Comments (2)
vboulineau
commented on June 11, 2024
Hey @TJEvans,
It's a long standing issue with AKS, unlike most managed K8S (and the two other big players), they do not follow the usual best practices:
- The ca.crt mounted by the service account is not the one used to target Kubelet
- The Kubelet cert does not have SAN for node IP, nor the reverse-lookup of the node IP
With latest AKS, it required mounting the CA from host + using DD_KUBELET_HOST = spec.nodeName to work properly.
We've started the work to improve the Kubelet configurability with this PR: #144 (added kubelet.host), we'll work on adding something like hostCaCertPath to automatically generate the volumes/volumeMounts
from helm-charts.
sabareeshkkanan
commented on June 11, 2024
when can we expect this issue to be resolved ?
from helm-charts.
Related Issues (20)
- cluster-agent insufficient permissions HOT 3
- Synthetics Private Location - There is no way to add labels just to the pods managed by the deployment
- Allow setting `logs_config.use_http` in agent chart HOT 1
- Missing network policy for Alibaba Cloud metadata endpoint
- Chart 3.59.4 creates cluster-agent objects even when cluster agent is disabled
- datadog-operator chart lacks podSecurityContext
- Enabling kubeStateMetricsNetworkPolicy.create does not create network policy for kubeStateMetricsCore
- Relationship between `containerIncludeMetrics` and `prometheusScrape`
- cluster-agent network policy breaks cluster-name autodiscovery on GKE
- Get errors when installing datadog helm charts in the GKE autopilot cluster HOT 2
- Feature proposal: Allow to configure Datadog Operator installation namespace HOT 1
- dd-trace fails on nodejs pod starting with chart 3.59.0 HOT 1
- Support configurable buffer size for large payload
- kpi-telemetry-configmap generates random install_id and install_time
- Documentation how to use collect_ec2_tags and exclude_ec2_tags HOT 2
- Env. variable DD_EXTERNAL_METRICS_PROVIDER_SPLIT_BATCHES_WITH_BACKOFF
- EKS Fargate Logs not showing up HOT 1
- [datadog-operator] allow specifying priorityClassName
- When installing Datadog for Windows, the process-agent container isnβt mounting the auth-token volume
- Warnings for Unrecognized Configuration Keys in Datadog Helm Chart 3.66.0
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from helm-charts.