you can modify these parameters in the infraviz.yaml file included with the download package. After changing the file, delete and re-create the InfraViz deployment to ensure the changes are applied.

Parameter	Description	Required/Optional	Default
`account`	AppDynamics account name	Required	N/A
`args`	List of command arguments	Optional	N/A
`controllerUrl`	URL of the AppDynamics Controller	Required	N/A
`enableContainerHostId`	Flag that determines how container names are derived; specify either `pod` `name` or `container` `id`.	Required	`false`
`enableMasters`	By default, only Worker nodes are monitored. When set to `true`, Server Visibility is provided for Master nodes. For managed Kubernetes providers, the flag has no effect because the Master plane is not accessible.	Optional	`false`
`enableServerViz`	Enable Server Visibility	Required	false
`enableDockerViz`	Enable Docker Visibility	Required	`false`
`env`	List environment variables	Optional	N/A
`eventServiceUrl`	Event Service Endpoint	Optional	N/A
`globalAccount`	Global account name	Required	N/A
`image`	Retrieves the most recent version of the Machine Agent image.	Optional	`appdynamics/machine-agent:latest`
`imagePullSecret`	Name of the pull secret image	Optional	N/A
`imageWin`	Machine Agent image for Windows nodes	Required when `nodeOS` is set to `all` or `windows`	`appdynamics/machine-agent-analytics:win-latest`
`logLevel`	Level of logging verbosity. Valid options are: `info` or `debug`.	Optional	`info`
`metricsLimit`	Maximum number of metrics that the Machine Agent sends to the Controller.	Optional	N/A
`netVizImage`	Retrieves the most recent version of Network Agent image.	Optional	`appdynamics/machine-agent-netviz:latest`
`netVizPort`	When > 0, the Network Agent is deployed in a sidecar with the Machine Agent. By default, the Network Visibility Agent works with port `3892`.	Optional	`3892`
`nodeSelector`	OS specific label that identifies nodes for scheduling of the `daemonset` pods.	Optional	`all`
`overrideVolumeMounts`	The list of volumeMounts.	Optional	`overrideVolumeMounts:` `- proc` `- sys` `- etc`
`priorityClassName`	Name of the priority class that determines priority when a pod needs to be evicted.	Optional	N/A
`propertyBag`	String with any other Machine Agent parameters	Optional	N/A
`proxyUrl`	URL of the proxy server (`protocol://domain:port`)	Optional	N/A
`proxyUser`	Proxy user credentials (`user@password`)	Optional	N/A
`resources`	Definitions of resources and limits for the Machine Agent	Optional	N/A
`resourcesNetViz`	Set resources for the Network Visibility (NetViz) container	Optional	Request CPU: 100m Memory: 150Mi Limit CPU: 200m Memory: 300Mi
`runAsUser`	The UID (User ID) to run the entry point of the container process. If you do not specify the UID, this defaults to the user id specified in the image. docker.io/appdynamics/machine-agent docker.io/appdynamics/machine-agent-analytics:latest If you require to run on any other UID, change the UID for runAsUser without changing the group ID.	Optional	`UID: 1001` `Username: appdynamics`
`runAsGroup`	The GID (Group ID) to run the entry point of the container process. If you do not specify the ID, this uses the UID specified in the image, docker.io/appdynamics/machine-agent docker.io/appdynamics/machine-agent-analytics:latest	Optional	`UID: 1001` `Username: appdynamics`
`stdoutLogging`	Determines if logs are saved to a file or redirected to the Console.	Optional	`false`
`tolerations`	List of tolerations based on the taints that are associated with nodes.	Optional	N/A
`uniqueHostId`	Unique host ID in AppDynamics. Valid options are: `spec.nodeName`, `status.hostIP`.	Optional	`spec.nodeName`

Requirements

Installation Procedure

Mixed Operating System Clusters

InfraViz Configuration Settings

`InfraViz` Configuration Settings