Sensor on Kubernetes
Install on Kubernetes as DaemonSet
Prerequisites
- Kubernetes version >= v1.18.0
- Helm v3 installed and configured
- The Kubernetes cluster API endpoint is reachable from the machine running Helm
kubectlaccess to the cluster withcluster-adminpermissions
1. Add the Levo Helm Repository
helm repo add levoai https://charts.levo.ai && helm repo update levoai
2. Create the levoai Namespace and Install PCAP Sensor
# Replace 'hostname|IP' & 'port' with the values you noted down from the Satellite installation
# If the Sensor is installed on the same cluster as the Satellite, use 'http://levoai-haproxy:80'
# Specify the 'Application Name' chosen earlier below.
#
helm upgrade levoai-pcap-sensor levoai/levoai-pcap-sensor \
--install \
--namespace levoai \
--create-namespace \
--set sensor.config.levoaiOrgId="your Levo Org ID" \
--set sensor.config.levoaiWorkspaceId="your Levo Workspace ID" \
--set sensor.config.satelliteUrl="http(s)://hostname|IP:port" \
--set sensor.config.levoEnv="your application environment (staging, production etc.)"
Set additional configurations:
sensor.config.traceExportInterval="trace export interval in seconds (default 10)"
sensor.config.rateLimit="rate limit number in traces/min (default 1000)"
sensor.config.filter="pcap filter string, e.g., port 8080 and (not port 8081)"
sensor.config.hostAllow="host allow regex"
sensor.config.pathAllow="path allow regex"
sensor.config.hostExclusions="host exclusion regex"
sensor.config.pathExclusions="path exclusion regex"
3. Configure Sensor for Memory and CPU Resource Limits
- For normal/average use cases, use the default configuration
- For strict resource constraints, use the Low Resource Helm Values File
Using a Private Docker Registry for Kubernetes Installations (Optional)
If you want to use a private Docker registry for the Sensor installation, refer to Using a Private Docker Registry for Kubernetes Installations.
Optimizing Resource Usage for Levo PCAP Sensor
Resource requests and limits help ensure the PCAP Sensor runs efficiently and reliably in your Kubernetes cluster. You can tune these settings to match your environment’s needs and available resources.
1. Configure CPU and Memory Requests/Limits
The Sensor’s resource settings are defined in the Helm chart under sensor.containerResources. You can override these values during installation or upgrade:
- Requests: Minimum resources guaranteed for the container.
- Limits: Maximum resources the container can use.
Example values.yaml section:
sensor:
containerResources:
requests:
cpu: 0.5
memory: 1Gi
limits:
cpu: 1
memory: 2Gi
2. Set Resource Values via Helm
To customize resource allocation, use the following flags with your Helm command:
helm upgrade --install -n levoai levoai-pcap-sensor levoai/levoai-pcap-sensor \
--set sensor.containerResources.requests.cpu=0.25 \
--set sensor.containerResources.limits.cpu=0.5 \
--set sensor.containerResources.requests.memory=512Mi \
--set sensor.containerResources.limits.memory=1Gi
You can adjust the values (cpu, memory) to fit your cluster’s capacity and workload.
3. Verify Resource Settings
After deployment, check the resource settings applied to the Sensor pod:
kubectl -n levoai get pod <levoai-pcap-sensor-pod-name> -o jsonpath='{.spec.containers[*].resources}'
4. Tips for Tuning
- Monitor Usage: Use
kubectl top podor your cluster’s monitoring tools to observe actual resource consumption. - Adjust Gradually: Start with conservative values and increase if you notice throttling or OOM (Out Of Memory) errors.
- Cluster Constraints: Ensure your node types and quotas can support the requested resources.
For further assistance with resource optimization, contact support@levo.ai.