datadog-agent: security-agent.yaml not found during one-step install

Hi, just to confirm, setting DD_HOSTNAME=default works right?

I am installing the datadog agent inside a docker image

Hi,

Thanks for raising these issues!

I have the same issue, but I’m not entirely sure the problem is linked to that last line of log before the error. I also have a log above saying No datadog.yaml file detected, not starting the agent, which is a bit worrying. Especially since it’s followed a couple of line later with * Starting the Datadog Agent…

This is the normal behavior of the script:

• the Agent install script first installs the datadog-agent package,
• the datadog-agent package, as part of its post-install hooks, checks if datadog.yaml already exists; if it does, it starts the Agent, otherwise it logs the No datadog.yaml file detected, not starting the agent message (which doesn’t make the install fail, it’s only here for informative purposes). Here, we are in the second case,
• then, the install script sets up the /etc/datadog-agent configuration file (by copying the example file provided by the package, and filling the file with info passed on the command line such as DD_API_KEY), and starts the Agent (and logs the * Starting the Datadog Agent... line when it does).

We could improve this by stressing the fact that this log line is not an error (eg. by adding an [INFO] tag before that log line).

When installing the agent v7 on ubuntu using the one-step script, I get an error during installation saying the /etc/datadog-agent/security-agent.yaml file is missing. There is a security-agent.yaml.example file, but it doesn’t get copied.

My guess here is that you are seeing a message like /etc/datadog-agent/security-agent.yaml not found. Exiting datadog-agent-security in the output of the installation script. Could you confirm that this is what you are seeing?

The security-agent is an optional component of the Agent, that is enabled by creating the security-agent.yaml configuration file. The install script doesn’t enable that component (it only provides the security-agent.yaml.example example file in case you would like to enable this feature).

When the datadog-agent service starts, it tries to start all optional services of the Agent, including the datadog-agent-security service which handles the security-agent component. The datadog-agent-security service only starts if the security-agent.yaml file is found.

That is why you are seeing the /etc/datadog-agent/security-agent.yaml not found log message. That is also why you don’t get that message with DD_INSTALL_ONLY=true, as this disables the part of the script which starts the datadog-agent service.

If you want to enable the security-agent components, you have to create the security-agent.yaml file after running the install script; if you don’t, nothing needs to be done.

I have the same issue, but I’m not entirely sure the problem is linked to that last line of log before the error. I also have a log above saying No datadog.yaml file detected, not starting the agent, which is a bit worrying. Especially since it’s followed a couple of line later with * Starting the Datadog Agent....

Thanks, that confirms my initial feeling. As mentioned above, the security-agent message is just an info-level message, and isn’t the actual cause of the crash.

The real error is the Error while getting hostname, exiting: unable to reliably determine the host name. You can define one in the agent config file or in your hosts file line, which indicates you are encountering this issue: https://github.com/DataDog/datadog-agent/issues/14152. I suggest reading the advice here: https://github.com/DataDog/datadog-agent/issues/14152#issuecomment-1408471209.

In this specific case, you may be able to work around this by specifying DD_HOSTNAME=<your host name> in the parameters of the install script.