Skip to main content

Install Conductor with Helm (Enterprise)

Conductor cluster connections can be created via the console, CLI or by using a Helm chart. Helm is a great option for users who are familiar with Helm as a Kubernetes package manager, or who are using GitOps tools such as ArgoCD or Flux. Leveraging this option for cluster connection creation allows Conductor (and optionally the Dapr control plane) to be configured only using Helm and effectively puts the cluster connection in "read-only" mode in the console.

The Conductor Helm chart deploys the agent alongside it's supporting components, and then optionally installs Dapr via a Helm sub-chart, still allowing you to offload the management of Dapr to Conductor.

Install Conductor agent

  1. Create a cluster connection via the Conductor console or Diagrid CLI enabling the Helm managed option.

  2. Download the Helm values file from the console.

helm download values

  1. Open the Helm values file in an editor and inspect the contents. Update the values with any changes required using the Helm values reference tables below. If you want Conductor to manage your Dapr installation via a nested Helm chart, ensure that dapr.enabled is set to true and that the Dapr configuration contains any custom values you have set.

  2. If they are sufficient, and you do not wish to alter the Dapr installation on your cluster, run the Helm install command provided in the console to install the Conductor agent onto your cluster.

helm install my-cluster \
oci://public.ecr.aws/diagrid/conductor-charts/agent \
--version 0.333.0 \
-f https://api.diagrid.io/apis/diagrid.io/v1beta1/clusters/<clusterId>/helmvalues?token=<token> \
--namespace dapr-system \
--create-namespace
  1. Otherwise, if you made changes to the Helm values file, save the file locally and update the Helm install values file (-f) argument to point to the local version of your Helm values file.
helm install my-cluster \
oci://public.ecr.aws/diagrid/conductor-charts/agent \
--version 0.333.0 \
-f ./<my-clusterId>-helm-values.yaml \
--namespace dapr-system \
--create-namespace
  1. Watch the Conductor and Dapr control plane resources come online in the console: https://conductor.diagrid.io/clusters.

Helm values reference

Required values

It is important that you do not overwrite the following Helm values when modifying or providing your own custom Helm values, as these supply the connection details to your cluster that allow you it to connect to your Conductor organization.

caCertPem: "your-ca-cert-pem"

global:
orgId: "your-org-id"
agentId: "your-agent-id"
manifestId: "your-manifest-id"

agent:
key: "your-agent-key"
keyB64: "your-agent-key-base64"

Global configuration

Global configuration applies to the Conductor agent and OpenTelemetry logs and metrics collectors.

ParameterDescriptionDefault
global.namespaceNamespace for deploymentdiagrid-cloud
global.namespaceDefaultDefault namespacediagrid-cloud
global.cloudUrlDiagrid cloud endpointcloudgrid.diagrid.io:443
global.orgIdOrganization ID""
global.agentIdAgent ID""
global.manifestIdManifest ID""
global.imageTagGlobal image tag""
global.mainServiceAccountNameMain service account namediagrid-agent
global.sccTargetServiceAccountNameSCC target service accountdiagrid-agent-logs-collector
global.kubernetesOsKubernetes OSlinux
global.isOpenShiftOpenShift deployment flagfalse
global.isLocalLocal deployment flagfalse
global.customCACustom CA certificate""
global.proxyConfigProxy configuration

Dapr control plane

Dapr installation configuration options. Besides the dapr.enabled argument, all values within the dapr block are a nested version of the values from the Dapr open-source Helm chart. Use the Dapr Helm Readme configuration to modify any properties required in your Dapr installation.

Note

Setting dapr.enabled to true, will allow Conductor to install/manage Dapr via Helm chart and will configure the Dapr control plane and data plane with the following values on your Kubernetes cluster.

dapr:
enabled: true
global:
registry: docker.io/daprio
logAsJson: true
ha:
enabled: true
replicaCount: 3
mtls:
enabled: true
dapr_rbac: {}
dapr_operator:
watchInterval: 3m
resources:
requests:
memory: 100Mi
cpu: 100m
limits:
memory: 1024Mi
cpu: '1'
dapr_sidecar_injector:
resources:
requests:
memory: 60Mi
cpu: 100m
limits:
memory: 200Mi
cpu: '1'
dapr_sentry:
resources:
requests:
memory: 60Mi
cpu: 100m
limits:
memory: 1024Mi
cpu: '1'
dapr_placement:
resources:
requests:
memory: 75Mi
cpu: 250m
limits:
memory: 1024Mi
cpu: '1'
dapr_scheduler:
resources:
requests:
memory: 250Mi
cpu: 250m
limits:
memory: 1024Mi
cpu: '1'

Conductor agent

ParameterDescriptionDefault
agent.imageAgent image repositoryus-central1-docker.pkg.dev/prj-common-p-shared-79896/reg-p-common-docker-public/agent
agent.replicasNumber of agent replicas2
agent.logLevelLogging levelinfo
agent.installDependenciesInstall dependenciesfalse
agent.tlsEnabledEnable TLStrue
agent.tlsMutualEnable mutual TLSfalse
agent.keyAgent key""
agent.keyB64Base64 encoded agent key""
agent.goMemLimitGo memory limit675MiB

Conductor OpenTelemetry metrics collector

ParameterDescriptionDefault
otelMetricsCollector.enabledEnable metrics collectortrue
otelMetricsCollector.labelsAdditional labels
otelMetricsCollector.replicasNumber of replicas2
otelMetricsCollector.imageCollector imageus-central1-docker.pkg.dev/prj-common-p-shared-79896/reg-p-common-docker-public/diagrid-otel-collector
otelMetricsCollector.logLevelLogging levelinfo
otelMetricsCollector.memoryLimiterMemory limiter settingsSee values.yaml
otelMetricsCollector.tlsEnabledEnable TLStrue
otelMetricsCollector.remoteWriteURLMetrics endpointhttps://metrics.diagrid.io/api/v1/push
otelMetricsCollector.remoteWriteTlsInsecureAllow insecure TLStrue
otelMetricsCollector.remoteWriteAuthEnabledEnable authtrue

Conductor OpenTelemetry logs collector

ParameterDescriptionDefault
otelLogsCollector.enabledEnable logs collectortrue
otelLogsCollector.labelsAdditional labels
otelLogsCollector.imageCollector imageus-central1-docker.pkg.dev/prj-common-p-shared-79896/reg-p-common-docker-public/diagrid-otel-collector
otelLogsCollector.logLevelLogging levelinfo
otelLogsCollector.daprLogsURLDapr logs endpointcloudgrid.diagrid.io:443
otelLogsCollector.memoryLimiterMemory limiter settingsSee values.yaml
otelLogsCollector.tlsEnabledEnable TLStrue
otelLogsCollector.tlsInsecureAllow insecure TLSfalse
otelLogsCollector.isLogsLimitedEnable log limitingtrue

Default resource settings

The following are the default values for the Conductor deployment and Dapr control plane resource settings. These are considered a good starting place for a development cluster, but should be monitored to ensure appropriate values are set.

Dapr control plane

dapr:
dapr_operator:
watchInterval: 3m
resources:
requests:
memory: 100Mi
cpu: 100m
limits:
memory: 500Mi
cpu: '1'
dapr_sidecar_injector:
resources:
requests:
memory: 30Mi
cpu: 100m
limits:
memory: 500Mi
cpu: '1'
dapr_sentry:
resources:
requests:
memory: 30Mi
cpu: 100m
limits:
memory: 500Mi
cpu: '1'
dapr_placement:
resources:
requests:
memory: 75Mi
cpu: 250m
limits:
memory: 500Mi
cpu: '1'
dapr_scheduler:
resources:
requests:
memory: 150Mi
cpu: 250m
limits:
memory: 1024Mi
cpu: '1'

Conductor agent

resources:
limits:
memory: 750Mi
requests:
cpu: 10m
memory: 250Mi

Conductor OpenTelemetry metrics collector

resources:
limits:
memory: 2Gi
requests:
cpu: 100m
memory: 250Mi

Conductor OpenTelemetry logs collector

resources:
limits:
memory: 750Mi
requests:
cpu: 10m
memory: 250Mi