Static agent deployment YAML for OpenShift

Edit online

Deprecation of the static agent YAML

Edit online
Note: Starting March 2025, the static agent deployment YAML is deprecated and will be removed from the product by the end of 2025. These static YAML files are no longer updated. To deploy the Instana agent, use the agent operator or the agent Helm chart.

Changelog for OpenShift YAML file

Edit online

The static OpenShift deployment YAML file for the Instana agent gets rendered from the Helm chart with common defaults, and can be obtained from this public GitHub repository.

Date and version

Edit online

The following changelog provides the updates in each release:

  • 2021-11-24-Version 1.2.2: Update image repositories for agent and leader elector to get pulled from IBM Cloud Container Registry.

  • 2021-01-26-Version 1.2.1: See the following changes:

    • Introduce dangling anchors in the YAML file to prevent end users from pushing malformed or incomplete YAMLs to their clusters; replace the anchors with the actual values, or provide an addition to the document where the anchors are specified (neat for automation!)

    • Remove out-of-the-box nodeSelector, now the Instana agent will be installed on all OpenShift nodes.

    • Automatically assign the privileged Security Context Constraint to the instana-agent service account, so that no separate oc adm policy add-scc-to-user privileged -z instana-agent is required any loger; also, this allows us to ...

    • Add via YAML the instana-agent namespace. For clusters where the namespace was created manually, executing oc apply -f instana-agent.yaml will therefore result in the following benign warning:

      oc apply -f instana-agent.yaml

        Warning: oc apply should be used on resource created by either oc create --save-config or oc apply

    • Removed hard-coded heap sizing for the Instana agent JVM via the JAVA_OPTS environment variable, which caused oversights in which adding more memory to the container did not result in the Instana agent overcoming memory issues.

  • 2020-10-23-Version 1.0.33: Use dnsPolicy: ClusterFirstWithHostNet in the DaemonSet template spec as this should be the default for pods with hostNetwork: true according to this Kubernetes documentation

  • 2020-10-13-Version 1.0.32: Update version to match helm chart. No visible changes.

  • 2020-10-08-Version 1.0.31: Update version to match helm chart. No visible changes.

  • 2020-08-17-Version 1.0.30: Update the ClusterRole to add persistentvolumes and persistentvolumeclaims to the list of resources in the core apiGroup

  • 2020-07-16-Version 1.0.29: Update version to match helm chart. No visible changes.

  • 2020-04-28-Version 1.0.28: Update the ClusterRole to add cronjobs to the list of resources in the batch apiGroup

  • 2020-04-15-Version 1.0.27: See the following changes:

    • Update the ClusterRole to add daemonsets and statefulsets to the list of resources in the apps apiGroup
    • Update the ClusterRole to add a new apiGroup networking.k8s.io for ingresses (available since Kubernetes v1.14) as it will be completely removed from the extensions apiGroup in Kubernetes v1.22

  • 2020-03-25-Version 1.0.26: See the following changes:

    • Add specific health check for leader elector sidecar to improve reliability of Kubernetes monitoring
    • Add app.kubernetes.io/version label to all resources
    • Change name and app labels to more standard app.kubernetes.io/name label
    • Rename various resources:
      • Rename ConfigMap from instana-configuration to instana-agent
      • Rename ClusterRole from instana-agent-role to instana-agent
      • Rename ClusterRoleBinding from instana-agent-role-binding to instana-agent
      • Rename ServiceAccount from instana-admin to instana-agent
      • Rename Secret from instana-agent-secret to instana-agent
    • Add ServiceAccount as a resource (previously it was created via command line)

  • 2020-03-25-Version 1.0.25: No changes

  • 2020-03-18-Version 1.0.24: Add app.kubernetes.io/version label to ClusterRole and DaemonSet resources, corresponding to equivalent helm chart 1.0.24.

  • 2020-02-12: Increase liveness probe initial delay to 5 minutes, period to 10 seconds (the default), and timeout to 3 seconds to improve agent stability on very heavily loaded nodes.

  • 2019-12-23: Add the POD_IP environment variable to the instana-agent container to ensure that the agent will bind to that address instead of trying to detect a public IP address.

  • 2019-12-19: Remove specification of host in the livenessProbe for both the instana-agent and instana-agent-leader-elector containers as we would like to explore other options.

  • 2019-12-13: See the following changes:

    • Mount /var/lib/containers/storage in the DaemonSet for CRI-O support.
    • Specify host in the livenessProbe for both the instana-agent and instana-agent-leader-elector containers.

  • 2019-10-14: See the following changes:

    • Use serviceAccountName instead of the deprecated serviceAccount within apps.v1.DaemonSetSpec.template.spec. This has been deprecated at least since k8s 1.10.
    • [Fix] Ensure that the required field selector is set on apps.v1.DaemonSetSpec

  • 2019-10-08: Update DaemonSet to use apiVersion apps/v1 instead of the deprecated and soon to be removed extensions/v1beta1.

  • 2019-06-03: instana/leader-elector version increased from 0.5.1 to 0.5.4.

  • 2019-05-23: Added /run as a default container mount.

  • 2019-04-03: Added containerPort to agent daemonset.

  • 2019-03-13: Added INSTANA_AGENT_POD_NAME UID as leader election.

  • 2019-01-29: See the following changes:

    • Added the apps apiGroup.
    • Added the patch permission for endpoints.

  • 2019-01-04: Added all possible matcher modes for secrets.

  • 2019-01-02: Updated mountPath from /var/run/docker.sock to var/run.