apiVersion: dynatrace.com/v1alpha1
kind: OneAgent
metadata:
  # A descriptive name for this object, all created child objects will be based on it.
  name: oneagent
  namespace: dynatrace
spec:
  # API URL for the Dynatrace endpoint including '/api' path at the end. Either set ENVIRONMENTID to
  # the proper Dynatrace environment ID or change the apiUrl as a whole, e.g. for Managed.
  apiUrl: https://ENVIRONMENTID.live.dynatrace.com/api

  # Optional: disable certificate validation checks for installer download and API communication.
  # Disabled by default.
  #
  # skipCertCheck: false

  # Optional: name of Secret holding 'apiToken' and 'paasToken'. By default, name of the Custom
  # Resource is used.
  #
  # tokens: ""

  # Optional: node selector to control on which nodes the OneAgent will be deployed.
  #
  # nodeSelector: {}

  # Optional: tolerations to include with the OneAgent DaemonSet.
  # See more here: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
  tolerations:
    - effect: NoSchedule
      key: node-role.kubernetes.io/master
      operator: Exists

  # Optional: to use a custom OneAgent Docker image. Defaults to docker.io/dynatrace/oneagent in
  # Kubernetes and registry.connect.redhat.com/dynatrace/oneagent in OpenShift.
  #
  # image: ""

  # Optional: arguments to add to the OneAgent installer.
  # Available options: https://www.dynatrace.com/support/help/shortlink/linux-custom-installation
  # Limitations: https://www.dynatrace.com/support/help/shortlink/oneagent-docker#limitations
  # args: []

  # Optional: additional environment variables to add to the OneAgent Pods.
  #
  # env: []

  # [Since Operator v0.2.0]
  # Optional: resource settings for OneAgent container. Consumption of the OneAgent heavily depends
  # on the workload to monitor; please adjust values accordingly.
  #
  # resources:
  #   requests:
  #     cpu: 100m
  #     memory: 512Mi
  #   limits:
  #     cpu: 300m
  #     memory: 1.5Gi

  # [Since Operator v0.3.0]
  # Optional: priority class to assign to the OneAgent Pods. By default no class is set.
  # See more here: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
  #
  # priorityClassName: priority-class

  # [Since Operator v0.3.0]
  # Optional: disables automatic restarts of oneagent pods in case a new version is available. False
  # by default.
  #
  # disableAgentUpdate: false

  # [Since Operator v0.4.0]
  # Optional: when enabled, and if Istio is installed on the Kubernetes environment, then the
  # Operator will create the corresponding VirtualService and ServiceEntry objects to allow access
  # to the Dynatrace cluster from the agent. Disabled by default.
  #
  # enableIstio: false

  # [Since Operator v0.6.0]
  # Optional: DNS Policy for OneAgent pods. Defaults to ClusterFirst.
  # See more: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy
  #
  # dnsPolicy: "ClusterFirst"

  # [Since Operator v0.6.0]
  # Optional: labels are customer defined labels for OneAgent Pods to structure workloads as desired.
  #
  # labels:
  #   custom: label

  # [Since Operator v0.5.3]
  # Optional: name of the ServiceAccount to assign to the OneAgent Pods. Defaults to
  # "dynatrace-oneagent"
  #
  # serviceAccountName: service-account-name

  # [Since Operator v0.7.0]
  # Optional: configures a proxy for the Agent, AgentDownload and the Operator. Either provide the
  # proxy URL directly at 'value' or create a Secret with a field 'proxy' which holds your encrypted
  # proxy URL.
  #
  # proxy:
  #   value: https://my-proxy-url.com
  #   valueFrom: name-of-my-proxy-secret

  # [Since Operator v0.7.0]
  # Optional: name of the ConfigMap containing the custom CA certificates; the ConfigMap must have a
  # field called certs with the contents of the PEM bundle. These custom certificates will be used by
  # both the Operator and the OneAgent. By default the embedded certificates on the images are used.
  #
  # trustedCAs: name-of-my-ca-configmap

  # [Since Operator v0.8.0, requires OneAgent 1.195 or higher]
  # Optional: sets a NetworkZone for the OneAgent.
  #
  # networkZone: name-of-my-network-zone

  # [Since Operator v0.9.0, Early Adopter]
  # Optional: when enabled the OneAgent Pods will run as unprivileged. Disabled by default.
  #
  useUnprivilegedMode: true

  # [Since Operator v0.9.0, requires OneAgent 1.203 and cluster 1.207]
  # Optional: if enabled, the Operator will use the immutable image from the Dynatrace environment or from your custom
  # registry, otherwise an installer image is used. Disabled by default.
  #
  # useImmutableImage: true

  # [Since Operator v0.9.0]
  # Optional: The version of the OneAgent to be used when useImmutableImage is enabled. The latest is used by default.
  #
  # agentVersion: ""