Draft PR #19943
Draft PR #19943
Conversation
✅ Deploy Preview for docs-website-netlify ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
|
Hi @ubanerjeeNR 👋 Thanks for your pull request! Your PR is in a queue, and a writer will take a look soon. We generally publish small edits within one business day, and larger edits within three days. We will automatically generate a preview of your request, and will comment with a link when the preview is ready (usually 10 to 20 minutes). |
| Before you begin deploying Agent Control to your Kubernetes clusters, ensure that you meet the following prerequisites: | ||
|
|
||
| - **Helm 3:** Helm version 3 must be installed on your machine. For installation instructions, see [Installing Helm](https://helm.sh/docs/intro/install). | ||
| - **New Relic license key:** You'll need your New Relic license key to report telemetry to your New Relic account. |
There was a problem hiding this comment.
This is not the only option. When you go through the install flow you have the option to "Use an existing key" or "Create a new key".
So better to also include something like the following:
If you haven't created one yet, or want to create a new key for Agent Control, you can skip this prerequisite. The Agent Control Install flow will allow you to create a new key.
There was a problem hiding this comment.
I understand the concern but the text doesn't say that you'll need an existing New Relic license key. All it says is you'll need your New Relic license key. That's inclusive of the two situations: an existing key or a new key.
That said, perhaps 'your New Relic license key' is the source of the confusion. I'll change second person pronoun to an indefinite article. 'a New Relic license key'.
| cluster: "YOUR_CLUSTER_NAME" | ||
| licenseKey: "YOUR_LICENSE_KEY" | ||
| userKey: "YOUR_USER_KEY" |
There was a problem hiding this comment.
I think the example config needs to be updated. As we removed the use of userKey from the install UI and we're now using System identities for authentication.
We would need to update the examples as outlined here.
- We need to remove the
userKeyunder the Global variables. - We need to add the
identityClientIdandidentityClientSecretunderagent-control-deployment - Overall, I see 3 references of
userKey, we need to update the above in all these cases.
There was a problem hiding this comment.
Updating the config with the one from Confluence
|
|
||
| - To install Agent Control, run this command: | ||
| ```shell | ||
| helm upgrade --install agent-control --version 0.0.34-beta --namespace newrelic --create-namespace newrelic/agent-control --values values-newrelic.yaml --devel |
There was a problem hiding this comment.
| helm upgrade --install agent-control --version 0.0.34-beta --namespace newrelic --create-namespace newrelic/agent-control --values values-newrelic.yaml --devel | |
| helm upgrade --install agent-control --version 0.0.45-beta -n newrelic newrelic/agent-control --create-namespace --values values-newrelic.yaml --devel |
(based on the latest command we have in the updated install flow)
| - **Helm 3:** Helm version 3 must be installed on your machine. For installation instructions, see [Installing Helm](https://helm.sh/docs/intro/install). | ||
| - **New Relic license key:** You'll need your New Relic license key to report telemetry to your New Relic account. | ||
| - **Kubernetes cluster name:** Have the name of your Kubernetes cluster ready, as it will be referenced during the installation process. | ||
| - **Auth Domain Manager:** To set up Agent Control and connect it to Fleet Control, you must have the Authentication Domain Manager role. |
There was a problem hiding this comment.
Along with Auth Domain Manager, we also need All Product Admin role I guess. I'm checking with IAM team on this, I will get it confirmed here. (thread)
There was a problem hiding this comment.
Tori has provided the details in a separate doc. I am using that info instead.
| # infrastructure: | ||
| # type: newrelic/com.newrelic.infrastructure:0.1.0 | ||
| # content: | ||
| # # Ref: `https://github.com/newrelic/helm-charts/tree/master/charts/nri-bundle` | ||
| # # Recommended: check and define an explicit chart version (latest stable) | ||
| # chart_version: "*" | ||
| # # chart_values: | ||
| # # newrelic-infrastructure: | ||
| # # enableProcessMetrics: true | ||
| # logs: | ||
| # type: newrelic/io.fluentbit:0.1.0 | ||
| # content: | ||
| # # Ref: `https://github.com/newrelic/helm-charts/tree/master/charts/newrelic-logging` | ||
| # # Recommended: check and define an explicit chart version (latest stable) | ||
| # chart_version: "*" | ||
| # # chart_values: | ||
| # # newrelic-logging: | ||
| # # sendMetrics: true | ||
| # agent-operator: | ||
| # type: com.newrelic.k8s_agent_operator:0.1.0 | ||
| # content: | ||
| # chart_version: "*" | ||
| # open-telemetry: | ||
| # type: newrelic/io.opentelemetry.collector:0.2.0 | ||
| # content: | ||
| # # Ref: `https://github.com/newrelic/helm-charts/blob/master/charts/nr-k8s-otel-collector/values.yaml` | ||
| # # Recommended: check and define an explicit chart version (latest stable) | ||
| # chart_version: "*" | ||
| # # chart_values: | ||
| # # nr-k8s-otel-collector: | ||
| # # receivers.filelog.enabled: false |
There was a problem hiding this comment.
I think open-telemetry needs to be uncommented under sub agents for this example, @josemore could you please confirm ?
| ```yaml | ||
| global: | ||
| cluster: "YOUR_CLUSTER_NAME" | ||
| licenseKey: "YOUR_LICENSE_KEY" | ||
| userKey: "YOUR_USER_KEY" |
There was a problem hiding this comment.
It looks we've an indentation issue here.
There was a problem hiding this comment.
Strange. I don't see this in the output. Looking into this.
|
FYI @ubanerjeeNR: The Agent Control contents of this PR have been reviewed by team Virtuoso and a few spots for correction have been identified. We've deferred a question to @josemore for confirmation (post which we can connect with you, or help make the correction ourselves as it shouldn't be a large one); with that, we believe the Agent Control contents should be in a good shape. |
src/content/docs/new-relic-control/agent-control/configuration.mdx
Outdated
Show resolved
Hide resolved
| Verify the status of your pods by running: | ||
| ```shell | ||
| kubectl get pods -n newrelic | ||
| ``` |
There was a problem hiding this comment.
this is too generic IMO, we could at least explain how to check the status server
There was a problem hiding this comment.
@paologallinaharbur - can you please share specific details?
There was a problem hiding this comment.
it is already in the Pr, but in a different section:
Agent Control exposes a local status endpoint. Used to understand the health of Agent Control and of managed agents. The endpoint is enabled by default on port `52100`. Follow these steps to query the cluster status:
[...] it is in the troubleshooting part
There was a problem hiding this comment.
checking the pods is not enough, since you can see 5 up and running, not knowing that 3 are missing
There was a problem hiding this comment.
I think it would be very beneficial to add a page explaining the underlying architecture and how the agent Control works, is it in scope?
| This feature is currently provided as part of a preview program pursuant to our [pre-release policies](/docs/licenses/license-information/referenced-policies/new-relic-pre-release-policy). | ||
| </Callout> | ||
|
|
||
| The [`values-newrelic.yaml`](https://github.com/newrelic/helm-charts/blob/master/charts/agent-control/values.yaml) file, which traditionally defined agent behavior, now also includes settings for Agent Control. The settings and parameters that you configure in this file define how Agent Control and the agents it manages operate. This file is referred to as the local configuration. |
There was a problem hiding this comment.
they are different values.yaml, we did not modify the old one
| agent-operator: | ||
| type: com.newrelic.k8s_agent_operator:0.1.0 | ||
| content: | ||
| chart_version: "*" |
There was a problem hiding this comment.
we said that the APM operator is not in scope for public preview.. I think we should remove this
There was a problem hiding this comment.
should we clarify why a user should use the otel collector vs the nri-kubernetes?
|
|
||
| <CollapserGroup> | ||
| <Collapser | ||
| id="agent-control-config" |
There was a problem hiding this comment.
this id is the very same as before, is it expected?
| id="prometheus-config" | ||
| title="Prometheus configuration" |
There was a problem hiding this comment.
title and ids are wrong
|
|
||
| </CollapserGroup> | ||
|
|
||
| ### Remote configuration: New Relic infrastructure |
There was a problem hiding this comment.
I think it is not clear that locally we had a configuration for AC + 1 for each subagent
In the remove config section you added examples for the subAgents and no AC config is there
| </CollapserGroup> | ||
|
|
||
| ### Remote configuration: New Relic infrastructure | ||
|
|
There was a problem hiding this comment.
I think we should explain which part of the AC config can be changed. @rubenruizdegauna @davidgit superAgent config is not going to be hidden right?
There was a problem hiding this comment.
FM confirmed that it will be hidden for the customers.
| chart_version: "*" | ||
| chart_values: | ||
| newrelic-infrastructure: | ||
| enableProcessMetrics: true |
There was a problem hiding this comment.
Indentation is wrong, moreover I would explain something regarding the config. I would point out that version "*" is not recommended, I would point out to the values.yalm so that they can retrieve the list of additional values
chart_version: "*"
chart_values:
newrelic-infrastructure:
enableProcessMetrics: true
| > | ||
|
|
||
| <Callout variant="important"> | ||
| Create a Kubernetes secret to securely store the New Relic license key and use it in the `chart_values` in replacement of the `licenseKey` value: |
There was a problem hiding this comment.
this is not needed anymore, we support global variables for the license key and it gets automatically injected
(in the same way for other agents the licenseKey is not needed to be passed as a secret)
There was a problem hiding this comment.
and yaml below is broken
| ```yaml | ||
| chart_version: "*" | ||
| chart_values: | ||
| newrelic-prometheus-agent: | ||
| lowDataMode: true |
There was a problem hiding this comment.
this is about prometheus
|
|
||
| For this approach, create a configuration in Fleet Control UI with the following structure, specifying the desired `receivers.filelog.enabled` value and referencing any other relevant Helm chart values: | ||
|
|
||
| ```yaml |
There was a problem hiding this comment.
I think that all yaml are broken since in markdown it ignores the first spaces, but then it adds them... therefore it seems valid but it is like
| chart_version: "*" | ||
| chart_values: | ||
| newrelic-logging: | ||
| sendMetrics: true |
There was a problem hiding this comment.
can we add a link to the full list of values?
There was a problem hiding this comment.
moreover the version "*" it is not recommended
| chart_version: "*" | ||
| chart_values: | ||
| newrelic-prometheus-agent: | ||
| lowDataMode: true |
There was a problem hiding this comment.
same here: version "*" + link
| chart_version: "*" | ||
| chart_values: | ||
| newrelic-infrastructure: | ||
| enableProcessMetrics: true |
| global: | ||
| cluster: "YOUR_CLUSTER_NAME" | ||
| licenseKey: "YOUR_LICENSE_KEY" | ||
| # Values related to the agent control's Helm chart release. | ||
| # `https://github.com/newrelic/helm-charts/blob/master/charts/agent-control/values.yaml` | ||
| agent-control-deployment: | ||
| identityClientId: "" |
There was a problem hiding this comment.
indentation is wrong
| agent-operator: | ||
| type: newrelic/com.newrelic.k8s_agent_operator:0.1.0 | ||
| content: | ||
| chart_version: "*" |
There was a problem hiding this comment.
is this included for public preview?
| global: | ||
| lowDataMode: true | ||
| newrelic-prometheus-agent: | ||
| config.kubernetes.integrations_filter.enabled: false |
There was a problem hiding this comment.
is this the right format?
|
|
||
|
|
||
| ### Local configuration: OpenTelemetry | ||
| The following snippet demonstrates installing Agent Control with OpenTelemetry and disabling the filelog receiver in the managed [`nr-k8s-otel-collector` Helm chart](https://github.com/newrelic/helm-charts/tree/master/charts/nr-k8s-otel-collector#values): |
There was a problem hiding this comment.
where the file log receiver is modified in this config?
|
|
||
| - **Invalid `identityClientId`:** `Error getting system identity auth token. The API endpoint returned 404: Failed to find Identity: <identityClientId-value>` | ||
| - **Invalid `identityClientSecret`:** `Error getting system identity auth token. The API endpoint returned 400: Bad client secret.` | ||
| - **Identity expired:** `Error getting system identity auth token. The API endpoint returned 400: Expired client secret.` | ||
| - **Missing required permissions:** `Failed to create a New Relic System Identity for Fleet Control communication authentication. Please verify that your User Key is valid and that your Account Organization has the necessary permissions to create a System Identity: Exception while fetching data (/create) : Not authorized to perform this action or the entity is not found.` |
There was a problem hiding this comment.
The page looks weird
Co-authored-by: Vinay Payyapilly <[email protected]>
Co-authored-by: Vinay Payyapilly <[email protected]>
….mdx Co-authored-by: Vinay Payyapilly <[email protected]>
Co-authored-by: Vinay Payyapilly <[email protected]>
Co-authored-by: Vinay Payyapilly <[email protected]>
Co-authored-by: Vinay Payyapilly <[email protected]>
| - **New Relic license key:** You'll need a New Relic license key to report telemetry to your New Relic account. | ||
| - **Kubernetes cluster name:** Have the name of your Kubernetes cluster ready, as it will be referenced during the installation process. | ||
| - **Auth Domain Manager:** To set up Agent Control and connect it to Fleet Control, you must have the Authentication Domain Manager role. | ||
| - **Existing instrumentation:** If you already have a Kubernetes cluster instrumented with New Relic, you have to uninstall the instrumentation and then re-install it: |
There was a problem hiding this comment.
I created a PR adding a page to do a small deep dive on this #20049
|
|
||
| The solution is compatible with: | ||
| - Last three minor Kubernetes releases. | ||
| - Minikube, Kind, Amazon Elastic Kubernetes Service (Amazon EKS), Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE). |
There was a problem hiding this comment.
@ubanerjeeNR
We also support GKE autopilot and EKS Auto Mode
Notice that despite the AC supports them, some agents might require specific configs (or be not compatible). I think this is why a few lines below we state:
For system requirements for the Kubernetes infrastructure agent and the New Relic OpenTelemetry collector, see: [...]
Can you review the wording and add the two new flavours we support?
Agent and Fleet Control PP docs - DO NOT MERGE