Magalix Runs Kubernetes on Autopilot!

Guides    Discussions

The Anatomy of Magalix Agent YAML File

YAML Unique URL

When you run the provided kubectl command, you are actually downloading cluster specific YAML file. This file is a spec to download and run Magalix agent's pod.

YAML file URL is valid for 4 hours only

For security reasons the provided URL is valid for 4 hours only. You can retrieve a fresh URL anytime. The older one will be invalid at this point.

Below is a typical kubectl command needed to connect your cluster. It downloads your cluster specific YAML file and applies that YAML file to your cluster.

kubectl apply -f https://console.magalix.com/cluster-deployment/{{some cryptic text}}/deployment.yaml

Magalix Agent Spec File

Below is a typical YAML file that installs and configures Magalix agent. Cluster-specific secrets and account Id are omitted from this file.

kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: magalix-agent
  #Magalix agent is installed in kube-system by default. You can change it to another namespace
  namespace: kube-system 
  labels:
    app.kubernetes.io/name: "magalix-agent"
    app.kubernetes.io/version: "1"
    app.kubernetes.io/component: "magalix-agent"
    app.kubernetes.io/tier: "backend"
spec:
  replicas: 1
  template:
    metadata:
      labels:
        name: magalix-agent
    spec:
      serviceAccountName: magalix-agent
      restartPolicy: Always
      containers:
        - image: magalixcorp/agent:latest
          imagePullPolicy: Always
          name: agent
          resources: #default agent resources. It will be automatically managed if the Autopilot is enabled
            limits:
              memory: 750Mi
              cpu: 1
            requests:
              memory: 200Mi
              cpu: 100m
          args:
            - --kube-incluster
            - --gateway=ws://agent-gateway.magalix.com/
            - --source=kubelet
            - --trace-log=/agent.log #Where to store the log file
          envFrom:
            - secretRef:
                name: magalix-agent
---

apiVersion: v1
kind: Secret
metadata:
  name: magalix-agent
  namespace: kube-system
  labels:
    app.kubernetes.io/name: "magalix-agent"
    app.kubernetes.io/version: "1"
    app.kubernetes.io/component: "secret"
    app.kubernetes.io/tier: "backend"
type: Opaque
data:
  ACCOUNT_ID: #[Removed from this sample]
  CLUSTER_ID: #[Removed from this sample]
  SECRET: #[Removed from this sample]

---

apiVersion: v1
kind: ServiceAccount
metadata:
  name: magalix-agent
  namespace: kube-system
  labels:
    app.kubernetes.io/name: "magalix-agent"
    app.kubernetes.io/version: "1"
    app.kubernetes.io/component: "service-account"
    app.kubernetes.io/tier: "backend"

---
#If RBAC is enabled by default below cluster role and cluster role binding are required
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: magalix-agent
  labels:
    app.kubernetes.io/name: "magalix-agent"
    app.kubernetes.io/version: "1"
    app.kubernetes.io/component: "cluster-role"
    app.kubernetes.io/tier: "backend"
rules: 
# Allow the agent to perform get, watch, list, and path on below K8s resources. 
# If you are on the FREE plan, the patch verb is not required
- apiGroups: ["", "extensions", "apps", "batch", "metrics.k8s.io"]
  resources: ["nodes", "nodes/stats", "nodes/metrics", "nodes/proxy", "pods", "limitranges", "deployments", "replicationcontrollers", "statefulsets", "daemonsets", "replicasets", "cronjobs"]
  verbs: ["get", "watch", "list", "patch"]

---

kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: magalix-agent
  labels:
    app.kubernetes.io/name: "magalix-agent"
    app.kubernetes.io/version: "1"
    app.kubernetes.io/component: "cluster-role-binding"
    app.kubernetes.io/tier: "backend"
subjects:
- kind: ServiceAccount
  name: magalix-agent
  namespace: kube-system
roleRef:
  kind: ClusterRole
  name: magalix-agent
  apiGroup: rbac.authorization.k8s.io

The Anatomy of Magalix Agent YAML File


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.