Advanced
The K8s exporter supports additional flags and the option to provide additional configuration sources, making it easier to configure its behavior to your liking.
Required configurationโ
The following parameters are required with every K8s exporter installation/upgrade:
Parameter | Description |
---|---|
secret.secrets.portClientId | Port Client ID |
secret.secrets.portClientSecret | Port Client Secret |
Advanced installation parametersโ
The following advanced configuration parameters are available:
- Resync Interval
- State Key
- Verbosity (Log Level)
- Event listener type
- CRDs to discover
The resyncInterval
parameter specifies the interval in minutes to send a repeated sync event for all known existing objects (in addition to new cluster events).
- Default value:
0
(re-sync disabled) - Use case: Re-sync every X minutes. This parameter is useful when reporting entities with relations inside your cluster in instances where an entity is reported before its related target has been created in Port. The initial sync will fail, but later when the target entity is available, the entity creation will succeed.
The stateKey
parameter specifies a unique state key per K8s exporter installation. Enables deletion of stale Port entities that had been created by the exporter, and shouldn't be synced (anymore) according to your existing exporter app configuration. The exporter will check for pending deletions during pod initialization, and also respond to deletion events in the cluster.
- Default:
""
.- When empty, a
UUID
will be automatically generated and kept in the ConfigMap. Changing the state key will cause the existing exporter to lose track of entities it reported previously from the cluster, and will therefore not delete them from Port.
- When empty, a
- Use case: Deletion of stale Port entities. For example:
- Removal of entire resource (like
pods
) from the exporter app config, will also remove them from the software catalog. - Modification of an entity's identifier will cause the stale entity to be removed and created again with the correct identifier.
- Removal of entire resource (like
The K8S exporter provides support for multiple event listeners. The event listener is used to receive events and resync requests from Port and forward them to the exporter.
By configuring an event listener the integration will listen to and react to the following events sent from Port:
- Configuration update - the integration will use the data of the new configuration to perform a resync of information from the k8s cluster
- Resync request - the integration will perform a resync of data from the k8s cluster to Port based on the existing configuration
The following event listener types are supported:
-
POLLING - the integration will automatically query Port for updates in the integration configuration and perform a resync if changes are detected.
-
KAFKA - the integration will consume incoming resync requests from your dedicated Kafka topic, provisioned to you by Port
Available event listeners configuration parameters can be found here
The event listeners that are currently available do not support multiple instances of the same exporter
If a resync event is received by your integration while it is actively performing a resync, the currently running resync will be aborted and a new resync process will start.
If a new resync trigger consistently aborts a running resync, it means that your integration never finishes a complete resync process (which means some information from the cluster might never appear in Port).
The verbosity
parameter is used to control the verbosity level of info logs in K8s exporter's pod.
- Default:
0
(show all info and error logs, including info logs of successful updates) - Use case: Set the value to
-1
, if you want to clear out info logs of successful entity updates. Error logs and some info logs (initialization and teardown logs), will be reported.
The crdsToDiscover
parameter is used to specify a filter for the CRDs that the K8s exporter should discover and export to Port, without the need to create a mapping and the blueprint manually.
For more information how to use the crdsToDiscover
parameter, please refer to the K8S API extension guide
- Default:
""
(no filter)
Security Configurationโ
The following security parameters can be modified to give the K8s exporter more granular access to your cluster:
Parameter | Description | Default |
---|---|---|
clusterRole.apiGroups | The API groups that the K8s Exporter can access. Make sure to grant access to the relevant API groups, with respect to the resources that you've configured in the resource mapping | {'*'} |
clusterRole.resources | The resources that the K8s Exporter can access. Make sure to grant access to the relevant resources, with respect to the resources that you've configured in the resource mapping | {'*'} |
serviceAccount.create | Whether to create the default ServiceAccount, ClusterRole and ClusterRoleBinding resources. | true |
serviceAccount.name | The name of the custom ServiceAccount resource to use, relevant only when serviceAccount.create is set to false |
Overriding configurationsโ
When installing the K8s exporter, it is possible to override default values in the helm upgrade
command:
By using the --set
flag, you can override specific exporter configuration parameters during exporter installation/upgrade:
helm upgrade --install k8s-exporter port-labs/port-k8s-exporter \
--create-namespace --namespace port-k8s-exporter \
--set secret.secrets.portClientId="YOUR_PORT_CLIENT_ID" \
--set secret.secrets.portClientSecret="YOUR_PORT_CLIENT_SECRET" \
--set stateKey="k8s-exporter" \
--set eventListenerType="KAFKA" \
--set extraEnv=[{"name":"CLUSTER_NAME","value":"my-cluster"}]
For example, to set the parameters from the security configuration section:
--set clusterRole.apiGroups="{argoproj.io,'',apps}" \
--set clusterRole.resources="{rollouts,pods,replicasets}"
All configuration parametersโ
- A complete list of configuration parameters available when using the helm chart is available here;
- An example skeleton
values.yml
file is available here.
Extra environment variablesโ
To pass extra environment variables to the exporter's runtime, you can use the Helm chart provided with the installation. You can do this in one of two ways:
- Using Helm's
--set
flag:
helm upgrade --install <MY_INSTALLATION_NAME> port-labs/port-k8s-exporter \
# Standard installation flags
# ...
--set "extraEnv[0].name"=HTTP_PROXY \
--set "extraEnv[0].value"=http://my-proxy.com:1111
- The Helm
values.yaml
file:
# The rest of the configuration
# ...
extraEnvs:
- name: HTTP_PROXY
value: http://my-proxy.com:1111
Proxy Configurationโ
HTTP_PROXY
& HTTPS_PROXY
โ
HTTP_PROXY
and HTTPS_PROXY
are environment variables used to specify a proxy server for handling HTTP or HTTPS, respectively. The values assigned to these settings should be the URL of the proxy server.
For example:
HTTP_PROXY=http://my-proxy.com:1111
HTTPS_PROXY=http://my-proxy.com:2222
NO_PROXY
โ
NO_PROXY
allows blacklisting certain addresses from being handled through a proxy. This variable accepts a comma-seperated list of hostnames or urls.
For example:
NO_PROXY=http://127.0.0.1,google.com
Advanced resource mapping configurationโ
- Delete Dependents
- Create Missing Related Entities
The deleteDependents
parameter is used to enable deletion of dependent Port entities. This is useful when you have two blueprints with a required relation, and the target entity in the relation should be deleted. In this scenario, the delete operation will fail if this flag is set to false
if the flag is set to true
, the source entity will be deleted as well.
- Default:
false
(disabled) - Use case: Deletion of dependent Port entities. Must be enabled if you want to delete a target entity (and its source entities) when the entity's blueprint has required relations.
The createMissingRelatedEntities
parameter is used to enable the creation of missing related Port entities.
- Default:
false
(disabled) - Use case: Creation of missing related Port entities. For example:
- Creation of related entity that has no matching resource kind in K8s, like
cluster
; - Creation of an entity and its related entity, even though the related entity doesn't exist yet in Port.
- Creation of related entity that has no matching resource kind in K8s, like