Scripted Installation

IT Asset Management (Cloud)
In your downloaded archive where you extracted the Lightweight Kubernetes inventory agent (see Downloading the Lightweight Kubernetes Agent), the install sub-directory includes a Bash script, install.sh, that automates the installation process.
Tip: Detailed usage information is available by running the install script with the --help flag. 
./install/install.sh --help
More information about available flags is available below, after the procedure.

To use the installation script:

  1. Optionally, in your preferred flat text editor, update the deployment.yaml file with (at least) the registry where you pushed the container image, and the URL for the inventory beacon.
    Note: If you wish to turn on monitoring so that the Lightweight Kubernetes inventory agent can expose Prometheus metrics on an HTTP endpoint, you must set the --metrics flag when you run the install script. This is an example of a flag that is not recognized by the install script itself, and, on the working assumption that this is an option to the lwk binary (Lightweight Kubernetes inventory agent) within the container, the install script appends it to the args attribute of the container.
    For more detailed guidance about editing this file, see step 1 in Manual Installation. Editing this deployment.yaml file is particularly helpful when you also want to configure additional options for the Lightweight Kubernetes inventory agent, as described in Options for the Lightweight Kubernetes Agent. However, if you want only the mandatory changes (registry URL and inventory beacon URL), without monitoring, these can be included as flags for the installer, and it is then not necessary to edit the deployment.yaml file at all.
    Note: If the Lightweight Kubernetes inventory agent is to upload to the inventory beacon using the HTTPS protocol, communications must be secured with TLS. In this case, it is necessary to edit the deployment.yaml file, as there are no installation flags available for TLS certificate management. For details, divert now to Managing Certificates for TLS, and return here after correctly configuring for the CA certificate bundle.
  2. Run the installation script with the appropriate flags.

    If you want to inspect the results of the configuration, include the --stdout flag (see flags listed below).

    • If you have configured all your details in the deployment.yaml file (with the updated file saved in place in the install sub-directory), simply run the Bash script for pre-inspection of the results:
      ./install/install.sh --stdout
      Or run the Bash script to configure the cluster with the settings in the deployment.yaml file:
      ./install/install.sh
    • If you are not using the deployment.yaml file for configuration, include the mandatory flags — whether for pre-inspection of the results (all on one line):
      ./install/install.sh --registry registry.example.org 
                     --beacon https://beacon.example.org 
                     --inventory-interval 6h 
                     --stdout > configured.yaml
      Or to configure the cluster (all on one line):
      ./install/install.sh --registry registry.example.org 
                     --beacon https://beacon.example.org 
                     --inventory-interval 6h
      Tip: --inventory-interval is an example of a flag that is not recognized by the install script, and is therefore passed through to the Lightweight Kubernetes inventory agent. Details of options handled by the Lightweight Kubernetes inventory agent are included in Options for the Lightweight Kubernetes Agent.
    • If you want to manually specify a name for the Kubernetes cluster where the Lightweight Kubernetes inventory agent is being installed, include the --cluster-name flag:
      ./install/install.sh --cluster-name myorg-cluster-foo ...

Very shortly, Kubernetes instantiates your container, and the Lightweight Kubernetes inventory agent immediately begins gathering inventory about the Node, Namespace, and Pod resources in the cluster. By default, about 5 minutes later, the Lightweight Kubernetes inventory agent uploads the result to its nominated inventory beacon, by default to the path %CommonAppData%\Flexera Software\Incoming\Inventories (notice that files do not stay long in this folder, but are uploaded to the parent device in the hierarchy of inventory beacons, or to the central application server, as appropriate; but perhaps the last modified time-stamp on that folder gives some indication of work in progress). The Lightweight Kubernetes inventory agent then waits for a default 24 hours before repeating the process. (Modify these default cycle timings with the --inventory-backoff and --inventory-interval options, as described in Options for the Lightweight Kubernetes Agent.)

Flags for the install script

The install script accepts two types of command-line flags:
  1. Flags that are directly handled by the script itself, either controlling the installation process, or causing the YAML resources to be modified.
  2. Any flags that are not recognized by the install script are passed through directly to the Lightweight Kubernetes inventory agent, or in selected cases to the kubectl tool.
Flags handled by the install script are listed here in alphabetical order. Placeholders are shown thus:
--as

Optional, used only if the kubectl tool has not been correctly configured for the appropriate cluster. This flag is passed directly through to kubectl, so refer to its documentation online for details.

 
--beacon
Required by the Lightweight Kubernetes inventory agent, and so is mandatory either for the install script, or for one of these environment variables:
  • If the --beacon flag is not set, the install script checks for an environment variable called LWK_BEACON, and uses the value if this is found.
  • If the --beacon flag is not set and LWK_BEACON is not found, the install script checks for an environment variable called BEACON, and uses the value if this is found.
If none of the above provide a URL to access the inventory beacon, the install script exits with an error.

When a valid URL is obtained by any of the three possible methods, the install script validates that an inventory beacon has been provided, and then appends the value to the args attribute of the container for use by the Lightweight Kubernetes inventory agent when it is time to upload collected inventory.

Example:
--beacon https://beacon.example.org
 
--cluster

Optional, used only if the kubectl tool has not been correctly configured for the appropriate cluster. This flag is passed directly through to kubectl, so refer to its documentation online for details.

 
--cluster-name

Optional, use if you want to manually specify a name for the cluster where the Lightweight Kubernetes inventory agent is to operate. Because Kubernetes does not have a standard way to store names for its clusters, you may find that a manually-specified name is more meaningful.

 
--context

Optional, used only if the kubectl tool has not been correctly configured for the appropriate cluster. This flag and its value is added to the kubectl commands that the install script invokes, so refer to its documentation online for details. 

--extensions
Accepts a comma-separated list (without spaces) of extensions that should be installed along with the Lightweight Kubernetes inventory agent. Extensions support optional features that need additional cluster permissions, or leverage third-party software that may (or may not) be installed in the cluster. They are defined by .yaml files found in the install/extensions subdirectory of the downloaded archive. Available extensions are:
  • ancestry — For future expansion, and not currently supported in the web interface of IT Asset Management. As defined in the ancestry.yaml file, this:
    • Creates a new ClusterRole named flexera-lwk-ancestry
    • Uses a ClusterRoleBinding to bind that role to the service account running the Lightweight Kubernetes inventory agent.
      Tip: The service account called lwk is created in the flexera namespace by either installation method (see the list of resources created in the cluster given in Downloading the Lightweight Kubernetes Agent).
    The new role gives permission for the Lightweight Kubernetes inventory agent to read (using the get verb) additional resource types that are known to be part of the ownership hierarchy of a Pod, such as a ReplicaSet or a Deployment, and to collect identifying information (name, namespace, UID, type.) It is not recommended that you enable this extension until there is support for displaying ancestry within the web interface.
  • prometheus-service — When its --metrics flag is set, the Lightweight Kubernetes inventory agent supports exposing Prometheus metrics using an HTTP endpoint. You can create a Service to expose the metrics endpoint widely within the cluster, or outside of the cluster. The prometheus-service extension, defined in the prometheus-service.yaml file, creates this Service using values that are valid for the default configuration of the Lightweight Kubernetes inventory agent. If the --metrics flag is not set, this extension is ignored.
    Tip: To set the --metrics flag, it must be included when invoking the install script for the Lightweight Kubernetes inventory agent (see example below). The install script appends the flag to the args attribute of the container for use by the Lightweight Kubernetes inventory agent.
  • prometheus-servicemonitor — When Prometheus is installed in the cluster using prometheus-operator (see https://github.com/prometheus-operator/prometheus-operator), and Prometheus metrics are enabled on the Lightweight Kubernetes inventory agent (that is, the --metrics flag is set and the prometheus-service extension is configured), the prometheus-servicemonitor extension creates a ServiceMonitor, the custom resource type used by prometheus-operator to automatically configure Prometheus to scrape a metrics endpoint. This ServiceMonitor allows Prometheus to automatically begin scraping metrics for the Lightweight Kubernetes inventory agent.
    Important: Use only in conjunction with the prometheus-service extension.
Example: (flags have been wrapped onto separate lines for presentation)
./install/install.sh 
    --registry registry.example.org 
    --beacon https://beacon.example.org 
    --metrics
    --extensions prometheus-service,prometheus-servicemonitor
 
--help

Must be used alone on the command line for the install script. Prints usage information to the screen.

Example:
./install/install.sh --help
 
--kubeconfig

Optional, used only if the kubectl tool has not been correctly configured for the appropriate cluster. This flag is passed directly through to kubectl, so refer to its documentation online for details.

 
--registry
Specify the Docker image registry to which the container image was pushed (see Downloading the Lightweight Kubernetes Agent). The install script injects the value of this flag into the image attribute of the container.
Note: Do not use this flag if the Deployment in the deployment.yaml file has been edited to add the registry. This flag is available as an alternative, not a duplicate.
Example:
--registry registry.example.org
 
--stdout

Redirects the YAML resource so that it is not applied to the cluster, and is instead printed to the screen. You may optionally add shell redirection to save the configured result to a file for saving or sharing.

Example: (all on one line)
./install/install.sh --registry registry.example.org 
    --beacon https://beacon.example.org  
    --stdout > configured.yaml
 
--uninstall

Not relevant to the installation process, obviously. For details, see Uninstalling the Lightweight Kubernetes Agent.

 
--version
It is best practice not to use this flag. The version of the Lightweight Kubernetes inventory agent is set in the image tag for the Deployment resource in the deployment.yaml file. In rare cases, you can specify a different version of the Lightweight Kubernetes inventory agent, overriding the setting in the Deployment resource; but best practice, if a different version of the Lightweight Kubernetes inventory agent should be installed, is to download that version and use its install script instead.
Tip: It is not possible to change the standard image name, flexera/lwk, using the install script.
Example:
--version a.b.c

IT Asset Management (Cloud)

Current