71 lines
3.2 KiB
Markdown
71 lines
3.2 KiB
Markdown
---
|
|
title: OpenTelemetry Operator Chart
|
|
linkTitle: Operator Chart
|
|
---
|
|
|
|
## Introduction
|
|
|
|
The [OpenTelemetry Operator](/docs/kubernetes/operator) is a Kubernetes operator
|
|
that manages [OpenTelemetry Collectors](/docs/collector) and
|
|
auto-instrumentation of workloads. One of the ways to install the OpenTelemetry
|
|
Operator is via the
|
|
[OpenTelemetry Operator Helm Chart](https://github.com/open-telemetry/opentelemetry-helm-charts/tree/main/charts/opentelemetry-operator).
|
|
|
|
For detailed use of the OpenTelemetry Operator visit its
|
|
[docs](/docs/kubernetes/operator).
|
|
|
|
### Installing the Chart
|
|
|
|
To install the chart with the release name `my-opentelemetry-operator`, run the
|
|
following commands:
|
|
|
|
```console
|
|
helm repo add open-telemetry https://open-telemetry.github.io/opentelemetry-helm-charts
|
|
helm install my-opentelemetry-operator open-telemetry/opentelemetry-operator \
|
|
--set admissionWebhooks.certManager.enabled=false \
|
|
--set admissionWebhooks.certManager.autoGenerateCert.enabled=true
|
|
```
|
|
|
|
This will install an OpenTelemetry Operator with a self-signed certificate and
|
|
secret.
|
|
|
|
### Configuration
|
|
|
|
The Operator helm chart's default `values.yaml` is ready to be installed, but it
|
|
expects that Cert Manager is already present on the Cluster.
|
|
|
|
In Kubernetes, in order for the API server to communicate with the webhook
|
|
component, the webhook requires a TLS certificate that the API server is
|
|
configured to trust. There are a few different ways you can use to
|
|
generate/configure the required TLS certificate.
|
|
|
|
- The easiest and default method is to install the
|
|
[cert-manager](https://cert-manager.io/docs/) and set
|
|
`admissionWebhooks.certManager.create` to `true`. In this way, cert-manager
|
|
will generate a self-signed certificate. See
|
|
[cert-manager installation](https://cert-manager.io/docs/installation/kubernetes/)
|
|
for more details.
|
|
- You can provide your own Issuer by configuring the
|
|
`admissionWebhooks.certManager.issuerRef` value. You will need to specify the
|
|
`kind` (Issuer or ClusterIssuer) and the `name`. Note that this method also
|
|
requires the installation of cert-manager.
|
|
- You can use an automatically generated self-signed certificate by setting
|
|
`admissionWebhooks.certManager.enabled` to `false` and
|
|
`admissionWebhooks.autoGenerateCert.enabled` to `true`. Helm will create a
|
|
self-signed cert and a secret for you.
|
|
- You can use your own generated self-signed certificate by setting both
|
|
`admissionWebhooks.certManager.enabled` and
|
|
`admissionWebhooks.autoGenerateCert.enabled` to `false`. You should provide
|
|
the necessary values to `admissionWebhooks.cert_file`,
|
|
`admissionWebhooks.key_file`, and `admissionWebhooks.ca_file`.
|
|
- You can side-load custom webhooks and certificate by disabling
|
|
`.Values.admissionWebhooks.create` and `admissionWebhooks.certManager.enabled`
|
|
while setting your custom cert secret name in `admissionWebhooks.secretName`
|
|
- You can disable webhooks all together by disabling
|
|
`.Values.admissionWebhooks.create` and setting env var to
|
|
`ENABLE_WEBHOOKS: "false"`
|
|
|
|
All the configuration options (with comments) available in the chart can be
|
|
viewed in its
|
|
[values.yaml file](https://github.com/open-telemetry/opentelemetry-helm-charts/blob/main/charts/opentelemetry-operator/values.yaml).
|