Documentation forSolarWinds Observability SaaS

Run SolarWinds Observability Agent on the Kubernetes platform

You can use the following options to run the Agent on the Kubernetes platform.

Before you begin, review the limitations and supported environment variables.

When you already have the Agent running, specify what you want to monitor. See Add entities for monitoring .

Run as a Kubernetes deployment

When running the Agent as a Kubernetes deployment, you can leverage Kubernetes secrets to hide the access token.

To create a secret for an access token, run the following command:

kubectl create secret generic access-token --from-literal=ACCESS_TOKEN="<token>"

To persist the Agent working directory between pod restarts, use a persistent volume. See Configure a Pod to Use a PersistentVolume for Storage in Kubernetes documentation.

For example, you can use the following file to create PersistentVolumeClaim that will be referenced later in the Deployment definition:

apiVersion: v1 
kind: PersistentVolumeClaim 
metadata: 
  name: uamsclient-pv-claim 
  labels: 
    app: uamsclient
spec: 
  accessModes: 
    - ReadWriteOnce 
  resources: 
    requests: 
      storage: 1Gi

To apply the Agent as a Kubernetes deployment in your cluster, use the following file.

apiVersion: apps/v1 
kind: Deployment 
metadata: 
  name: uamsclient-deployment 
  labels: 
    k8s-app: uamsclient 
spec: 
  replicas: 1 
  selector: 
    matchLabels: 
      app: uamsclient 
  template: 
    metadata: 
      labels: 
        app: uamsclient 
    spec:
      containers: 
      - name: uamsclient 
        image: solarwinds/swo-agent:latest 
        env: 
          - name: SWO_URL 
            value: <cluster endpoint>
          - name: UAMS_CONTAINER_HOSTNAME
            value: <optional custom container name>
          - name: UAMS_OVERRIDE_HOSTNAME
            value: <optional custom container name>
          - name: UAMS_ACCESS_TOKEN 
            valueFrom: 
              secretKeyRef: 
                name: access-token 
                key: ACCESS_TOKEN 
        volumeMounts: 
          - name: uamsclient-persistent-storage 
            mountPath: /uamsclient/workdir 
      volumes: 
        - name: uamsclient-persistent-storage 
          persistentVolumeClaim: 
            claimName: uamsclient-pv-claim

Run as a Kubernetes DaemonSet

To apply the Agent as a DaemonSet in your multi-node cluster, use the following file.

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: uamsclient-daemonset
  labels:
    k8s-app: uamsclient
spec:
  selector:
    matchLabels:
      name: uamsclient
  template:
    metadata:
      labels:
        name: uamsclient
    spec:
      tolerations:
      # this toleration is to have the daemonset runnable on master nodes
      # remove it if your masters can't run pods
      - key: node-role.kubernetes.io/master
        operator: Exists
        effect: NoSchedule
      containers:
      - name: uamsclient
        image: solarwinds/swo-agent:latest
        env:
        - name: UAMS_ACCESS_TOKEN
          valueFrom:
            secretKeyRef:
              name: access-token
              key: ACCESS_TOKEN
        - name: SWO_URL
          value: <cluster endpoint> 
        - name: UAMS_CONTAINER_HOSTNAME
          value: <optional custom container name>
        - name: UAMS_OVERRIDE_HOSTNAME
          value: <optional custom container name>
        - name: UAMS_CLIENT_ID_OVERRIDE_SOURCE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
      terminationGracePeriodSeconds: 30

Run as a Kubernetes sidecar

To apply the Agent as a sidecar in a replicated workload, ensure that the Agent ID is not changing when the container is restarted or when a new pod for the same replica is started.

To achieve this, use StatefulSet which will always assign the same host name for a replica with a particular ordinal number. The hostname can then be used as UAMS_CLIENT_ID_OVERRIDE_SOURCE_NAME to ensure that each replica has always the same Agent ID.

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: app-with-uamsclient-sidecar
spec:
  selector:
    matchLabels:
      app: app-with-uamsclient-sidecar
  serviceName: app-with-uamsclient-sidecar
  replicas: 3
  template:
    metadata:
      labels:
        app: app-with-uamsclient-sidecar
    spec:
      containers:
      # - name: app # main app container
        - name: uamsclient-sidecar
          image: solarwinds/swo-agent:latest
          env:
            - name: UAMS_ACCESS_TOKEN
              valueFrom:
                secretKeyRef:
                  name: access-token
                  key: ACCESS_TOKEN
            - name: SWO_URL
              value: <cluster endpoint> 
            - name: UAMS_CLIENT_ID_OVERRIDE_SOURCE_NAME
              valueFrom:
                fieldRef:
                  fieldPath: metadata.name
          volumeMounts:
            - name: uamsclient-workdir
              mountPath: /uamsclient/workdir
  volumeClaimTemplates:
    - metadata:
        name: uamsclient-workdir
      spec:
        accessModes: [ "ReadWriteOnce" ]
        resources:
          requests:
            storage: 1Gi