Advanced
The K8s exporter supports additional flags and the option to provide additional configuration sources, making it easier to configure its behavior to your liking.
Required configuration​
The following parameters are required with every K8s exporter installation/upgrade:
| Parameter | Description |
|---|---|
secret.secrets.portClientId | Port Client ID |
secret.secrets.portClientSecret | Port Client Secret |
Advanced installation parameters​
The following advanced configuration parameters are available:
- Resync Interval
- State Key
- Verbosity (Log Level)
- Event listener type
The resyncInterval parameter specifies the interval in minutes to send a repeated sync event for all known existing objects (in addition to new cluster events).
- Default value:
0(re-sync disabled) - Use case: Re-sync every X minutes. This parameter is useful when reporting entities with relations inside your cluster in instances where an entity is reported before its related target has been created in Port. The initial sync will fail, but later when the target entity is available, the entity creation will succeed.
The stateKey parameter specifies a unique state key per K8s exporter installation. Enables deletion of stale Port entities that had been created by the exporter, and shouldn't be synced (anymore) according to your existing exporter app configuration. The exporter will check for pending deletions during pod initialization, and also respond to deletion events in the cluster.
- Default:
"".- When empty, a
UUIDwill be automatically generated and kept in the ConfigMap. Changing the state key will cause the existing exporter to lose track of entities it reported previously from the cluster, and will therefore not delete them from Port.
- When empty, a
- Use case: Deletion of stale Port entities. For example:
- Removal of entire resource (like
pods) from the exporter app config, will also remove them from the software catalog. - Modification of an entity's identifier will cause the stale entity to be removed and created again with the correct identifier.
- Removal of entire resource (like
The K8S exporter provides support for multiple event listeners. The event listener is used to receive events and resync requests from Port and forward them to the exporter.
By configuring an event listener the integration will listen to and react to the following events sent from Port:
- Configuration update - the integration will use the data of the new configuration to perform a resync of information from the k8s cluster
- Resync request - the integration will perform a resync of data from the k8s cluster to Port based on the existing configuration
The following event listener types are supported:
-
POLLING - the integration will automatically query Port for updates in the integration configuration and perform a resync if changes are detected.
-
KAFKA - the integration will consume incoming resync requests from your dedicated Kafka topic, provisioned to you by Port
Available event listeners configuration parameters can be found here
The event listeners that are currently available do not support multiple instances of the same exporter
If a resync event is received by your integration while it is actively performing a resync, the currently running resync will be aborted and a new resync process will start.
If a new resync trigger consistently aborts a running resync, it means that your integration never finishes a complete resync process (which means some information from the cluster might never appear in Port).
The verbosity parameter is used to control the verbosity level of info logs in K8s exporter's pod.
- Default:
0(show all info and error logs, including info logs of successful updates) - Use case: Set the value to
-1, if you want to clear out info logs of successful entity updates. Error logs and some info logs (initialization and teardown logs), will be reported.
Security Configuration​
The following security parameters can be modified to give the K8s exporter more granular access to your cluster:
| Parameter | Description | Default |
|---|---|---|
clusterRole.apiGroups | The API groups that the K8s Exporter can access. Make sure to grant access to the relevant API groups, with respect to the resources that you've configured in the resource mapping | {'*'} |
clusterRole.resources | The resources that the K8s Exporter can access. Make sure to grant access to the relevant resources, with respect to the resources that you've configured in the resource mapping | {'*'} |
Overriding configurations​
When installing the K8s exporter, it is possible to override default values in the helm upgrade command:
By using the --set flag, you can override specific exporter configuration parameters during exporter installation/upgrade:
helm upgrade --install k8s-exporter port-labs/port-k8s-exporter \
--create-namespace --namespace port-k8s-exporter \
--set secret.secrets.portClientId="YOUR_PORT_CLIENT_ID" \
--set secret.secrets.portClientSecret="YOUR_PORT_CLIENT_SECRET" \
--set stateKey="k8s-exporter" \
--set eventListenerType="KAFKA" \
--set extraEnv=[{"name":"CLUSTER_NAME","value":"my-cluster"}]
For example, to set the parameters from the security configuration section:
--set clusterRole.apiGroups="{argoproj.io,'',apps}" \
--set clusterRole.resources="{rollouts,pods,replicasets}"
All configuration parameters​
- A complete list of configuration parameters available when using the helm chart is available here;
- An example skeleton
values.ymlfile is available here.
Extra environment variables​
To pass extra environment variables to the exporter's runtime, you can use the Helm chart provided with the installation. You can do this in one of two ways:
- Using Helm's
--setflag:
helm upgrade --install <MY_INSTALLATION_NAME> port-labs/port-k8s-exporter \
# Standard installation flags
# ...
--set "extraEnv[0].name"=HTTP_PROXY \
--set "extraEnv[0].value"=http://my-proxy.com:1111
- The Helm
values.yamlfile:
# The rest of the configuration
# ...
extraEnvs:
- name: HTTP_PROXY
value: http://my-proxy.com:1111
Proxy Configuration​
HTTP_PROXY & HTTPS_PROXY​
HTTP_PROXY and HTTPS_PROXY are environment variables used to specify a proxy server for handling HTTP or HTTPS, respectively. The values assigned to these settings should be the URL of the proxy server.
For example:
HTTP_PROXY=http://my-proxy.com:1111
HTTPS_PROXY=http://my-proxy.com:2222
NO_PROXY​
NO_PROXY allows blacklisting certain addresses from being handled through a proxy. This vairable accepts a comma-seperated list of hostnames or urls.
For example:
NO_PROXY=http://127.0.0.1,google.com
Advanced resource mapping configuration​
- Delete Dependents
- Create Missing Related Entities
The deleteDependents parameter is used to enable deletion of dependent Port entities. This is useful when you have two blueprints with a required relation, and the target entity in the relation should be deleted. In this scenario, the delete operation will fail if this flag is set to false if the flag is set to true, the source entity will be deleted as well.
- Default:
false(disabled) - Use case: Deletion of dependent Port entities. Must be enabled if you want to delete a target entity (and its source entities) when the entity's blueprint has required relations.
The createMissingRelatedEntities parameter is used to enable the creation of missing related Port entities.
- Default:
false(disabled) - Use case: Creation of missing related Port entities. For example:
- Creation of related entity that has no matching resource kind in K8s, like
cluster; - Creation of an entity and its related entity, even though the related entity doesn't exist yet in Port.
- Creation of related entity that has no matching resource kind in K8s, like