From b406aa06e139491d6b9672d0a6b977ee8e23dfff Mon Sep 17 00:00:00 2001 From: Nicolas Takashi Date: Wed, 23 Aug 2023 20:51:52 +0100 Subject: [PATCH] Update charts/opentelemetry-ebpf/Chart.yaml Co-authored-by: Tyler Helmuth <12352919+TylerHelmuth@users.noreply.github.com> --- Makefile | 2 +- charts/opentelemetry-ebpf/Chart.yaml | 5 +- .../rendered/cloud-collector-deployment.yaml | 6 +- .../cloud-collector-serviceaccount.yaml | 2 +- .../cloud-collector/rendered/configmap.yaml | 2 +- .../rendered/k8s-collector-clusterrole.yaml | 2 +- .../k8s-collector-clusterrolebinding.yaml | 2 +- .../rendered/k8s-collector-deployment.yaml | 8 +-- .../k8s-collector-serviceaccount.yaml | 2 +- .../kernel-collector-clusterrole.yaml | 2 +- .../kernel-collector-clusterrolebinding.yaml | 2 +- .../rendered/kernel-collector-daemonset.yaml | 3 +- .../kernel-collector-podsecuritypolicy.yaml | 42 ------------- .../kernel-collector-serviceaccount.yaml | 2 +- .../rendered/reducer-deployment.yaml | 2 +- .../rendered/reducer-service.yaml | 11 +++- .../examples/cloud-collector/values.yaml | 2 +- .../opentelemetry-ebpf/templates/_helpers.tpl | 30 +++++++++ .../templates/cloud-collector-deployment.yaml | 12 ++-- .../templates/k8s-collector-deployment.yaml | 27 +++++--- .../templates/kernel-collector-daemonset.yaml | 15 +++-- .../kernel-collector-podsecuritypolicy.yaml | 38 ------------ .../templates/reducer-deployment.yaml | 24 +++++--- .../templates/reducer-service.yaml | 16 ++--- charts/opentelemetry-ebpf/values.schema.json | 19 +----- charts/opentelemetry-ebpf/values.yaml | 61 +++++++++---------- 26 files changed, 147 insertions(+), 192 deletions(-) delete mode 100644 charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-podsecuritypolicy.yaml delete mode 100644 charts/opentelemetry-ebpf/templates/kernel-collector-podsecuritypolicy.yaml diff --git a/Makefile b/Makefile index 133285f75..bc0f1eb18 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ TMP_DIRECTORY = ./tmp -CHARTS ?= opentelemetry-collector opentelemetry-operator opentelemetry-demo +CHARTS ?= opentelemetry-collector opentelemetry-operator opentelemetry-demo opentelemetry-ebpf .PHONY: generate-examples generate-examples: diff --git a/charts/opentelemetry-ebpf/Chart.yaml b/charts/opentelemetry-ebpf/Chart.yaml index 24e3c3776..fefe51c52 100644 --- a/charts/opentelemetry-ebpf/Chart.yaml +++ b/charts/opentelemetry-ebpf/Chart.yaml @@ -5,10 +5,9 @@ description: OpenTelemetry eBPF Helm chart for Kubernetes type: application home: https://opentelemetry.io/ sources: - - https://github.com/open-telemetry/opentelemetry-collector - - https://github.com/open-telemetry/opentelemetry-collector-contrib - https://github.com/open-telemetry/opentelemetry-ebpf maintainers: - name: dmitryax + - name: TylerHelmuth icon: https://opentelemetry.io/img/logos/opentelemetry-logo-nav.png -appVersion: 0.10.0 +appVersion: v0.10.0 diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/cloud-collector-deployment.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/cloud-collector-deployment.yaml index 0d6b82886..43942d5af 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/cloud-collector-deployment.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/cloud-collector-deployment.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: progressDeadlineSeconds: 600 @@ -27,9 +27,9 @@ spec: app.kubernetes.io/instance: example spec: containers: - - image: "otel/opentelemetry-ebpf-cloud-collector:v0.10.0" + - name: cloud-collector + image: "otel/opentelemetry-ebpf-cloud-collector:v0.10.0" imagePullPolicy: IfNotPresent - name: cloud-collector args: - --warning env: diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/cloud-collector-serviceaccount.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/cloud-collector-serviceaccount.yaml index 87fa62739..de573352f 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/cloud-collector-serviceaccount.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/cloud-collector-serviceaccount.yaml @@ -8,5 +8,5 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/configmap.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/configmap.yaml index d9b34b8c8..2c79cc9a5 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/configmap.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/configmap.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm data: config.yaml: | diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-clusterrole.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-clusterrole.yaml index d3ddf3c09..dd202d0e3 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-clusterrole.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-clusterrole.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-clusterrolebinding.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-clusterrolebinding.yaml index bce0e8a87..151df6b06 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-clusterrolebinding.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-clusterrolebinding.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-deployment.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-deployment.yaml index 7b4196f56..85901ab64 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-deployment.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-deployment.yaml @@ -13,7 +13,7 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: progressDeadlineSeconds: 600 @@ -36,16 +36,16 @@ spec: app.kubernetes.io/instance: example spec: containers: - - image: "otel/opentelemetry-ebpf-k8s-watcher:v0.10.0" + - name: k8s-watcher + image: "otel/opentelemetry-ebpf-k8s-watcher:v0.10.0" imagePullPolicy: IfNotPresent - name: k8s-watcher args: - --log-console - --log-level=warning # k8s-relay, which is a service that the k8s-watcher talks to. # Currently not configurable, has to be reachable on localhost:8172, so must # share a pod with the k8s-watcher above. - - image: "otel/opentelemetry-ebpf-k8s-relay:v0.10.0" + - image: "otel/opentelemetry-ebpf-k8s-relay:" imagePullPolicy: IfNotPresent name: k8s-relay args: diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-serviceaccount.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-serviceaccount.yaml index 1454daa4b..55d527c41 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-serviceaccount.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/k8s-collector-serviceaccount.yaml @@ -8,5 +8,5 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-clusterrole.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-clusterrole.yaml index d5540b459..edb0fff5f 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-clusterrole.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-clusterrole.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-clusterrolebinding.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-clusterrolebinding.yaml index 196220dd6..1014ba8b9 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-clusterrolebinding.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-clusterrolebinding.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-daemonset.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-daemonset.yaml index 5eb6a1265..2027790bb 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-daemonset.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-daemonset.yaml @@ -12,7 +12,7 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: selector: @@ -22,7 +22,6 @@ spec: template: metadata: annotations: - release_number: "3" charts.flowmill.com/version: 0.1.0 labels: app.kubernetes.io/name: example-opentelemetry-ebpf-kernel-collector diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-podsecuritypolicy.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-podsecuritypolicy.yaml deleted file mode 100644 index 2fe4813be..000000000 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-podsecuritypolicy.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- -# Source: opentelemetry-ebpf/templates/kernel-collector-podsecuritypolicy.yaml -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: example-opentelemetry-ebpf-kernel-collector - labels: - helm.sh/chart: opentelemetry-ebpf-0.1.0 - app.kubernetes.io/name: opentelemetry-ebpf - app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" - app.kubernetes.io/managed-by: Helm -spec: - privileged: true - allowPrivilegeEscalation: true - allowedHostPaths: - - pathPrefix: /usr/src - readOnly: true - - pathPrefix: /lib/modules - readOnly: true - - pathPrefix: /etc - readOnly: true - - pathPrefix: /var/cache - readOnly: false - - pathPrefix: /sys/fs/cgroup - readOnly: true - fsGroup: - rule: RunAsAny - hostNetwork: true - hostPorts: - - max: 65535 - min: 0 - hostPID: true - readOnlyRootFilesystem: false - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - volumes: - - "*" diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-serviceaccount.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-serviceaccount.yaml index 9d9736307..dbfd73dc1 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-serviceaccount.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/kernel-collector-serviceaccount.yaml @@ -8,5 +8,5 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/reducer-deployment.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/reducer-deployment.yaml index e450dc245..6274ebcca 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/reducer-deployment.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/reducer-deployment.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: replicas: 1 diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/reducer-service.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/reducer-service.yaml index b825616aa..e75e0012d 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/reducer-service.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/rendered/reducer-service.yaml @@ -8,7 +8,7 @@ metadata: helm.sh/chart: opentelemetry-ebpf-0.1.0 app.kubernetes.io/name: opentelemetry-ebpf app.kubernetes.io/instance: example - app.kubernetes.io/version: "0.10.0" + app.kubernetes.io/version: "v0.10.0" app.kubernetes.io/managed-by: Helm spec: type: ClusterIP @@ -16,7 +16,14 @@ spec: app.kubernetes.io/name: example-opentelemetry-ebpf-reducer app.kubernetes.io/instance: example ports: + + - name: stats + port: 7001 + targetPort: 7001 + protocol: TCP + appProtocol: http - name: telemetry port: 7000 - targetPort: telemetry + targetPort: 7000 protocol: TCP + appProtocol: http diff --git a/charts/opentelemetry-ebpf/examples/cloud-collector/values.yaml b/charts/opentelemetry-ebpf/examples/cloud-collector/values.yaml index f02009cbb..a16615a17 100644 --- a/charts/opentelemetry-ebpf/examples/cloud-collector/values.yaml +++ b/charts/opentelemetry-ebpf/examples/cloud-collector/values.yaml @@ -1,5 +1,5 @@ cloudCollector: enabled: true -otelCollector: +endpoint: address: example-opentelemetry-collector diff --git a/charts/opentelemetry-ebpf/templates/_helpers.tpl b/charts/opentelemetry-ebpf/templates/_helpers.tpl index 63aa19686..3ab3ecb9d 100644 --- a/charts/opentelemetry-ebpf/templates/_helpers.tpl +++ b/charts/opentelemetry-ebpf/templates/_helpers.tpl @@ -135,4 +135,34 @@ Fully qualified app name for the reducer deployment. {{- else -}} {{- printf "%s-%s-reducer" .Release.Name $name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{- end -}} + +{{/* Build the list of port for service */}} +{{- define "opentelemetry-collector-reducer.servicePortsConfig" -}} +{{- $ports := deepCopy .Values.reducer.service.ports }} +{{- range $key, $port := $ports }} +{{- if $port.enabled }} +- name: {{ $key }} + port: {{ $port.servicePort }} + targetPort: {{ $port.containerPort }} + protocol: {{ $port.protocol }} + {{- if $port.appProtocol }} + appProtocol: {{ $port.appProtocol }} + {{- end }} +{{- if $port.nodePort }} + nodePort: {{ $port.nodePort }} +{{- end }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Return the appropriate apiVersion for podDisruptionBudget. +*/}} +{{- define "podSecurityPolicy.apiVersion" -}} + {{- if and (.Capabilities.APIVersions.Has "policy/v1") (semverCompare ">= 1.21-0" .Capabilities.KubeVersion.Version) -}} + {{- print "policy/v1" -}} + {{- else -}} + {{- print "policy/v1beta1" -}} + {{- end -}} {{- end -}} \ No newline at end of file diff --git a/charts/opentelemetry-ebpf/templates/cloud-collector-deployment.yaml b/charts/opentelemetry-ebpf/templates/cloud-collector-deployment.yaml index 2dfff97df..513dea499 100644 --- a/charts/opentelemetry-ebpf/templates/cloud-collector-deployment.yaml +++ b/charts/opentelemetry-ebpf/templates/cloud-collector-deployment.yaml @@ -28,9 +28,13 @@ spec: {{- end }} {{- end }} containers: - - image: "{{ default .Values.images.repository .Values.cloudCollector.image.repository }}/{{ .Values.cloudCollector.image.name }}:{{ default .Values.images.tag .Values.cloudCollector.image.tag }}" - imagePullPolicy: {{ .Values.images.pullPolicy }} - name: cloud-collector + - name: cloud-collector + {{- if .Values.cloudCollector.image.tag }} + image: "{{ default .Values.image.registry .Values.cloudCollector.image.registry }}/{{ .Values.cloudCollector.image.name }}:{{ .Values.cloudCollector.image.tag }}" + {{- else }} + image: "{{ default .Values.image.registry .Values.cloudCollector.image.registry }}/{{ .Values.cloudCollector.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.image.pullPolicy }} {{- if hasKey .Values.cloudCollector "resources" }} resources: {{ toYaml .Values.cloudCollector.resources | indent 10 }} @@ -74,7 +78,7 @@ spec: - name: "EBPF_NET_INTAKE_HOST" value: {{ include "opentelemetry-collector-reducer.fullname" . }} - name: "EBPF_NET_INTAKE_PORT" - value: "{{ default 7000 .Values.reducer.telemetryPort }}" + value: "{{ default 7000 .Values.reducer.service.ports.telemetry.port }}" {{- if hasKey .Values "debug" }} {{- if (default false .Values.debug.storeMinidump) }} - name: "EBPF_NET_MINIDUMP_DIR" diff --git a/charts/opentelemetry-ebpf/templates/k8s-collector-deployment.yaml b/charts/opentelemetry-ebpf/templates/k8s-collector-deployment.yaml index 253c1a0a5..85179c320 100644 --- a/charts/opentelemetry-ebpf/templates/k8s-collector-deployment.yaml +++ b/charts/opentelemetry-ebpf/templates/k8s-collector-deployment.yaml @@ -37,9 +37,13 @@ spec: {{- end }} {{- end }} containers: - - image: "{{ default .Values.images.repository .Values.k8sCollector.watcher.image.repository }}/{{ .Values.k8sCollector.watcher.image.name }}:{{ default .Values.images.tag .Values.k8sCollector.watcher.image.tag }}" - imagePullPolicy: {{ .Values.images.pullPolicy }} - name: k8s-watcher + - name: k8s-watcher + {{- if .Values.k8sCollector.watcher.image.tag }} + image: "{{ default .Values.image.registry .Values.k8sCollector.watcher.image.repository }}/{{ .Values.k8sCollector.watcher.image.name }}:{{ .Values.k8sCollector.watcher.image.tag }}" + {{- else }} + image: "{{ default .Values.image.registry .Values.k8sCollector.watcher.image.repository }}/{{ .Values.k8sCollector.watcher.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.image.pullPolicy }} {{- if hasKey .Values.k8sCollector.watcher "resources" }} resources: {{ toYaml .Values.k8sCollector.watcher.resources | indent 10 }} @@ -52,9 +56,14 @@ spec: # k8s-relay, which is a service that the k8s-watcher talks to. # Currently not configurable, has to be reachable on localhost:8172, so must # share a pod with the k8s-watcher above. - - image: "{{ default .Values.images.repository .Values.k8sCollector.relay.image.repository }}/{{ .Values.k8sCollector.relay.image.name }}:{{ default .Values.images.tag .Values.k8sCollector.relay.image.tag }}" - imagePullPolicy: {{ .Values.images.pullPolicy }} - name: k8s-relay + - name: k8s-relay + {{- if .Values.k8sCollector.relay.image.tag }} + image: "{{ default .Values.image.registry .Values.k8sCollector.relay.image.registry }}/{{ .Values.k8sCollector.relay.image.name }}:{{ .Values.k8sCollector.relay.image.tag }}" + {{- else }} + image: "{{ default .Values.image.registry .Values.k8sCollector.relay.image.registry }}/{{ .Values.k8sCollector.relay.image.name }}:{{ default .Chart.AppVersion .Values.k8sCollector.relay.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if hasKey .Values.k8sCollector.relay "resources" }} resources: {{ toYaml .Values.k8sCollector.relay.resources | indent 10 }} @@ -99,7 +108,7 @@ spec: - name: "EBPF_NET_INTAKE_HOST" value: {{ include "opentelemetry-collector-reducer.fullname" . }} - name: "EBPF_NET_INTAKE_PORT" - value: "{{ default 7000 .Values.reducer.telemetryPort }}" + value: "{{ default 7000 .Values.reducer.service.ports.telemetry.port }}" {{- if hasKey .Values "debug" }} {{- if (default false .Values.debug.storeMinidump) }} - name: "EBPF_NET_MINIDUMP_DIR" @@ -108,9 +117,9 @@ spec: {{- end }} {{- if and .Values.debug.enabled .Values.debug.sendUnplannedExitMetric }} - name: "EBPF_NET_CRASH_METRIC_HOST" - value: {{ .Values.otelCollector.address }} + value: {{ .Values.endpoint.address }} - name: "EBPF_NET_CRASH_METRIC_PORT" - value: {{ .Values.otelCollector.port | default 4317 }} + value: {{ .Values.endpoint.port | default 4317 }} {{- end }} {{- if .Values.k8sCollector.relay.env }} {{ toYaml .Values.k8sCollector.relay.env | indent 10 }} diff --git a/charts/opentelemetry-ebpf/templates/kernel-collector-daemonset.yaml b/charts/opentelemetry-ebpf/templates/kernel-collector-daemonset.yaml index 32ea0e2ab..5302c078d 100644 --- a/charts/opentelemetry-ebpf/templates/kernel-collector-daemonset.yaml +++ b/charts/opentelemetry-ebpf/templates/kernel-collector-daemonset.yaml @@ -17,7 +17,6 @@ spec: template: metadata: annotations: - release_number: "3" charts.flowmill.com/version: {{ .Chart.Version }} labels: app.kubernetes.io/name: {{ include "opentelemetry-collector-kernel-collector.fullname" . }} @@ -31,8 +30,12 @@ spec: {{- end }} containers: - name: kernel-collector - image: "{{ default .Values.images.repository .Values.kernelCollector.image.repository }}/{{ .Values.kernelCollector.image.name }}:{{ default .Values.images.tag .Values.kernelCollector.image.tag }}" - imagePullPolicy: {{ .Values.images.pullPolicy }} + {{- if .Values.kernelCollector.image.tag }} + image: "{{ default .Values.image.registry .Values.kernelCollector.image.registry }}/{{ .Values.kernelCollector.image.name }}:{{ .Values.kernelCollector.image.tag }}" + {{- else }} + image: "{{ default .Values.image.registry .Values.kernelCollector.image.registry }}/{{ .Values.kernelCollector.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.image.pullPolicy }} args: - --config-file=/etc/network-explorer/config.yaml {{- if .Values.kernelCollector.bpfDumpFile }} @@ -93,7 +96,7 @@ spec: - name: "EBPF_NET_INTAKE_HOST" value: {{ include "opentelemetry-collector-reducer.fullname" . }} - name: "EBPF_NET_INTAKE_PORT" - value: "{{ default 7000 .Values.reducer.telemetryPort }}" + value: "{{ default 7000 .Values.reducer.service.ports.telemetry.port }}" {{- if .Values.kernelCollector.exportBpfSrcFile }} - name: "EBPF_NET_EXPORT_BPF_SRC_FILE" value: {{ quote .Values.kernelCollector.exportBpfSrcFile }} @@ -108,9 +111,9 @@ spec: {{- end }} {{- if and .Values.debug.enabled .Values.debug.sendUnplannedExitMetric }} - name: "EBPF_NET_CRASH_METRIC_HOST" - value: {{ .Values.otelCollector.address }} + value: {{ .Values.endpoint.address }} - name: "EBPF_NET_CRASH_METRIC_PORT" - value: {{ .Values.otelCollector.port | default 4317 }} + value: {{ .Values.endpoint.port | default 4317 }} {{- end }} {{- if .Values.kernelCollector.env }} {{ toYaml .Values.kernelCollector.env | indent 12 }} diff --git a/charts/opentelemetry-ebpf/templates/kernel-collector-podsecuritypolicy.yaml b/charts/opentelemetry-ebpf/templates/kernel-collector-podsecuritypolicy.yaml deleted file mode 100644 index c73112dbc..000000000 --- a/charts/opentelemetry-ebpf/templates/kernel-collector-podsecuritypolicy.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{- if .Values.podSecurityPolicy.enabled }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ include "opentelemetry-collector-kernel-collector.fullname" . }} - labels: - {{- include "opentelemetry-ebpf.labels" . | nindent 4 }} -spec: - privileged: true - allowPrivilegeEscalation: true - allowedHostPaths: - - pathPrefix: /usr/src - readOnly: true - - pathPrefix: /lib/modules - readOnly: true - - pathPrefix: /etc - readOnly: true - - pathPrefix: /var/cache - readOnly: false - - pathPrefix: /sys/fs/cgroup - readOnly: true - fsGroup: - rule: RunAsAny - hostNetwork: true - hostPorts: - - max: 65535 - min: 0 - hostPID: true - readOnlyRootFilesystem: false - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - volumes: - - "*" -{{- end }} diff --git a/charts/opentelemetry-ebpf/templates/reducer-deployment.yaml b/charts/opentelemetry-ebpf/templates/reducer-deployment.yaml index 6bc589cf4..61f8b31bd 100644 --- a/charts/opentelemetry-ebpf/templates/reducer-deployment.yaml +++ b/charts/opentelemetry-ebpf/templates/reducer-deployment.yaml @@ -26,10 +26,14 @@ spec: {{- end }} containers: - name: reducer - image: "{{ default .Values.images.repository .Values.reducer.image.repository }}/{{ .Values.reducer.image.name }}:{{ default .Values.images.tag .Values.reducer.image.tag }}" - imagePullPolicy: {{ .Values.images.pullPolicy }} + {{- if .Values.reducer.image.tag }} + image: "{{ default .Values.image.registry .Values.reducer.image.registry }}/{{ .Values.reducer.image.name }}:{{ .Values.reducer.image.tag }}" + {{- else }} + image: "{{ default .Values.image.registry .Values.reducer.image.registry }}/{{ .Values.reducer.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}" + {{- end }} + imagePullPolicy: {{ .Values.image.pullPolicy }} args: - - --port={{- .Values.reducer.telemetryPort }} + - --port={{- .Values.reducer.service.ports.telemetry.containerPort }} - --log-console - --no-log-file {{- if hasKey .Values.log "level" }} @@ -38,8 +42,8 @@ spec: - --enable-aws-enrichment - --disable-prometheus-metrics - --enable-otlp-grpc-metrics - - --otlp-grpc-metrics-host={{ .Values.otelCollector.address }} - - --otlp-grpc-metrics-port={{ .Values.otelCollector.port | default 4317 }} + - --otlp-grpc-metrics-host={{ .Values.endpoint.address }} + - --otlp-grpc-metrics-port={{ .Values.endpoint.port | default 4317 }} {{- if .Values.reducer.disableMetrics }} - --disable-metrics={{join "," .Values.reducer.disableMetrics}} {{- end }} @@ -66,18 +70,18 @@ spec: {{- end }} {{- if .Values.debug.sendUnplannedExitMetric }} - name: "EBPF_NET_CRASH_METRIC_HOST" - value: {{ .Values.otelCollector.address }} + value: {{ .Values.endpoint.address }} - name: "EBPF_NET_CRASH_METRIC_PORT" - value: {{ .Values.otelCollector.port | default 4317 }} + value: {{ .Values.endpoint.port | default 4317 }} {{- end }} {{- end }} ports: - name: telemetry - containerPort: {{ .Values.reducer.telemetryPort }} + containerPort: {{ .Values.reducer.service.ports.telemetry.containerPort }} protocol: TCP {{- if not .Values.reducer.disableInternalMetrics }} - name: stats - containerPort: {{ .Values.reducer.statsPromPort }} + containerPort: {{ .Values.reducer.service.ports.stats.containerPort }} protocol: TCP {{- end }} {{- if .Values.debug.enabled }} @@ -93,7 +97,7 @@ spec: periodSeconds: 20 timeoutSeconds: 5 exec: - command: ['/srv/health_check.sh', 'readiness_probe', 'localhost', {{ quote .Values.reducer.telemetryPort }}] + command: ['/srv/health_check.sh', 'readiness_probe', 'localhost', {{ quote .Values.reducer.service.ports.telemetry.containerPort }}] {{- if .Values.resources }} resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/charts/opentelemetry-ebpf/templates/reducer-service.yaml b/charts/opentelemetry-ebpf/templates/reducer-service.yaml index 0f7028e10..3166dd330 100644 --- a/charts/opentelemetry-ebpf/templates/reducer-service.yaml +++ b/charts/opentelemetry-ebpf/templates/reducer-service.yaml @@ -5,18 +5,12 @@ metadata: labels: {{- include "opentelemetry-ebpf.labels" . | nindent 4 }} spec: - type: ClusterIP + type: {{ .Values.reducer.service.type }} selector: app.kubernetes.io/name: {{ include "opentelemetry-collector-reducer.fullname" . }} app.kubernetes.io/instance: {{ .Release.Name }} + {{- $ports := include "opentelemetry-collector-reducer.servicePortsConfig" . }} + {{- if $ports }} ports: - - name: telemetry - port: {{ .Values.reducer.telemetryPort }} - targetPort: telemetry - protocol: TCP - {{- if not .Values.reducer.disableInternalMetrics }} - - name: stats - port: {{ .Values.reducer.statsPromPort }} - targetPort: stats - protocol: TCP - {{- end }} + {{- $ports | nindent 4}} + {{- end }} diff --git a/charts/opentelemetry-ebpf/values.schema.json b/charts/opentelemetry-ebpf/values.schema.json index 0eae4b477..436c85c0e 100644 --- a/charts/opentelemetry-ebpf/values.schema.json +++ b/charts/opentelemetry-ebpf/values.schema.json @@ -19,7 +19,7 @@ "description": "Cluster Name", "type": "string" }, - "otelCollector": { + "endpoint": { "type": "object", "additionalProperties": false, "required": [ @@ -70,7 +70,7 @@ } } }, - "images": { + "image": { "description": "images", "type": "object", "additionalProperties": false, @@ -78,7 +78,7 @@ "tag": { "type": "string" }, - "repository": { + "registry": { "type": "string" }, "pullPolicy": { @@ -155,19 +155,6 @@ "type": "boolean" } } - }, - "podSecurityPolicy": { - "type": "object", - "additionalProperties": false, - "properties": { - "enabled": { - "type": "boolean" - }, - "annotations": { - "type": "object", - "additionalProperties": true - } - } } }, "required": [ diff --git a/charts/opentelemetry-ebpf/values.yaml b/charts/opentelemetry-ebpf/values.yaml index 6d02e918d..8b6c0ae49 100644 --- a/charts/opentelemetry-ebpf/values.yaml +++ b/charts/opentelemetry-ebpf/values.yaml @@ -4,19 +4,18 @@ nameOverride: "" fullnameOverride: "" - clusterName: "" -images: - tag: "v0.10.0" - repository: otel +image: + tag: "" + registry: otel pullPolicy: IfNotPresent imagePullSecrets: [] resources: {} -otelCollector: +endpoint: address: "" port: "" @@ -36,7 +35,7 @@ kernelCollector: create: true name: "" image: - repository: "" + registry: "" tag: "" name: opentelemetry-ebpf-kernel-collector @@ -64,15 +63,14 @@ kernelCollector: cloudCollector: enabled: false image: - repository: "" + registry: "" tag: "" name: opentelemetry-ebpf-cloud-collector serviceAccount: create: true name: "" - annotations: - {} + annotations: {} ## eks.amazonaws.com/role-arn: "role-arn-name" tolerations: [] @@ -85,12 +83,12 @@ k8sCollector: name: "" relay: image: - repository: "" + registry: "" tag: "" name: opentelemetry-ebpf-k8s-relay watcher: image: - repository: "" + registry: "" tag: "" name: opentelemetry-ebpf-k8s-watcher @@ -99,7 +97,7 @@ k8sCollector: reducer: image: - repository: "" + registry: "" tag: "" name: opentelemetry-ebpf-reducer extraArgs: {} @@ -107,8 +105,7 @@ reducer: matchingShards: 1 aggregationShards: 1 disableInternalMetrics: true - disableMetrics: - [] + disableMetrics: [] ### to disable an entire metric category: ### # - tcp.all # - udp.all @@ -179,8 +176,7 @@ reducer: # - ebpf_net.rpc_queue_buf_utilization ### to enable all metrics (including metrics turned off by default): ### # - none - enableMetrics: - [] + enableMetrics: [] ### Disable metrics flag is evaluated first and only then enable metric flag is evaluated. ### ### to enable an entire metric category: ### # - tcp.all @@ -251,25 +247,28 @@ reducer: # - ebpf_net.codetiming_sum_ns # - ebpf_net.otlp_grpc.failed_requests # - ebpf_net.rpc_queue_buf_utilization - telemetryPort: 7000 - statsPromPort: 7001 + resources: {} nodeSelector: {} tolerations: [] affinity: {} + service: + type: ClusterIP + ports: + telemetry: + enabled: true + servicePort: 7000 + containerPort: 7000 + targetPort: 7000 + protocol: TCP + appProtocol: http + stats: + enabled: true + servicePort: 7001 + containerPort: 7001 + targetPort: 7001 + protocol: TCP + appProtocol: http rbac: create: true - -podSecurityPolicy: - enabled: true - annotations: - {} - ## Specify pod annotations - ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor - ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp - ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#sysctl - ## - # seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*' - # seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' - # apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'