Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Agent Cannot pull dd-dotnet-trace artifacts from Azure ACR if site set to US3 #1654

Open
fullstackinfo opened this issue Dec 28, 2024 · 1 comment
Open

Agent Cannot pull dd-dotnet-trace artifacts from Azure ACR if site set to US3 #1654

fullstackinfo opened this issue Dec 28, 2024 · 1 comment
Labels
chart/datadog This issue or pull request is related to the datadog chart waiting-user-feedback

Comments

@fullstackinfo
Copy link

After upgrading our operational version of datadog via helm in our test environment, I noticed that when trying to update the dd-dotnet-trace library version to a newer version was failing. Describing the pod image showed that the agent did not have access to the Azure ACR repository: datadoghq.azurecr.io

After reverting back to the dd-dotnet-trace library version that the cluster (AKS v1.29.15) had cached, I found that in the chart template, if you set your location/site to us3.datadoghq.com , the new default registry to pull new artifacts from is set to datadoghq.azurecr.io per lines 289-305 in the _helpers.tpl file, as shown below:

{{/*
Return the proper registry based on datadog.site (requires .Values to be passed as .)
*/}}
{{- define "registry" -}}
{{- if .registry -}}
{{- .registry -}}
{{- else if eq .datadog.site "datadoghq.eu" -}}
eu.gcr.io/datadoghq
{{- else if eq .datadog.site "ddog-gov.com" -}}
public.ecr.aws/datadog
{{- else if eq .datadog.site "ap1.datadoghq.com" -}}
asia.gcr.io/datadoghq
{{- else if eq .datadog.site "us3.datadoghq.com" -}}
datadoghq.azurecr.io
{{- else -}}
gcr.io/datadoghq
{{- end -}}
{{- end -}}

Unfortunately, the artifacts at datadoghq.azurecr.io are either not available, or do not have permissions set correctly, and this caused deployments that needed to get newer artifacts to fail deployment.

Temporary Solution was to explicitly set registry: gcr.io/datadoghq in the Values.yaml file and re-deploy.
@tbavelier
Copy link
Member

Hello @fullstackinfo ,

We default to Azure ACR on US3 to reduce transfer costs, notably for the Agent images. Nonetheless, as this repository is new, it could be missing some images. As you found out, you can override the registry, and you can even do so solely at the cluster Agent admission controller level to keep pulling Agent/cluster Agent images from ACR while pulling libraries from a different registry:

helm-charts/charts/datadog/values.yaml

Lines 1201 to 1203 in 00764dc

## The clusterAgent uses this configuration for apm.instrumentation, agentSidecar, and cwsInstrumentation, if
## not otherwise specified.
containerRegistry:

Nonetheless, for newer versions, images should be present in all registries, could you please share the exact full image you were not able to pull ?

@clamoriniere clamoriniere added the chart/datadog This issue or pull request is related to the datadog chart label Dec 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
chart/datadog This issue or pull request is related to the datadog chart waiting-user-feedback
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@clamoriniere @fullstackinfo @tbavelier