Add orchestrator explorer k8s manifests example

Dockerfiles/manifests/generate.sh

@@ -76,6 +76,17 @@ clusterChecksRunner:
   enabled: true
 EOF
 
+cat > "$TMPDIR/values-orchestrator-explorer.yaml" <<EOF
+datadog:
+  collectEvents: true
+  processAgent:
+    enabled: true
+  orchestratorExplorer:
+    enabled: true
+clusterAgent:
+  enabled: true
+EOF
+
 cat > "$TMPDIR/cleanup_instructions.yaml" <<EOF
 - command: delete
   path: metadata.labels."helm.sh/chart"

Dockerfiles/manifests/orchestrator-explorer/README.md

@@ -0,0 +1,14 @@
+The kubernetes manifests found in this directory have been automatically generated
+from the [helm chart `datadog/datadog`](https://github.com/DataDog/helm-charts/tree/master/charts/datadog)
+version 2.6.0 with the following `values.yaml`:
+
+```yaml
+datadog:
+  collectEvents: true
+  processAgent:
+    enabled: true
+  orchestratorExplorer:
+    enabled: true
+clusterAgent:
+  enabled: true
+```

Dockerfiles/manifests/orchestrator-explorer/agent-secret.yaml

@@ -0,0 +1,9 @@
+# This file has been generated by `helm template datadog-agent datadog/datadog` from datadog/templates/agent-secret.yaml. Please re-run `generate.sh` rather than modifying this file manually.
+apiVersion: v1
+kind: Secret
+metadata:
+  name: datadog-cluster-agent
+  labels: {}
+type: Opaque
+data:
+  token: PUT_A_BASE64_ENCODED_RANDOM_STRING_HERE

Dockerfiles/manifests/orchestrator-explorer/agent-services.yaml

@@ -0,0 +1,14 @@
+# This file has been generated by `helm template datadog-agent datadog/datadog` from datadog/templates/agent-services.yaml. Please re-run `generate.sh` rather than modifying this file manually.
+apiVersion: v1
+kind: Service
+metadata:
+  name: datadog-cluster-agent
+  labels: {}
+spec:
+  type: ClusterIP
+  selector:
+    app: datadog-cluster-agent
+  ports:
+  - port: 5005
+    name: agentport
+    protocol: TCP

Dockerfiles/manifests/orchestrator-explorer/cluster-agent-deployment.yaml

@@ -0,0 +1,107 @@
+# This file has been generated by `helm template datadog-agent datadog/datadog` from datadog/templates/cluster-agent-deployment.yaml. Please re-run `generate.sh` rather than modifying this file manually.
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: datadog-cluster-agent
+  labels: {}
+spec:
+  replicas: 1
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 0
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      app: datadog-cluster-agent
+  template:
+    metadata:
+      labels:
+        app: datadog-cluster-agent
+      name: datadog-cluster-agent
+      annotations:
+        ad.datadoghq.com/cluster-agent.check_names: '["prometheus"]'
+        ad.datadoghq.com/cluster-agent.init_configs: '[{}]'
+        ad.datadoghq.com/cluster-agent.instances: |
+          [{
+            "prometheus_url": "http://%%host%%:5000/metrics",
+            "namespace": "datadog.cluster_agent",
+            "metrics": [
+              "go_goroutines", "go_memstats_*", "process_*",
+              "api_requests",
+              "datadog_requests", "external_metrics", "rate_limit_queries_*",
+              "cluster_checks_*"
+            ]
+          }]
+    spec:
+      serviceAccountName: datadog-cluster-agent
+      containers:
+      - name: cluster-agent
+        image: "gcr.io/datadoghq/cluster-agent:1.9.1"
+        imagePullPolicy: IfNotPresent
+        resources: {}
+        ports:
+        - containerPort: 5005
+          name: agentport
+          protocol: TCP
+        env:
+        - name: DD_HEALTH_PORT
+          value: "5555"
+        - name: DD_API_KEY
+          valueFrom:
+            secretKeyRef:
+              name: "datadog"
+              key: api-key
+              optional: true
+        - name: DD_LOG_LEVEL
+          value: "INFO"
+        - name: DD_LEADER_ELECTION
+          value: "true"
+        - name: DD_COLLECT_KUBERNETES_EVENTS
+          value: "true"
+        - name: DD_CLUSTER_AGENT_KUBERNETES_SERVICE_NAME
+          value: datadog-cluster-agent
+        - name: DD_CLUSTER_AGENT_AUTH_TOKEN
+          valueFrom:
+            secretKeyRef:
+              name: datadog-cluster-agent
+              key: token
+        - name: DD_KUBE_RESOURCES_NAMESPACE
+          value: default
+        - name: DD_ORCHESTRATOR_EXPLORER_ENABLED
+          value: "true"
+        - name: DD_ORCHESTRATOR_EXPLORER_CONTAINER_SCRUBBING_ENABLED
+          value: "true"
+        - name: DD_COMPLIANCE_CONFIG_ENABLED
+          value: "false"
+        livenessProbe:
+          failureThreshold: 6
+          httpGet:
+            path: /live
+            port: 5555
+            scheme: HTTP
+          initialDelaySeconds: 15
+          periodSeconds: 15
+          successThreshold: 1
+          timeoutSeconds: 5
+        readinessProbe:
+          failureThreshold: 6
+          httpGet:
+            path: /ready
+            port: 5555
+            scheme: HTTP
+          initialDelaySeconds: 15
+          periodSeconds: 15
+          successThreshold: 1
+          timeoutSeconds: 5
+        volumeMounts:
+        - name: installinfo
+          subPath: install_info
+          mountPath: /etc/datadog-agent/install_info
+          readOnly: true
+      volumes:
+      - name: installinfo
+        configMap:
+          name: datadog-installinfo
+      nodeSelector:
+        kubernetes.io/os: linux

Dockerfiles/manifests/orchestrator-explorer/cluster-agent-rbac.yaml

@@ -0,0 +1,124 @@
+# This file has been generated by `helm template datadog-agent datadog/datadog` from datadog/templates/cluster-agent-rbac.yaml. Please re-run `generate.sh` rather than modifying this file manually.
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    app: "datadog"
+    chart: "datadog-2.6.0"
+    heritage: "Helm"
+    release: "datadog"
+  name: datadog-cluster-agent
+---
+# This file has been generated by `helm template datadog-agent datadog/datadog` from datadog/templates/cluster-agent-rbac.yaml. Please re-run `generate.sh` rather than modifying this file manually.
+apiVersion: "rbac.authorization.k8s.io/v1"
+kind: ClusterRole
+metadata:
+  labels: {}
+  name: datadog-cluster-agent
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - services
+  - endpoints
+  - pods
+  - nodes
+  - componentstatuses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+- apiGroups: ["quota.openshift.io"]
+  resources:
+  - clusterresourcequotas
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - "autoscaling"
+  resources:
+  - horizontalpodautoscalers
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  resourceNames:
+  - datadogtoken # Kubernetes event collection state
+  verbs:
+  - get
+  - update
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  resourceNames:
+  - datadog-leader-election # Leader election token
+  verbs:
+  - get
+  - update
+- apiGroups: # To create the leader election token and hpa events
+  - ""
+  resources:
+  - configmaps
+  - events
+  verbs:
+  - create
+- nonResourceURLs:
+  - "/version"
+  - "/healthz"
+  verbs:
+  - get
+- apiGroups: # to get the kube-system namespace UID and generate a cluster ID
+  - ""
+  resources:
+  - namespaces
+  resourceNames:
+  - "kube-system"
+  verbs:
+  - get
+- apiGroups: # To create the cluster-id configmap
+  - ""
+  resources:
+  - configmaps
+  resourceNames:
+  - "datadog-cluster-id"
+  verbs:
+  - create
+  - get
+  - update
+- apiGroups:
+  - "apps"
+  resources:
+  - deployments
+  - replicasets
+  verbs:
+  - list
+  - get
+  - watch
+---
+# This file has been generated by `helm template datadog-agent datadog/datadog` from datadog/templates/cluster-agent-rbac.yaml. Please re-run `generate.sh` rather than modifying this file manually.
+apiVersion: "rbac.authorization.k8s.io/v1"
+kind: ClusterRoleBinding
+metadata:
+  labels: {}
+  name: datadog-cluster-agent
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: datadog-cluster-agent
+subjects:
+- kind: ServiceAccount
+  name: datadog-cluster-agent
+  namespace: default