feat(openshift): add Configuring Cryostat Quickstart #668
Conversation
|
I think this should also be added somehow to the operator bundle - I would hazard a guess that the |
|
I took a quick stab at fixing up some multiline string formatting: diff --git a/bundle/manifests/cryostat-quickstart.yaml b/bundle/manifests/cryostat-quickstart.yaml
new file mode 100644
index 0000000..a9b948b
--- /dev/null
+++ b/bundle/manifests/cryostat-quickstart.yaml
@@ -0,0 +1,85 @@
+apiVersion: console.openshift.io/v1
+kind: ConsoleQuickStart
+metadata:
+ annotations:
+ capability.openshift.io/name: Console
+ name: configuring-cryostat
+spec:
+ title: Configure Java applications with the Red Hat build of Cryostat
+ conclusion: Your Java application has now been configured to be detected by Cryostat. To profile your Java applications with Cryostat, please follow this documentation.
+ description: Configure your Java applications on OpenShift to be profiled and monitored using the Red Hat build of Cryostat.
+ durationMinutes: 10
+ displayName: Configuring Cryostat
+ introduction: |-
+ Cryostat is a container-native Java application based on JDK Flight Recorder (JFR). You can use it to monitor the performance of the Java Virtual Machine (JVM) for containerized workloads that run on an OpenShift cluster.
+ To enable Cryostat to gather, store, and analyze Java Flight Recorder (JFR) data about target applications that run on Java Virtual Machine (JVM)s, you must configure the applications so that Cryostat can detect and connect to them. This requires you to configure your Java applications to allow Java Management Extensions (JMX) connections and use an OpenShift Service for detection and JMX for connectivity.
+ JMX is a standard feature on a JVM with which you can monitor and manage target applications that run on the JVM. For Cryostat to use JMX, you must enable and configure JMX when you start the JVM because Cryostat requires the target applications to expose a JMX port. Cryostat communicates with the target applications over this JMX port to start and stop JFR recordings and to pull JFR data over the network, enabling Cryostat to store and analyze this JFR data.
+ If you have not yet installed the Cryostat operator, start with the “Get started with the Red Hat build of Cryostat” quick start.
+
+ In this quick start, you will complete the following tasks:
+ Enable remote Java Management Extensions (JMX) connections on your Java application
+ Update Red Hat OpenShift Services with the remote JMX port
+ View your Java application as a target in the Cryostat web application
+ Note: The quickstart uses a sample Quarkus application. You can deploy your own Quarkus application or follow this quick start.
+ tasks:
+ - description: |-
+ To enable remote JMX connections:
+ Click on the perspective switcher at the top of the navigation, and select Administrator.
+ In the navigation menu, click Workloads > Deployments.
+ Click on the quarkus-quickstarts deployment name (or your application’s deployment name).
+ Click Environment.
+ Add a single value entry environment variable where
+ Name: JAVA_OPTS_APPEND
+ Value: -Dcom.sun.management.jmxremote.port=9091 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false
+ Note: This method enables remote JMX without authentication. Reference Configuring Java applications for details on configuring authentication with SSL/TLS for Remote JMX.
+ Click Save.
+ review:
+ failedTaskHelp: "This task isn’t verified yet. Try the task again."
+ instructions: |-
+ "Click Reload at the bottom of the Environment tab.
+ 1. Do you see a single values entry for JAVA_OPTS_APPEND?
+ Yes/No"
+ summary:
+ failed: This task isn’t verified yet. Try the task again.
+ success: You have enabled remote JMX connections.
+ title: Enable remote Java Management Extensions (JMX) connections on your Java application
+ - description: |-
+ To update Red Hat OpenShift Service with the remote JMX port:
+ Click on the perspective switcher at the top of the navigation, and select Administrator.
+ In the navigation menu, click Networking > Services.
+ Click on the quarkus-quickstarts service name (or your application’s service name).
+ Click the “YAML” tab to bring up the YAML editor.
+ In the spec > ports section, add a new port for jfr-jmx
+ /code
+ - name: jfr-jmx
+ protocol: TCP
+ port: 9091
+ targetPort: 9091
+ Click Save.
+ review:
+ failedTaskHelp: "This task isn’t verified yet. Try the task again, or read more about this topic."
+ instructions: |-
+ Click on the perspective switcher at the top of the navigation, and select Developer.
+ In the navigation menu, click Topology.
+ Click on the Cryostat-sample pod > Resources.
+ Do you see Service port: jfr-jmx -> Pod port: 9091 in the cryostat-sample service?
+ summary:
+ failed: "This task isn’t verified yet. Try the task again, or read more about this topic."
+ success: "You have updated the Red Hat Openshift Service with the remote JMX port."
+ title: "Update the Red Hat Openshift Service with the remote JMX port."
+ - description: |-
+ View your Java application as a target in Cryostat:
+ Click on the perspective switcher at the top of the navigation, and select Developer.
+ In the navigation menu, click Topology.
+ The external link icon on the top right quadrant of the cryostat-sample deployment represents the route URL. Click on the external link icon to open the URL and run the Cryostat web application in a new browser tab.
+ Enter your OpenShift credentials to log in to the Cryostat web application.
+ In the Cryostat web application, click on Recordings in the left navigation menu.
+ View quarkus-quickstarts (or your deployed application) in the Targets list.
+ Your Java application has now been configured to be detected by Cryostat. To profile your Java applications with Cryostat, please follow this documentation.
+accessReviewResources:
+ - group: operator.cryostat.io
+ resource: cryostat
+ verb: create
+ - group: operators.coreos.com
+ resource: cryostat-operator
+ verb: create
diff --git a/quickstart/cryostat-quickstart.yaml b/quickstart/cryostat-quickstart.yaml
deleted file mode 100644
index 2d0a4b4..0000000
--- a/quickstart/cryostat-quickstart.yaml
+++ /dev/null
@@ -1,82 +0,0 @@
-apiVersion: console.openshift.io/v1
-kind: ConsoleQuickStart
-metadata:
- annotations:
- capability.openshift.io/name: Console
- name: configuring-cryostat
-spec:
- title: Configure Java applications with the Red Hat build of Cryostat
- conclusion: Your Java application has now been configured to be detected by Cryostat. To profile your Java applications with Cryostat, please follow this documentation.
- description: Configure your Java applications on OpenShift to be profiled and monitored using the Red Hat build of Cryostat.
- durationMinutes: 10
- displayName: Configuring Cryostat
- introduction: "Cryostat is a container-native Java application based on JDK Flight Recorder (JFR). You can use it to monitor the performance of the Java Virtual Machine (JVM) for containerized workloads that run on an OpenShift cluster.
-To enable Cryostat to gather, store, and analyze Java Flight Recorder (JFR) data about target applications that run on Java Virtual Machine (JVM)s, you must configure the applications so that Cryostat can detect and connect to them. This requires you to configure your Java applications to allow Java Management Extensions (JMX) connections and use an OpenShift Service for detection and JMX for connectivity.
-JMX is a standard feature on a JVM with which you can monitor and manage target applications that run on the JVM. For Cryostat to use JMX, you must enable and configure JMX when you start the JVM because Cryostat requires the target applications to expose a JMX port. Cryostat communicates with the target applications over this JMX port to start and stop JFR recordings and to pull JFR data over the network, enabling Cryostat to store and analyze this JFR data.
-If you have not yet installed the Cryostat operator, start with the “Get started with the Red Hat build of Cryostat” quick start.
-
-
-In this quick start, you will complete the following tasks:
-Enable remote Java Management Extensions (JMX) connections on your Java application
-Update Red Hat OpenShift Services with the remote JMX port
-View your Java application as a target in the Cryostat web application
-Note: The quickstart uses a sample Quarkus application. You can deploy your own Quarkus application or follow this quick start."
- tasks:
- - description: "To enable remote JMX connections:
-Click on the perspective switcher at the top of the navigation, and select Administrator.
-In the navigation menu, click Workloads > Deployments.
-Click on the quarkus-quickstarts deployment name (or your application’s deployment name).
-Click Environment.
-Add a single value entry environment variable where
-Name: JAVA_OPTS_APPEND
-Value: -Dcom.sun.management.jmxremote.port=9091 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false
-Note: This method enables remote JMX without authentication. Reference Configuring Java applications for details on configuring authentication with SSL/TLS for Remote JMX.
-Click Save."
- review:
- failedTaskHelp: "This task isn’t verified yet. Try the task again."
- instructions: |-
- "Click Reload at the bottom of the Environment tab.
- 1. Do you see a single values entry for JAVA_OPTS_APPEND?
- Yes/No"
- summary:
- failed: This task isn’t verified yet. Try the task again.
- success: You have enabled remote JMX connections.
- title: Enable remote Java Management Extensions (JMX) connections on your Java application
- - description: "To update Red Hat OpenShift Service with the remote JMX port:
-Click on the perspective switcher at the top of the navigation, and select Administrator.
-In the navigation menu, click Networking > Services.
-Click on the quarkus-quickstarts service name (or your application’s service name).
-Click the “YAML” tab to bring up the YAML editor.
-In the spec > ports section, add a new port for jfr-jmx
-/code
-- name: jfr-jmx
- protocol: TCP
- port: 9091
- targetPort: 9091
-Click Save."
- review:
- failedTaskHelp: "This task isn’t verified yet. Try the task again, or read more about this topic."
- instructions: |-
- "Click on the perspective switcher at the top of the navigation, and select Developer.
- In the navigation menu, click Topology.
- Click on the Cryostat-sample pod > Resources.
- Do you see Service port: jfr-jmx -> Pod port: 9091 in the cryostat-sample service?"
- summary:
- failed: "This task isn’t verified yet. Try the task again, or read more about this topic."
- success: "You have updated the Red Hat Openshift Service with the remote JMX port."
- title: "Update the Red Hat Openshift Service with the remote JMX port."
- - description: "View your Java application as a target in Cryostat:
-Click on the perspective switcher at the top of the navigation, and select Developer.
-In the navigation menu, click Topology.
-The external link icon on the top right quadrant of the cryostat-sample deployment represents the route URL. Click on the external link icon to open the URL and run the Cryostat web application in a new browser tab.
-Enter your OpenShift credentials to log in to the Cryostat web application.
-In the Cryostat web application, click on Recordings in the left navigation menu.
-View quarkus-quickstarts (or your deployed application) in the Targets list.
-Your Java application has now been configured to be detected by Cryostat. To profile your Java applications with Cryostat, please follow this documentation."
-accessReviewResources:
- - group: operator.cryostat.io
- resource: cryostat
- verb: create
- - group: operators.coreos.com
- resource: cryostat-operator
- verb: create |
|
|
I guess we will need to consider Quickstart resource unavailable on Kubernetes when generating the bundle manifests? |
That's a good point @tthvo. I'm not sure, but I wouldn't be surprised if this fails to install with the QuickStart included on Kubernetes. We should give that a try to make sure. If so, I guess it makes sense to exclude this from upstream builds. |
|
What would need to be done to get this in? I'm not sure I follow from the comments so far |
|
First would be However, the problem with this is that the Quickstart is an OpenShift resource type, so on non-OpenShift Kubernetes installations, this type is probably meaningless. It may make the Operator fail to install since the Bundle will try to create this Quickstart and presumably fail, but we aren't sure if it will block installation or what exactly will happen. Maybe it will silently fail or just emit a warning and things are generally OK, or maybe not and we need to find a way to only include this Quickstart in the Bundle manifest for OpenShift distributions. So I'd say go ahead and move the Quickstart YAML file into the Once you see that that works, try it again on a non-OpenShift Kubernetes and see what it does. I don't think any of us actually know what the outcome will be yet here, so we'll have to see what happens and figure out where to go from there. |
The bundle directory is actually generated by resources:
- cryostat-quickstart.yamlAnd then reference this directory as a resource in resources:
- bases/cryostat-operator.clusterserviceversion.yaml
- ../default
- ../samples
- ../scorecard
- ../openshift
[...]When you run
This one is the big issue here. I would suggest trying Kind or Minikube. Then do:
This should indicate whether the installation can proceed with a ConsoleQuickstart on Kubernetes. |
ebaron
changed the title
There was a problem hiding this comment.
I had some free time so I also gave this a try in Minikube and unfortunately it fails to install:
$ oc describe ip install-ln7t2
Name: install-ln7t2
Namespace: default
Labels: operators.coreos.com/cryostat-operator.default=
Annotations: <none>
API Version: operators.coreos.com/v1alpha1
Kind: InstallPlan
Metadata:
Creation Timestamp: 2023-11-21T21:32:17Z
Generate Name: install-
Generation: 2
Managed Fields:
[...]
Owner References:
API Version: operators.coreos.com/v1alpha1
Block Owner Deletion: false
Controller: false
Kind: Subscription
Name: cryostat-operator-v2-5-0-dev-sub
UID: abd8f6c7-575d-4660-8def-0a524f34bf2f
Resource Version: 1215
UID: 2b67b80b-5b82-4082-9b3e-aed4dbbc8ec5
Spec:
Approval: Manual
Approved: true
Cluster Service Version Names:
cryostat-operator.v2.5.0-dev
Generation: 1
Status:
Bundle Lookups:
Catalog Source Ref:
Name: cryostat-operator-catalog
Namespace: default
Identifier: cryostat-operator.v2.5.0-dev
Path: quay.io/ebaron/cryostat-operator-bundle:quickstart-01
Properties: {"properties":[{"type":"olm.gvk","value":{"group":"operator.cryostat.io","kind":"ClusterCryostat","version":"v1beta1"}},{"type":"olm.gvk","value":{"group":"operator.cryostat.io","kind":"Cryostat","version":"v1beta1"}},{"type":"olm.package","value":{"packageName":"cryostat-operator","version":"2.5.0-dev"}}]}
Replaces:
Catalog Sources:
cryostat-operator-catalog
Conditions:
Last Transition Time: 2023-11-21T21:33:22Z
Last Update Time: 2023-11-21T21:33:22Z
Message: api-server resource not found installing ConsoleQuickStart configuring-cryostat: GroupVersionKind console.openshift.io/v1, Kind=ConsoleQuickStart not found on the cluster. This API may have been deprecated and removed, see https://kubernetes.io/docs/reference/using-api/deprecation-guide/ for more information.
Reason: InstallComponentFailed
Status: False
Type: Installed
I think we should probably just exclude this from our upstream builds. We can still include it in the Kustomize directory but either comment out or remove this line from config/manifests/kustomization.yaml:
- ../openshift
* Initial quickstart content, TODO: Formatting * Updating quickstart content, adding icon * Removing broken link * Move quickstart to config/manifests, update kustomization * Quickstart content fixes * Don't include openshift dir * Fix deploy_bundle * New line at EOF --------- Co-authored-by: Elliott Baron <[email protected]> (cherry picked from commit 8378ca0)
* Initial quickstart content, TODO: Formatting * Updating quickstart content, adding icon * Removing broken link * Move quickstart to config/manifests, update kustomization * Quickstart content fixes * Don't include openshift dir * Fix deploy_bundle * New line at EOF --------- Co-authored-by: Elliott Baron <[email protected]> (cherry picked from commit 8378ca0) Co-authored-by: Joshua Matsuoka <[email protected]>
Initial PR for adding the configuring cryostat quickstart to the operator.
Opening as a draft for the moment while I sort out text formatting and adding icons.
Since this quickstart is installed with the operator we shouldn't need to worry too much about constraining it to only appear when the operator is installed, but there's an extra sanity check to make sure the user has permissions to create a cryostat object.