Agent Installation

Sysdig is a container monitoring and security platform that provides visibility into containerized applications running on a variety of cloud and cloud-native platforms, including Kubernetes, Docker, and AWS. It helps you troubleshoot issues, secure your applications, and meet compliance requirements.

Sysdig has two main products: Sysdig Monitor and Sysdig Secure. Sysdig Monitor provides monitoring and troubleshooting capabilities, while Sysdig Secure provides container security, compliance, and vulnerability management. The Sysdig Agent underlies both, and is deployed differently for Sysdig Monitor vs Sysdig Secure.

Sysdig Monitor: Sysdig Monitor offers monitoring, troubleshooting, cost-optimization, and alerting capabilities with process-level visibility into your dynamic, distributed production environments. To use Sysdig Monitor, install the Sysdig Agent in your environment and start collecting system metrics and events. Sysdig Monitor also integrates with cloud monitoring services such as AWS CloudWatch Metrics.
Sysdig Secure: Sysdig Secure provides runtime security, vulnerability management, compliance and benchmarks, and response. Runtime security includes workload and container drift monitoring, image profiling, activity auditing, and network security policy generation. Compliance and benchmarks enable you to check your workloads and cloud environments against compliance standards like CIS benchmarks. Vulnerability management includes runtime vulnerability scanning, build pipeline scanning, and registry scanning. Rapid Response allows designated advanced users to connect remotely to a host for forensic investigation.
Sysdig Monitor + Secure: If you are both a Sysdig Monitor and Secure user, follow the Sysdig Secure installation process. Sysdig Secure installation includes installing the Sysdig Agent, which is used by both Sysdig Monitor and Sysdig Secure.

For on-prem installation of the backend components, use the On-Premises Deployments documentation with the assistance of your Sysdig representative.

Install Sysdig Agent Using Helm

Use the following instructions to install the Sysdig Agent on your Kubernetes cluster and begin monitoring your containerized applications with Sysdig Monitor. Sysdig recommends helm-based installation in Kubernetes environments.

Prerequisites

Review the Installation Requirements.
Install the following:
- kubectl
- Helm v3.8 or above
If you are not using the Quick Start Wizard for the installation command, collect the following:
- Sysdig access key
- Collector address

For more information on agent configuration, see Configure Sysdig Agent.

Installation

Run the following:

kubectl create ns sysdig-agent
helm repo add sysdig https://charts.sysdig.com
helm repo update
helm install sysdig-agent --namespace sysdig-agent \
    --set global.sysdig.accessKey=<YOUR_ACCESS_KEY> \
    --set global.sysdig.region=custom \
    --set global.clusterConfig.name=<YOUR_CLUSTER_NAME> \
    --set agent.collectorSettings.collectorHost=<YOUR_COLLECTOR_HOST> \
    --set agent.collectorSettings.collectorPort=<YOUR_COLLECTOR_PORT> \
    --set nodeAnalyzer.apiEndpoint=<YOUR_API_ENDPOINT> \
    sysdig/sysdig-deploy

This command installs the Sysdig Agent using the sysdig-deploy helm chart.

Note that if you’re enforcing PSA you must give privileged policy to the sysdig-agent namespace, through the following command:

kubectl label --overwrite ns sysdig-agent pod-security.kubernetes.io/enforce=privileged

Options

The command above specifies the following options:

--namespace sysdig-agent: Specifies that the agent should be installed in the sysdig-agent namespace.
--set global.sysdig.accessKey=<ACCESS_KEY>: Specifies the Sysdig access key to use when connecting to the Sysdig backend. Replace <ACCESS_KEY> with your actual access key.
--set global.sysdig.region=<customer-region>: Specifies the Sysdig region to use. Replace <customer-region> with the region where your Sysdig deployment is located.
--set nodeAnalyzer.nodeAnalyzer.benchmarkRunner.deploy=false: Disables the Node Analyzer component. This is used by Secure users only.
--set global.clusterConfig.name=<CLUSTER_NAME>: Specifies the name of your Kubernetes cluster. Replace <CLUSTER_NAME> with your actual Kubernetes cluster name.
--set agent.collectorSettings.collectorHost=<COLLECTOR_HOST>: Specifies the host address of the collector to which the agent sends data. Replace <COLLECTOR_HOST> with the address of your Sysdig collector.
--set agent.collectorSettings.collectorPort=<COLLECTOR_PORT>: Specifies the port of the collector to which the agent sends data. Replace <COLLECTOR_PORT> with the port number of your Sysdig collector.
--set nodeAnalyzer.apiEndpoint=<YOUR_API_ENDPOINT>: Specifies the endpoint for the nodeAnalzyer to connect and send data to. Replace <YOUR_API_ENDPOINT> with your endpoint.

After running these commands, the Sysdig agents should be installed and running on your Kubernetes cluster, and starts sending data to the Sysdig backend.

Next Steps

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.