Requirements
The agent requires some privileges for getting access to container data, such as logs, performance counters and TCP sockets:
- privileged mode (securityContext.privileged: true)
- the host process ID namespace (hostPID: true)
- /sys/fs/cgroup, /sys/kernel/tracing, and /sys/kernel/debug should be mounted to the agent's container
Kubernetes
You can install the agent using Helm:
helm repo add coroot https://coroot.github.io/helm-charts
helm repo update
helm install --namespace coroot --create-namespace coroot-node-agent coroot/node-agent
If you use Prometheus Operator,
you will also need to create a PodMonitor:
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: coroot-node-agent
namespace: coroot
spec:
selector:
matchLabels:
app: coroot-node-agent
podMetricsEndpoints:
- port: http
Make sure the PodMonitor matches podMonitorSelector defined in your Prometheus:
apiVersion: monitoring.coreos.com/v1
kind: Prometheus
...
spec:
...
podMonitorNamespaceSelector: {}
podMonitorSelector: {}
...
The special value {} allows Prometheus to watch all the PodMonitors from all namespaces.
Docker
To ingest telemetry data, the agent must have the address of the Coroot instance and the capability to establish TCP connections with it.
Please replace <COROOT_IP> with the actual IP address of your Coroot instance.
docker run --detach --name coroot-node-agent \
--pull=always \
--privileged --pid host \
-v /sys/kernel/tracing:/sys/kernel/tracing:rw \
-v /sys/kernel/debug:/sys/kernel/debug:rw \
-v /sys/fs/cgroup:/host/sys/fs/cgroup:ro \
ghcr.io/coroot/coroot-node-agent \
--cgroupfs-root=/host/sys/fs/cgroup \
--collector-endpoint=http://<COROOT_IP>:8080 \
--scrape-interval=15s
To read the agent log:
docker logs coroot-node-agent
To uninstall the agent run the following command:
docker rm -f coroot-node-agent
Linux VM or bare-metal server
To ingest telemetry data, the agent must have the address of the Coroot instance and the capability to establish TCP connections with it.
Please replace <COROOT_IP> with the actual IP address of your Coroot instance.
This script downloads the latest version of the agent and installs it as a Systemd service. Additionally, it generates an uninstall script.
curl -sfL https://raw.githubusercontent.com/coroot/coroot-node-agent/main/install.sh | \
COLLECTOR_ENDPOINT=http://<COROOT_IP>:8080 \
SCRAPE_INTERVAL=15s \
sh -
You can read the agent log using the journalctl command:
sudo journalctl -u coroot-node-agent
To uninstall the agent run the command below:
/usr/bin/coroot-node-agent-uninstall.sh
Flags
usage: coroot-node-agent [<flags>]
Flags:
--listen="0.0.0.0:80" Listen address - ip:port or :port
--cgroupfs-root="/sys/fs/cgroup" The mount point of the host cgroupfs root
--disable-log-parsing Disable container logs parsing
--disable-pinger Disable container upstreams ping
--disable-l7-tracing Disable L7 tracing
--ephemeral-port-range="32768-60999" Destination and Listen TCP ports from this range will be skipped
--track-public-network=TRACK-PUBLIC-NETWORK ... Allow track connections to the specified IP networks, all private networks are allowed by default (e.g., Y.Y.Y.Y/mask)
--provider=PROVIDER `provider` label for `node_cloud_info` metric
--region=REGION `region` label for `node_cloud_info` metric
--availability-zone=AVAILABILITY-ZONE `availability_zone` label for `node_cloud_info` metric
--instance-type=INSTANCE_TYPE `instance_type` label for `node_cloud_info` metric
--instance-life-cycle=INSTANCE_LIFE_CYCLE `instance_life_cycle` label for `node_cloud_info` metric