diff --git a/kubernetes/omsagent.yaml b/kubernetes/omsagent.yaml index 49d4586c1..d84e46701 100644 --- a/kubernetes/omsagent.yaml +++ b/kubernetes/omsagent.yaml @@ -400,6 +400,8 @@ spec: value: "" - name: AZMON_CONTAINERLOGS_ONEAGENT_REGIONS value: "koreacentral,norwayeast,eastus2" + - name: USING_AAD_MSI_AUTH + value: "false" securityContext: privileged: true ports: @@ -445,59 +447,65 @@ spec: periodSeconds: 60 timeoutSeconds: 15 #Only in sidecar scraping mode - - name: omsagent-prometheus - image: "mcr.microsoft.com/azuremonitor/containerinsights/ciprod:ciprod08052021" - imagePullPolicy: IfNotPresent - resources: - limits: - cpu: 500m - memory: 1Gi - requests: - cpu: 75m - memory: 225Mi - env: - # azure devops pipeline uses AKS_RESOURCE_ID and AKS_REGION hence ensure to uncomment these - - name: AKS_RESOURCE_ID - value: "VALUE_AKS_RESOURCE_ID_VALUE" - - name: AKS_REGION - value: "VALUE_AKS_RESOURCE_REGION_VALUE" - #Uncomment below two lines for ACS clusters and set the cluster names manually. Also comment out the above two lines for ACS clusters - #- name: ACS_RESOURCE_NAME - # value: "my_acs_cluster_name" - - name: CONTAINER_TYPE - value: "PrometheusSidecar" - - name: CONTROLLER_TYPE - value: "DaemonSet" - - name: NODE_IP - valueFrom: - fieldRef: - fieldPath: status.hostIP - # Update this with the user assigned msi client id for omsagent - - name: USER_ASSIGNED_IDENTITY_CLIENT_ID - value: "" - securityContext: - privileged: true - volumeMounts: - - mountPath: /etc/kubernetes/host - name: azure-json-path - - mountPath: /etc/omsagent-secret - name: omsagent-secret - readOnly: true - - mountPath: /etc/config/settings - name: settings-vol-config - readOnly: true - - mountPath: /etc/config/osm-settings - name: osm-settings-vol-config - readOnly: true - livenessProbe: - exec: - command: - - /bin/bash - - -c - - /opt/livenessprobe.sh - initialDelaySeconds: 60 - periodSeconds: 60 - timeoutSeconds: 15 + # - name: omsagent-prometheus + # image: "mcr.microsoft.com/azuremonitor/containerinsights/ciprod:ciprod06112021" + # imagePullPolicy: IfNotPresent + # resources: + # limits: + # cpu: 500m + # memory: 1Gi + # requests: + # cpu: 75m + # memory: 225Mi + # env: + # # azure devops pipeline uses AKS_RESOURCE_ID and AKS_REGION hence ensure to uncomment these + # - name: AKS_CLUSTER_NAME + # value: "VALUE_AKS_CLUSTER_NAME" + # - name: AKS_RESOURCE_ID + # value: "VALUE_AKS_RESOURCE_ID_VALUE" + # - name: AKS_REGION + # value: "VALUE_AKS_RESOURCE_REGION_VALUE" + # - name: AKS_NODE_RESOURCE_GROUP + # value: "VALUE_AKS_NODE_RESOURCE_GROUP" + # #Uncomment below two lines for ACS clusters and set the cluster names manually. Also comment out the above two lines for ACS clusters + # #- name: ACS_RESOURCE_NAME + # # value: "my_acs_cluster_name" + # - name: CONTAINER_TYPE + # value: "PrometheusSidecar" + # - name: CONTROLLER_TYPE + # value: "DaemonSet" + # - name: NODE_IP + # valueFrom: + # fieldRef: + # fieldPath: status.hostIP + # # Update this with the user assigned msi client id for omsagent + # - name: USER_ASSIGNED_IDENTITY_CLIENT_ID + # value: "" + # - name: USING_AAD_MSI_AUTH + # value: "false" + # securityContext: + # privileged: true + # volumeMounts: + # - mountPath: /etc/kubernetes/host + # name: azure-json-path + # - mountPath: /etc/omsagent-secret + # name: omsagent-secret + # readOnly: true + # - mountPath: /etc/config/settings + # name: settings-vol-config + # readOnly: true + # - mountPath: /etc/config/osm-settings + # name: osm-settings-vol-config + # readOnly: true + # livenessProbe: + # exec: + # command: + # - /bin/bash + # - -c + # - /opt/livenessprobe.sh + # initialDelaySeconds: 60 + # periodSeconds: 60 + # timeoutSeconds: 15 affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -620,7 +628,9 @@ spec: value: "" # Add the below environment variable to true only in sidecar enabled regions, else set it to false - name: SIDECAR_SCRAPING_ENABLED - value: "true" + value: "false" + - name: USING_AAD_MSI_AUTH + value: "false" securityContext: privileged: true ports: @@ -789,13 +799,13 @@ spec: fieldRef: fieldPath: status.hostIP - name: SIDECAR_SCRAPING_ENABLED - value: "true" + value: "false" # Update this with the user assigned msi client id for omsagent - name: USER_ASSIGNED_IDENTITY_CLIENT_ID value: "" # Add this only for clouds that require cert bootstrapping - - name: REQUIRES_CERT_BOOTSTRAP - value: "true" + # - name: REQUIRES_CERT_BOOTSTRAP + # value: "true" volumeMounts: - mountPath: C:\ProgramData\docker\containers name: docker-windows-containers