Quick Install Sysdig Agent

Sysdig provides you with quick-install commands pre-filled with some of your environment variables to get started with Sysdig agent. You choose the deployment type and Sysdig gives you auto-generated command to ease your installation experience.

Access from Get Started Pages

  1. Log in as the administrator to Sysdig Monitor or Sysdig Secure.

  2. Select the Get Started page.

  3. Click Install the Agent, select the appropriate deployment type, and copy the auto-generated code, filling in remaining variable values as required.

Sample Usage

Kubernetes

Helm

Helm is the recommended option for installing agents on Kubernetes.

Example

The shell commands below will create a new Kubernetes namespace called sysdig-agent and deploy the agent with a Helm release name of sysdig. Be sure to replace the configuration options with the values specific to your setup.

SaaS
kubectl create ns sysdig-agent
helm repo add sysdig https://charts.sysdig.com
helm repo update
helm install sysdig-agent \
    --namespace=sysdig-agent \
    --set global.sysdig.accessKey=`1234-your-key-here-1234` \
    --set global.sysdig.region='us1' \
    --set global.clusterConfig.name='my_cluster' \
    --set agent.sysdig.settings.tags='linux:ubuntu,dept:dev,local:nyc' \
    sysdig/sysdig-deploy
On-Prem
kubectl create ns sysdig-agent
helm repo add sysdig https://charts.sysdig.com
helm repo update
helm install sysdig-agent \
    --namespace=`dev` \
    --set global.sysdig.accessKey=`1234-your-key-here-1234` \
    --set agent.collectorSettings.collectorHost='mycollector.elb.us-west-1.amazonaws.com' \
    --set agent.collectorSettings.collectorPort=`6443` \
    --set agent.sysdig.settings.tags='linux:ubuntu,dept:dev,local:nyc' \
    --set agent.sysdig.settings.k8s_cluster_name='my_cluster' \
    sysdig/sysdig-deploy

Options

For the latest helm-based installation instructions and configuration options, see sysdig-deploy.

Script

If you cannot utilize helm, we also provide a script which will download and apply Kubernetes manifests to deploy the agent as a DaemonSet. The script requires curl and kubectl installed in the $PATH on the host in which it is run.

install-agent-kubernetes \
[-a | --access_key <value>] [-t | --tags <value>] \
[-c | --collector <value>] [-cp | --collector_port <value>] [-s | --secure <value>] \
[-cc | --check_certificate <value>] [-ns | --namespace | --project <value>] \
[-ac | --additional_conf <value>] [-op | --openshift] [-as | --agent_slim] \
[-av | --agent_version <value>] [-ae | --api_endpoint <value> ] [-na | --nodeanalyzer ] \
[-ia | --imageanalyzer ] [-am | --analysismanager <value>] [-ds | --dockersocket <value>] \
[-cs | --crisocket <value>] [-cv | --customvolume <value>] \
[-cn | --cluster_name <value>] [-r | --remove ] [-h | --help]
Example
curl -s https://download.sysdig.com/stable/install-agent-kubernetes | sudo bash -s -- \
--access_key <ACCESS_KEY>  \
--collector <COLLECTOR_ADDRESS> --collector_port <COLLECTOR_PORT> \
--nodeanalyzer --api_endpoint <SECURE_ENDPOINT_ADDRESS>

Options

For the complete configuration options, see Agent Install:Kubernetes.

Docker

Install agent-kmodule
docker run -it --privileged --rm --name sysdig-agent-kmodule \
  -v /usr:/host/usr:ro \
  -v /boot:/host/boot:ro \
  -v /lib/modules:/host/lib/modules:ro \
  quay.io/sysdig/agent-kmodule
Install agent-slim
docker run -d --name sysdig-agent \
  --restart always \
  --privileged \
  --net host \
  --pid host \
  -e ACCESS_KEY=<ACCESS_KEY> \
  -e COLLECTOR=<COLLECTOR_URL> \
  -e SECURE=true \
  [-e TAGS=<LIST_OF_TAGS>] \
  -e ADDITIONAL_CONF= <LIST_OF_CONFIG> \
  -v /var/run/docker.sock:/host/var/run/docker.sock \
  -v /dev:/host/dev \
  -v /proc:/host/proc:ro \
  -v /boot:/host/boot:ro \
  --shm-size=512m \
  quay.io/sysdig/agent-slim

Example

Install agent-kmodule
docker run -it --privileged --rm --name sysdig-agent-kmodule \
  -v /usr:/host/usr:ro \
  -v /boot:/host/boot:ro \
  -v /lib/modules:/host/lib/modules:ro \
  quay.io/sysdig/agent-kmodule
Install agent-slim
docker run \
  --name sysdig-agent \
  --privileged \
  --net host \
  --pid host \
  -e ACCESS_KEY=1234-your-key-here-1234  \
  -e COLLECTOR=mycollector.elb.us-west-1.amazonaws.com \
  -e COLLECTOR_PORT=6443 \
  -e CHECK_CERTIFICATE=false \
  -e TAGS=my_tag:some_value \
  -e ADDITIONAL_CONF="log:\n file_priority: debug\n console_priority: error" \
  -v /var/run/docker.sock:/host/var/run/docker.sock \
  -v /dev:/host/dev \
  -v /proc:/host/proc:ro \
  -v /boot:/host/boot:ro \
  -v /lib/modules:/host/lib/modules:ro \
  -v /usr:/host/usr:ro \
  --shm-size=350m \
quay.io/sysdig/agent-slim

Options

OptionDescription
ACCESS_KEYThe agent access key. You can retrieve this from Settings > Agent Installation in either Sysdig Monitor or Sysdig Secure.
tagsEnter meaningful tags you want applied to your instances.
COLLECTORThe collector URL for Sysdig Monitor or Sysdig Secure. This value is region-dependent in SaaS and is auto-completed on the Get Started page in the UI. It is a custom value in on-prem installations. See SaaS Regions and IP Ranges.
collector_portThe default is 6443.
SECUREUse a secure SSL/TLS connection to send metrics to the collector. This option is enabled by default.
CHECK_CERTIFICATE(On-prem) Determines strong SSL certificate check for Sysdig Monitor on-premises installation. Set to true when using SSL/TLS to connect to the collector service to ensure that a valid SSL/TLS certificate is installed.
ADDITIONAL_CONFOptional. Use this option to provide custom configuration values to the agent as environment variables. If provided, will be appended to agent configuration file. For example, For example, file log configuration.
bpfEnables eBPF probe.

Linux

$ curl -s https://download.sysdig.com/stable/install-agent | sudo bash -c -- \
--access_key [-t | --tags <value>] [-c | --collector <value>] \
[-cp | --collector_port <value>] [-s | --secure <value>] \
[-cc | --check_certificate]  [-ac | --additional_conf <value>] \
[-b | --bpf] [-h | --help]

Example

curl -s https://download.sysdig.com/stable/install-agent | sudo bash -s -- \
--access_key <ACCESS_KEY> --collector collector-staging.sysdigcloud.com \
--secure true

Options

OptionDescription
access-keyThe agent access key. You can retrieve this from Settings > Agent Installation in either Sysdig Monitor or Sysdig Secure.
tagsEnter meaningful tags you want applied to your instances.
collectorThe collector URL for Sysdig Monitor or Sysdig Secure. This value is region-dependent in SaaS and is auto-completed on the Get Started page in the UI. It is a custom value in on-prem installations. See SaaS Regions and IP Ranges.
collector_portThe default is 6443.
secureUse a secure SSL/TLS connection to send metrics to the collector. This option is enabled by default.
check_certificateDisables strong SSL certificate check for Sysdig Monitor on-premises installation.
additional_confOptional. Use this option to provide custom configuration values to the agent as environment variables. If provided, the value will be appended to agent configuration file. For example, file log configuration.
bpfEnables eBPF probe.