Skip to content

Commit

Permalink
Updated OpenMetrics and Datadog Checks with example annotations being…
Browse files Browse the repository at this point in the history
… set and Note on assumption for Consul RPC TLS certificate mounts
  • Loading branch information
natemollica-nm committed Feb 20, 2024
1 parent 87e8d65 commit fc4c8f7
Showing 1 changed file with 55 additions and 7 deletions.
62 changes: 55 additions & 7 deletions website/content/docs/k8s/deployment-configurations/datadog.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -292,20 +292,62 @@ during normal operation beyond that of Consul's available metrics.
See the below [table](#additional-integration-checks-performed) for an outline of the features added by the official integration.
<Note>
Currently, the annotations configured by the Helm overrides with Consul RPC TLS enabled
assume server and ca certificate secrets are shared with the Datadog agent release namespace and mount the valid <code>tls.crt</code>, <code>tls.key</code>,
and <code>ca.crt</code> secret volumes at the <code>/etc/datadog-agent/conf.d/consul.d/certs</code> path on the Datadog Agent, agent container.
</Note>
### Helm Chart Configuration
<CodeBlockConfig heading={"Datadog Consul Checks"}>
<Tabs>
<CodeBlockConfig heading={"Datadog Consul Checks"}>
Consul Helm Chart Overrides
```yaml
metrics:
enabled: true
enableAgentMetrics: true
datadog:
global:
tls:
enabled: true
namespace: "datadog"
enableAutoEncrypt: true
acls:
manageSystemACLs: true
metrics:
enabled: true
enableAgentMetrics: true
datadog:
enabled: true
namespace: "datadog"
```
</CodeBlockConfig>
Consul `server-statefulset.yaml` annotations
```yaml
"ad.datadoghq.com/consul.checks": |
{
"consul": {
"init_config": {},
"instances": [
{
"url": "https://consul-server.consul.svc:8501",
"tls_cert": "/etc/datadog-agent/conf.d/consul.d/certs/tls.crt",
"tls_private_key": "/etc/datadog-agent/conf.d/consul.d/certs/tls.key",
"tls_ca_cert": "/etc/datadog-agent/conf.d/consul.d/ca/tls.crt",
"use_prometheus_endpoint": true,
"acl_token": "ENC[k8s_secret@consul/consul-datadog-agent-metrics-acl-token/token]",
"new_leader_checks": true,
"network_latency_checks": true,
"catalog_checks": true,
"auth_type": "basic"
}
]
}
}
```
</CodeBlockConfig>
</Tabs>
### Additional Integration Checks Performed
Expand Down Expand Up @@ -342,6 +384,12 @@ This method implements the collection via Openmetrics as that is fully supported
to scrape the agent's metrics API endpoint using either RPC TLS and Consul ACLs as necessary.
</Note>
<Note>
Currently, the annotations configured by the Helm overrides with Consul RPC TLS enabled
assume server and ca certificate secrets are shared with the Datadog agent release namespace and mount the valid <code>tls.crt</code>, <code>tls.key</code>,
and <code>ca.crt</code> secret volumes at the <code>/etc/datadog-agent/conf.d/consul.d/certs</code> path on the Datadog Agent, agent container.
</Note>
### Helm Chart Configuration
<Tabs>
Expand Down

0 comments on commit fc4c8f7

Please sign in to comment.